Coinbase MainnetSettler Approval Issue Hold Token Theft 1

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Coinbase Building/Logo

Coinbase, a major cryptocurrency platform known for its security and broad user base, had a vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract allowed an attacker to execute a malicious transferFrom call, stealing over 308 million Hold tokens—valued at approximately $66,000. The exploit was identified and reported by TenArmor, who advised users to revoke approvals to the contract. As of now, Coinbase has not publicly acknowledged the incident, and it remains uncertain whether the affected user will recover the lost funds or if Coinbase will provide compensation.[1][2][3][4][5][6]

About Coinbase

Coinbase is a secure and user-friendly platform that facilitates the buying, selling, and storage of cryptocurrencies like Bitcoin and Ethereum. Designed to serve both beginners and experienced investors, it has become one of the most widely used cryptocurrency exchanges in the United States.

Since its founding in 2012, Coinbase has grown into a leading platform in the crypto space. It supports a wide range of services, including basic crypto investing, advanced trading tools, institutional custodial accounts, and a standalone wallet for individual users. It also launched its own U.S. dollar-backed stablecoin to enhance crypto transactions.

Trusted by approximately 73 million verified users, 10,000 institutions, and 185,000 partners across more than 100 countries, Coinbase plays a key role in the global crypto ecosystem. Fully regulated and licensed (except in Hawaii), Coinbase began with Bitcoin trading but has since expanded to support a variety of cryptocurrencies that meet its decentralized standards.

About MainnetSettler Contract

The MainnetSettler smart contract is a smart contract on the Ethereum blockchain. The name indicates that it's called "Settler V1.6". This smart contract appears to interact and handle main ethereum chain events.

The Reality

Unfortunately, the Mainnet Settler smart contract was launched with mistaken approvals being set, which allowed funds to be accessed and removed.

What Happened

A vulnerability in the Mainnet Settler smart contract allowed an attacker to steal over 308 million Hold tokens (worth $66,000).

Key Event Timeline - Coinbase MainnetSettler Approval Issue Hold Token Theft 1
Date Event Description
November 20th, 2024 11:34:47 AM MST Attack Transaction Occurs The attack transaction is recorded on the Ethereum blockchain.
November 20th, 2024 7:00:00 PM MST TenArmor Tweet Posted TenArmor posts a tweet about the MainnetSettler contract being compromised.

Technical Details

"It seems that the victim 0xa31d had an approval for #Hold token to the #MainnetSettler contract, which allowed arbitrary calls to be executed by anyone. As a result, the attacker managed to gain 308,453,642 #Hold tokens as profit by executing a transferFrom call."

MainnetSettler Contract: 0x70bf6634eE8Cb27D04478f184b9b8BB13E5f4710

Total Amount Lost

TenArmor reports that the total amount lost due to this smart contract was $66k USD, which is based on a reported 308,453,642 Hold tokens.

The total amount lost has been estimated at $66,000 USD.

Immediate Reactions

So far, the only third party to officially recognize this exploit appears to have been TenArmor, who recommended revoking all approvals on the MainnetSettler contract. There is no indication that Coinbase has publicly recognized the exploit. There may be private communication that is not known.

Ultimate Outcome

There is limited publicly available information. The outcome of any recovery is unknown and it is also unclear how aware Coinbase is of the situation.

Total Amount Recovered

It is unclear if Coinbase will cover the loss for the affected wallet. It may be challenging and not economical to obtain any recovery of the funds from the exploiter.

There do not appear to have been any funds recovered in this case.

Ongoing Developments

The ultimate outcome and any information which will be made available is unknown at this point.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. TenArmor - "Our system has detected a suspicious attack involving #MainnetSettler on #ETH, resulting in an approximately loss of $66K." - Twitter/X (Accessed Aug 15, 2025)
  2. MainnetSettler Hold Withdrawal Transaction - Etherscan (Accessed Aug 15, 2025)
  3. Coinbase Homepage (Accessed Jun 20, 2025)
  4. Mainnet Settler Smart Contract - Etherscan (Accessed Aug 15, 2025)
  5. Dev Engine Oz - "Some extremely abnormal behaviour going on with $saito erc20 purchases on #uniswap currently. Some big clips coming in and immediately transferring the tokens to another wallet. Could this be an exchange wallet?" - Twitter/X (Accessed Aug 15, 2025)
  6. Agent Argus - "Recent Transaction Amount: 33 $USDC Chain: ETHEREUM" - Twitter/X (Accessed Aug 15, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Coinbase_MainnetSettler_Approval_Issue_Hold_Token_Theft_1&oldid=6879"