QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$300 000 USD
AUGUST 2025
UNITED STATES
COINBASE
DESCRIPTION OF EVENTS
Coinbase is a secure and user-friendly platform that facilitates the buying, selling, and storage of cryptocurrencies like Bitcoin and Ethereum. Designed to serve both beginners and experienced investors, it has become one of the most widely used cryptocurrency exchanges in the United States.
Since its founding in 2012, Coinbase has grown into a leading platform in the crypto space. It supports a wide range of services, including basic crypto investing, advanced trading tools, institutional custodial accounts, and a standalone wallet for individual users. It also launched its own U.S. dollar-backed stablecoin to enhance crypto transactions.
Trusted by approximately 73 million verified users, 10,000 institutions, and 185,000 partners across more than 100 countries, Coinbase plays a key role in the global crypto ecosystem. Fully regulated and licensed (except in Hawaii), Coinbase began with Bitcoin trading but has since expanded to support a variety of cryptocurrencies that meet its decentralized standards.
Unfortunately, the Mainnet Settler smart contract was launched with mistaken approvals being set, which allowed funds to be accessed and removed.
The issue was reportedly possible "due to mistaken approvals to the #MainnetSettler contract."
This is likely a repeat of the November issue where a victim "had an approval for #Hold token to the #MainnetSettler contract, which allowed arbitrary calls to be executed by anyone. As a result, the attacker managed to gain ... #Hold tokens as profit by executing a transferFrom call."
MainnetSettler Contract: 0x70bf6634eE8Cb27D04478f184b9b8BB13E5f4710
Losses were reported as a total of $300k. It appears that there were 308,453,642.481581939556432141 Hold tokens taken, which have a reported value of $290,535.57 USD. The loss total has been set to $291k USD.
So far, the only third party to officially recognize this exploit appears to have been TenArmor. There is no indication that Coinbase has publicly recognized the exploit. There may be private communication that is not known.
There is limited publicly available information. The outcome of any recovery is unknown and it is also unclear how aware Coinbase is of the situation.
It is unclear if Coinbase will cover the loss for the affected wallet. It appears that most of the losses were caused by MEV bots, which would suggest that the prospects for recovery are very good for the exchange.
The ultimate outcome and any information which will be made available is unknown at this point.
Coinbase, a major cryptocurrency platform known for its security and broad user base, had a second repeat of a previous vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract allowed an attacker to execute a malicious transferFrom call, stealing Hold tokens valued at over $291,000. The exploit was identified and reported by TenArmor, who advised users to revoke approvals to the contract. As of now, Coinbase has not publicly acknowledged the incident, and it remains uncertain whether the affected user will recover the lost funds or if Coinbase will provide compensation.
TenArmor - "It appears that @coinbase #Coinbase: Fees on #ETH was attacked (mostly by bots), resulting in approximately a loss of $300k due to mistaken approvals to the #MainnetSettler contract." - Twitter/X (Aug 15)
MainnetSettler Token Transactions - Etherscan (Aug 15)
Coinbase Homepage (Jun 20)
Mainnet Settler Smart Contract - Etherscan (Aug 15)
Dev Engine Oz - "Some extremely abnormal behaviour going on with $saito erc20 purchases on #uniswap currently. Some big clips coming in and immediately transferring the tokens to another wallet. Could this be an exchange wallet?" - Twitter/X (Aug 15)
Agent Argus - "Recent Transaction Amount: 33 $USDC Chain: ETHEREUM" - Twitter/X (Aug 15)
