Transit Swap
Basics
History
Audits & Exploits
- Bug bounty program can be found [insert here].
Bugs/Exploits
"Transit Swap has lost $21M to a vulnerability which allowed an unknown attacker to drain the wallets of users who had approved the protocol's swap contracts. But unfortunately for the hacker, over $1M was lost in transit… not all MEV bots are down 0xbad this week.
The team paused the affected contracts before announcing the incident on Twitter.
Then came an update that via “the joint efforts of the @SlowMist_Team, the @Bitrace_Team, the @peckshield security team,” key info about the hacker, including their “IP, email address, and associated on-chain addresses” had been uncovered.
As the attacker’s anonymity began to slip away, it seems they had second thoughts. So far, over 70% of the funds have been returned. Finding a vulnerability in an unverified contract; diligent decompiler, or someone acting on insider info?"
