A crypto user accidentally swapped $50m for $37,000. Here’s where the money ended up

It’s the stuff of nightmares.

Last week, the crypto industry looked on in horror as an unknown trader on the Ethereum blockchain immolated some $50 million by agreeing to an extremely lopsided swap, routed through permissionless decentralised finance apps.

Despite on-screen warnings, the trader agreed to convert around $50 million worth of Tether’s USDT stablecoin for 327 Aave tokens, worth just $37,000.

“Before confirming the transaction, the user was shown a clear warning on Aave’s interface indicating that the trade carried an extraordinary price impact,” Nikita Ovchinnik, CEO of Barter, a solver on decentralised exchange CoW Swap, told DL News.

“The interface required an additional confirmation step, including a checkbox acknowledging the risk, before the order was approved on a mobile device.”

Post mortems from Aave and CoW Swap, the DeFi apps the trader used, have helped shed light on the gory details.

The issue was that the trade used a liquidity pool on decentralised exchange Sushiswap that contained less than $100,000 of assets to fulfil the $50 million swap.

Many experts have since suggested additional safeguards to prevent the apps from serving up highly imbalanced trades in the future.

The question now asked by onlookers is not just how the money was lost, but where it went.

Following the money

The biggest winner of the incident was Titan, a so-called block builder on Ethereum, who profited at least $35 million, according to an onchain analysis conducted by DL News.

After the lopsided swap was executed, the liquidity pool that facilitated it became severely imbalanced. The first person to swap Aave tokens for Ether in the pool stood to receive an extremely good price on them, around 1,000 times higher than the current market rate.

Arbitrage bots rushed to take advantage of that opportunity, along with others made available by the lopsided swap.

That’s where Titan came in.

When Ethereum users want to transact on the blockchain they send transactions to the mempool — a waiting room for transactions before they’re added to the blockchain.

Block builders like Titan take those mempool transactions and fit them into blocks. Users can pay block builders tips to get their transactions included before others.

Those arbitrage bots offered to split the money they stood to make from rebalancing the liquidity pool with Titan to ensure they were the ones given first priority to do so.

The result? Titan walked away with some $35 million in tips, while the bots themselves profited around $13 million in total.

Approximately $1.2 million of those tips were split with Lido, the liquid staking protocol, as one of its validators was responsible for proposing the block that titan built.

To be sure, there was no hack or exploit. Just permissionless code working as intended, and various parties acting within the confines set by it.

Big fees

While Titan and the arbitrage bots profited the most from the $50 million blunder, they weren’t the only ones to make money.

Aave, whose website interface the trader used to submit swap, also took a cut. According to the protocol’s post mortem published on March 14, it received just over $110,000, based on a 0.25% fee the Aave website interface charges users.

Aave Labs has since offered to return the fees it collected. The trader has yet to take the company up on the offer, however.

While the trade was submitted through Aave’s website, the protocol itself didn’t execute it. That was outsourced to CoW Swap.

CoW Swap works by offering submitted trades to solvers, complex algorithms that compete to fulfil swaps at the best possible prices. If a solver can fulfil a swap at a better price than the trader agreed to, that surplus is split between the trader, the solver, and the CoW Swap protocol.

The CoW Swap solver who fulfilled the lopsided trade generated a surplus of around four Aave tokens, worth $452. The solver also earned a fee of around $340, according to Barter.

Lastly, the liquidity pools the CoW Swap solver used to fulfil the trade also took fees.

The trade consisted of two legs, the first, which converted USDT to Ether, was handled by Uniswap. The second, which converted Ether for Aave tokens at the extremely unfavourable rate, was handled by Sushiswap.

Who is to blame?

The conversation surrounding the incident now centres on who is ultimately to blame, and how such an unfortunate episode could be prevented in the future.

In its post mortem, Aave said it is implementing a new feature called Aave Shield, which automatically blocks any swap with a price impact greater than 25% by default.

CoW Swap said in its post mortem that it is investigating solver execution failures and a potential mempool leak, and plans to publish its findings in future updates.

“The user owns none of this failure,” Ehsan, a Canadian blockchain researcher, said in the aftermath of the incident.

“Aave’s CoW adapter integration created the illusion of a safer swap than the one that was actually signed. Then CoW’s solver/liquidity-selection stack took that weak order and executed it through a pool that should never have been touched for a trade this size.”

Ehsan isn’t the only one to argue that the trader isn’t responsible for the blunder.

“If an interface knows it is handling an extraordinary order, showing a warning checkbox is not enough,” Ovchinnik said.

“It should actively guide the user toward suitable execution methods.”

Tim Craig is DL News’ Edinburgh-based DeFi Correspondent. Reach out with tips at [email protected].