Security Concerns Arise in Decentralised Exchanges and MEV Ecosystem Following Exploits
PeckShield, a blockchain security analytics firm, has expressed concerns about the safety of decentralised exchanges (DEXs) in the wake of an incident involving sandwich-focused MEV bots on the Ethereum network. The incident involved bundles intended to carry out reverse swaps and generate profits but was discovered to be faulty, resulting in the backrun transactions being undone. As a result, there are lingering questions about the party responsible for the exploit.
MEV exploits spark security debate
Analysis indicates that transactions involving bots could replace victim transactions that had already executed the reverse swap to generate profits. This development has reportedly prompted concerns about the potential dangers of utilising MEV bots on DEXs and emphasised the necessity for more robust security measures to prevent similar occurrences.
Upon conducting an additional examination of the recent breach, it has come to light that the majority of the embezzled funds are situated in three specific addresses: 0x3c98…8eb (totalling $20 million), 0x5b04…5b6 (amounting to $2.3 million), and 0x27bf…f69 (equating to approximately $3 million). Notably, Kucoin, a centralised crypto exchange, had initially funded eight addresses implicated in the breach.
Rogue validator suspected in $25M smart contract exploit
As per Punk #3155, a Smart Contract developer and active Twitter user, an exploit in the system caused a loss of approximately $25 million. This has led to suspicions of a rogue validator’s involvement, mainly as Aztec funded the proposer of the exploit. The developer believes that this incident could mark a significant turning point for the MEV ecosystem, suggesting it was a well-planned attack.
Upon further analysis of the exploit, it has been discovered that the person responsible for it became a validator just 18 days before and prepared the tokens 16 days prior. The developer has emphasised that a comprehensive investigation is required to assess the full impact of the incident.