Critical Vulnerability in a New AirSwap Smart Contract (Updated Oct. 3)

AirSwap Team
Sep 13, 2019 · 6 min read

Our team discovered a critical vulnerability in a new AirSwap smart contract. Read on to understand the steps we’ve taken to prevent the vulnerability from being exploited, and to determine whether you need to take immediate action.

Updated Oct. 3 with technical details below.

On September 12th, our internal security review processes identified a potential exploit in a newly released mainnet AirSwap smart contract. The vulnerability would allow an attacker, under certain conditions, to perform a swap without requiring a signature from a counterparty. The affected code was present in the AirSwap system for under 24 hours, and only affects some users of AirSwap Instant between midday September 11th and early morning of September 12th. We initially identified 20 vulnerable addresses matching this pattern and quickly reduced it to 10 accounts. As of October 3, there are only 5 accounts that remain affected.

When the issue was detected, the team immediately rolled back AirSwap Instant to use the original smart contracts. Both the AirSwap Instant and Trader products are no longer affected by the vulnerability.

The following accounts used the exploitable functionality during the vulnerable time period:


If your account is not listed, no action is required. If your address is listed, immediately visit to revoke authorizations for the vulnerable contract. Any new tokens deposited in the at-risk accounts above remain vulnerable to the exploit, and are not guaranteed safe, until authorizations are revoked.


The following actions were taken by the AirSwap team immediately after discovering the vulnerability:

  1. High-value user contacts: Immediately after discovering the vulnerability, the AirSwap team began to enumerate and identify all affected users who had used the vulnerable contract. One user was particularly vulnerable, with the vast majority (95%+) of affected funds. We were able to contact this user, who has provided product feedback in the past, via internal communication channels. This user’s funds were de-risked without alerting the user or other network actors to a potential vulnerability.

Conclusion and what’s next

Smart contracts remain an exciting and new arena of software development, and require continued diligence and analysis to ensure defense against sophisticated and constantly-evolving attackers. We remain committed to a continuous security and monitoring process designed to identify vulnerabilities before they are openly discovered. We would like to deeply apologize to our affected users for any inconvenience these vulnerabilities may have caused, and hope that the important lessons we continue to learn throughout these processes form the basis for a more open, secure, and efficient trading environment.

Updated Oct. 3: Technical Details

This update is to provide more technical detail on the vulnerability, having given at-risk accounts two weeks to take protective actions by revoking their authorizations.

Two important notes:

  • the new Swap contract only supports swapping ERC20 tokens, not Ether.

The specific mechanism is an “authorization” feature that enables one peer to delegate swapping ability to another peer. In some scenarios, if the maker on an order has delegated to a peer that sends a transaction, a signature is not required.

For convenience, the new AirSwap smart contract system includes a “wrapper” contract that automatically wraps and unwraps ether (ETH) to and from “wrapped ether” (WETH). To use this feature, the user authorizes the Wrapper contract to swap on its behalf.

The vulnerability is an example of a flaw in authentication flows, believed to be the most common type of security vulnerability in production smart contracts today. Our team performed an internal security assessment to define invariants, write tests with full statement and branch coverage, and consider every possible angle of attack or disruption. Even with this, it was not until after deployment that this vulnerability was discovered.

The Wrapper contract now both requires that the message sender is the order taker, and that the order has a signature, which is then verified by the Swap contract.

Normal trading scenario

Under normal circumstances, every order requires a signature. In this sequence, Alice and Bob would both authorize the Wrapper on the Swap contract. Bob would then request an order from Alice and execute it through the Wrapper. An order with Alice’s signature would be returned to Bob. Bob would then provide the order to the Wrapper to swap. The signature would be deemed valid and the swap would complete.

Compromised trading scenario

In the compromised scenario, Bob does not need to request an order from Alice. Instead, Bob creates an order with Alice as the maker but without a signature. When Bob provides the order to the Wrapper, the swap will complete, because Alice has also authorized the Wrapper.

Alice is the victim, and Bob is the attacker.

  1. Alice wants to use AirSwap Instant.

Due to the nature of the vulnerability Bob can monitor Alice’s wallet and drain funds at any time. This vulnerability is permanent until the Wrapper authorization is revoked. We implore any of the remaining at-risk accounts above to revoke your authorization.

Future updates

We are constantly monitoring the remaining accounts and will update this post with further details if they emerge. If you discover any potential issues going forward please reach us at


Rebuilding Finance for a Frictionless World

AirSwap Team

Written by

AirSwap is a peer-to-peer trading network built on Ethereum. Our mission is to empower people through global, frictionless trade.



Rebuilding Finance for a Frictionless World

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade