ChainSwap Exploit Post-Mortem

Razor Network
Razor Network
Published in
2 min readJul 11, 2021


Updated, 14th July 2021

ChainSwap, a cross-chain asset bridge & application hub for smart chains, was exploited at around 08:00 PM UTC on 10th July. ChainSwap allows projects to bridge between blockchains seamlessly; many projects using these services were affected by the exploit, including Razor Network. To eliminate all fear, uncertainty, and doubt, we have penned down what happened during the exploit, developments since, and plan ahead.

ChainSwap exploit details

At around 08:00 PM UTC on 10th July, an attacker was able to attack ChainSwap contracts and steal tokens of various projects, including Razor.

The attacker was able to steal 2.8M $RAZOR tokens, which were the total tokens locked in the ChainSwap vault on Ethereum. They managed to sell the tokens on various exchanges. While investigating the issue following details of the transactions made by the attacker were found:

Total $RAZOR stolen: 2,856,246 tokens

Tx1: 44,150 DAI

Ethereum Transaction Hash:


Tx2: 23,555 DAI

Ethereum Transaction Hash:


Tx3: 53,480 DAI

Ethereum Transaction Hash:


The attacker was able to sell all the stolen tokens before we pulled the liquidity, which resulted in a loss of 121,187 DAI.

Plan Ahead

  • After the analysis, we concluded that trading on the Ethereum chain is safe since all the stolen tokens have been sold already.
  • Chainswap has frozen $RAZOR tokens on BSC as a precautionary measure. Please note that $RAZOR on BSC cannot be swapped on Pancakeswap or transferred to other wallets.
  • We are working closely with the ChainSwap team to figure out a plan to recover $RAZOR from BSC. We appreciate your patience in this regard.

ChainSwap has reimbursed us $48,475 USDC. We have bought-back $RAZOR of entire amount and burnt the purchased token to reduce circulating supply in the interest of our community. Following are the transactions made by Razor Network:

Buy-back Transactions




Burn Transaction


Please note that this is an isolated incident, and $RAZOR tokens on the mainnet are not affected. We always use audited and secure smart contracts to avoid such issues. This attack happened due to a third-party vulnerability.

Utmost care is being taken in the development of the Razor Network oracle. We will plan to work with reputed security auditing firms to minimize the chance of such incidents.

We will keep our community updated about each development in the case, and it is assured that we will act in good faith.

Razor Network is thankful to the community for its continued support!