How we recover the stolen funds for TransitSwap (and BabySwap)

The detection of the attack to BabySwap

On 2022–10–01 14:47 (UTC), our internal system reported an attack transaction. Our further analysis showed that this is due to the controlled factories in the smart router contract. However, we did not disclose the details at that time since the project was still vulnerable. We contacted BabySwap through Twitter DM and TG but got no response.

The recovery of the private key of the bot

On 2022–10–01 16:10 (UTC), our tool successfully recovered the private key of this bot in around 20 minutes. For the recovered private key, we transferred the funds to a secure account (which is the typical process of our rescue). Otherwise, others who also recover the private key can take over the account, and the funds in the account will be at risk.

Transfer the funds out the bot

The challenge is that the funds are in the contract deployed by the bot instead of the bot EOA account itself. How to transfer the funds is a challenge.

Here comes another attack!

A couple of hours later, our system reported another attack on the TransSwap. There are a couple of attack transactions from different addresses, and one transaction was front-run by this bot again! However, since the contract deployed by the bot is a different one, the function to transfer the funds out is different.

Return the funds

After internal deliberation, we decided to return the funds to attacked projects (instead of the bot) for the following reasons.

  • First, the funds are obtained by the bot through the attack on vulnerable contracts. Though the bot front-ran the attack transaction (instead of launching the attack in the first place), we still think the front-running transaction of an attack transaction is also an attack.
  • Second, the funds belong to the victims of the attack, i.e., the users of the affected DeFi protocols. Users suffered a lot due to the vulnerability in the DeFi protocol. They should receive the funds from the attackers.

Update of the rescue

We are still in the process of rescuing vulnerable addresses. The challenge is that you cannot tell whether an address is vulnerable before recovering its private key. Even though we have an optimized algorithm, due to the limitation of computing power, we still need more time to finish the whole rescue. We will release a detailed report later to deliberate the whole process and answer the following questions.

  • How many addresses are vulnerable?
  • What’s the impact of the vulnerability, i.e., how many assets are at risk due to the vulnerability?
  • What’s the whole situation of the attack of this vulnerability?



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



The BlockSec Team focuses on the security of the blockchain ecosystem and the research of crypto hack monitoring and blocking, smart contract auditing.