ChainSwap post-mortem and compensation plan


  • On July 2nd at 04:30 AM UTC ChainSwap got exploited.
  • Total damage is estimated to be around $800,000
  • Full compensation is almost completed. All affected users will be compensated from the ChainSwap treasury

On July 2nd at 04:30 AM UTC we noticed an anomaly on the bridge, some users reported that their coins were actively withdrawn from wallets that interacted with ChainSwap.

Upon discovery ChainSwap team immediately froze the bridge, shut down all nodes and a fix was deployed within 30 minutes. Local police authorities, Huobi & OkeX which the attacker interacted with to withdraw/deposit funds got immediately contacted. Team’s of affected projects got alerted.

Attacker’s wallet:

DEXT team reacted quickly and withdrew their liquidity preventing the attacker from selling his tokens.

With the help from local police and OKex the ChainSwap team managed to obtain the attacker’s email. Negotiations started.

Negotiations with the hacker

The ChainSwap team managed to negotiate back CORRA and RAI tokens.

Damage and compensation

Total damage from the hack is estimated to be around $800,000. For small amounts, the ChainSwap team bought back affected tokens from the market and refunded wallets accordingly. For the rest, we are working with project teams to set up compensation plans. Full compensation is almost completed. In addition to compensation, we will prepare bonuses for users who are affected and it will be carried out accordingly in the coming days.

All damage will be refunded in full from ChainSwap treasury.

We wanted to thank you for your continued support and patience.

  • ChainSwap v2 is launching in the upcoming months
  • The ChainSwap team will be hiring more auditing firms to perform audits
  • We stay strong ✨




The hub for smart chains

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Explained: How to buy EVDC on Pancakeswap through Binance.

Welcome to the Clubhouse…

HotFil : Your One-Stop Storage Power Trading Platform

Do we really want to “sell” ourselves?

Certified Cyber Security Professional™

How to stay digitally safe on the road

Looking to backup and restore your wallet? Here’s how (Windows OS)

The 2020 Data Breach: A Memorable Year

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


The hub for smart chains

More from Medium

Microsoft Acquires Activision Blizzard for $69 Billion: Here’s What That Means for Gaming

Coherence and connection

What’s the difference between prime cost and provisional sums in construction?

Construction contract

Using Localized Twitter Activity for Red Tide Impact Assessment in Florida