Blockchain predator 0xbadc0de becomes prey, loses 1,100 ETH

Listen to this article.

A successful Maximal Extractable Value (MEV) bot, known as 0xbadc0de, fell victim to a 1,100-ETH hack yesterday in an entertaining display of on-chain karma.

MEV bots are smart contracts that observe pending blockchain transactions and aim to make a profit from the results.

For example, when a user swaps tokens via a decentralized exchange’s liquidity pools, the price of the tokens on the exchange is affected, potentially creating an arbitrage opportunity that may be spotted by a bot.

This is precisely what happened in the hours leading up to the theft, when an unlucky user attempted to swap $1.85 million worth of cUSDC to USDC through an illiquid pool, receiving just $500 in return. 0xbadc0de then exploited the imbalance, netting 800 ETH (~$1 million) via a complex automated arbitrage trade involving multiple DeFi platforms.

Another user, though, had their eyes on 0xbadc0de’s profits. An hour after the above example, all ETH was transferred out of the MEV bot contract to the attacker’s address.

According to MEV expert Bert Miller, 0xbadc0de’s code was not sufficiently protected against other contracts, and the attacker was able to approve their own address to transfer 0xbadc0de’s ETH tokens.

An on-chain message was then sent via transaction input data to the attacker from the bot’s operator’s requesting that the funds are returned and offering a 10% bounty.

Read more: Explained: Why hackers keep exploiting cross-blockchain bridges

MEV bots, also known as searchers, are a divisive feature of blockchain-based DeFi. While they act as automated arbitrageurs, balancing prices across decentralized exchanges, the fact that they profit from manipulating and front-running trades, often at significant expense to ordinary users, has led to a predatory reputation.

Given the trade they ply, 0xbadc0de’s demand for the return of funds seems rather rich, and many DeFi users have viewed the incident as a prime example of “what goes around, comes around.”

For more informed news, follow us on Twitter and Google News or listen to our investigative podcast Innovated: Blockchain City.