KyberSwap’s $47M Reentrancy Attack: A Deep Dive into the Exploit
Let’s take a closer look inside a $47M reentrancy attack on KyberSwap.
🇺🇦 Hacken stands with Ukraine!Learn more
The crypto industry is developing rapidly now due to the high utility potential of the blockchain technology and the opportunity to ensure transparency and fairness of financial market, politics, and business. The most obvious outcome of blockchain progress is the evolution of the traditional financial markets.
However, there are some barriers that can hinder this progress. Cryptocurrency market is still overcrowded with unfair players that are involved in various types of fraudulent activities. The most widespread one is wash trading, which is strictly prohibited on classical financial markets.
Undoubtedly, it is one of the main factors impeding the development of the crypto industry and global tokenization. This manipulation contributes to forming a negative image of the crypto industry.
Now, TOP crypto exchanges, which are the fundamental institutions within the industry, contribute to the negative image of the blockchain industry manipulating the trade volume via Wash Trade. Wash trade is a form of market manipulation in which an investor or institution simultaneously sells and buys the same financial instruments to create misleading, artificial activity in the market. While it can be carried out in different ways, wash trade typically means using large transactions/trading orders to reduce the risk of loss.
Nowadays, the crypto market is relatively confined that sometimes even a simple observation can spot large manipulations. You can learn it by the example of our previous research on BitForex Success Case . However, we decided to apply a more scientific approach this time to uncover fraud in a more organized and effective way.
For this study, we analyzed the Q2 2018 trade data of BTC/USDT pair for 7 exchanges of different sizes operating in different regions. The variety includes Binance, OKex, HuobiPro, HitBTC, Bittrex, Poloniex, and KuCoin.
Research Methodology: We are going to calculate total Volume Traded (VT) and a number of transactions (TxN) and the ratio between them. Then, we will find a median value for each exchange’s average transaction volume (ATV) and compare them to average transaction volume combined (ATVC). Eventually, we will analyze the trades which were defined as outliers. Particularly their rate in a total number of trades, contribution to the total trade volume and outliers threshold (the lowest value for each exchange’s outliers).
Key findings: After a precise analysis of the transactions volumes of seven TOP crypto exchanges, we spotted a handful of suspicious points suggesting that some of them are likely to be engaged in making trade volume manipulation. Particularly, HitBTC stands out by average transaction volume which is 2.29 times higher than average across all observed exchanges. OKex distinguished itself at two fronts including its outstanding average volume of normal and outlier transactions.
Eventually, 4 out of 7 observed exchanges OKex, Huobi, Bittrex, and KuCoin don’t provide historical data over their API, which probably done for concealing their trade manipulations. The main question is “Why?”
To detect wash trade manipulation, we focused our analysis on transaction volumes deviating upwards from average. At first, we calculated total Volume Traded (VT) and Number of Transactions (TxN) for the whole period for each exchange. The results are displayed in graph 1 and graph 2.
On this stage, we can see that those metrics are mostly positively correlated, but some exchanges deviate from this tendency. By comparing graphs 1 and 2, we can visually admit that OKex and HitBTC’s data have suspiciously uncommon relations.
To investigate this matter, we calculated the ratio between the VT and TxN represented on the Graph 3. This ratio turns to be mean transaction volume in BTC.
Graph 3 shows us that mean trade volume values for OKex and HitBTC are well above the average across all exchanges. It already looks suspicious, but it’s unreasonable to make injudicious conclusions based on such a rough measure as simple mean value, which could be easily deviated by less frequent but larger transaction volumes.
Therefore, we decided to find a median value for each exchange’s average transaction volume (ATV) and compare it to average transaction volume combined (ATVC) calculated for all exchanges in total.
Before doing that, we excluded outliers from all datasets to make the metrics even more stable.
*Outliers means trades that lie outside the overall pattern of all trades distribution and deviate the average value to the upside.
For outliers exclusion, we’ve used average value and inter-percentile range (more robust analog of standard deviation) for each exchange separately. Average value of each sample was calculated as a median value and inter-percentile range (IPR) as the difference between 90th and 10th percentile. Trades with a volume greater than the median by more than 3 IPR were considered as outliers.
After that, we computed each exchange’s ATV and compared it with cumulative ATVC. Both metrics were calculated as median values excluding outliers.
Received results showed us that even with outliers excluded, HitBTC and OKex average trades values are much higher (2.29 times and 1.72 times respectively) than all sample exchanges’ average.
And finally, we analyzed the trades which were defined as outliers. Particularly their rate in the total number of trades, contribution to the total trade volume and outliers threshold (the lowest value for each exchange’s Outliers).
The most conspicuous results we’ve got from outliers threshold calculation.
On graph 7, it’s clearly visible that outliers threshold value for OKex stands out pretty far from others. For instance, let’s compare OKex and Binance: both of them have commensurable rates of outliers in TxN (about 3% – see graph 5) and rates of outliers volume sum in VT (about 50% – see graph 6), but outliers’ threshold for OKex is 3.4 times higher than that of Binance. Final calculations of average (median) outliers volume (AOV) values show even larger divergence (see graph 8).
Through comparing OKex to Binance, we can observe that on both exchanges roughly a half of total trade volume is formed by about 97% of “normal” trades and another half – by 3% of outlier trades; however, for OKex, AVT of ‘’normal” trades is 1.74 times higher and AOV is more than 4 times higher than those for Binance. It means that the volume of a single outlier trade is much higher for OKex than for other exchanges.
Remembers what Wash Trade is and how is it conducted? It’s a manipulation in which a subject simultaneously sells and buys the same financial instruments to create artificial activity in the market and to reduce the risk of a loss, a trader uses large transactions/trading orders. In OKex case, large trading volume with a small number of transactions proves that the exchange makes Fake Trade Volumes by means of wash trading manipulations.
As a result of our research, we discovered a number of suspicious points arising reasonable questions regarding the integrity of certain crypto exchanges, namely OKex and HitBTC.
To be continued…
While gathering data for our research, we faced a significant problem — the impossibility to get the whole historical trade data for analysis. We detected that it’s a very common issue attributed to most of crypto exchanges.
In corresponding API request, exchanges either don’t provide an optional parameter (e.g. “since”, “fromID”, etc.) allowing to fetch the data referenced to some unique response attribute, like timestamp or transaction id. Although such a parameter is specified, it is often not functioning.
But what’s the matter? Is it an inability to build a fully-featured component that each trading platform should have? Or is it the intended unwillingness to share the data, which, if analyzed, can become evidence of market manipulation and ruin the reputation of an exchange?
In our opinion, either of the exchanges that don’t provide the opportunity to get their historical trade data can’t claim themselves professional institutions. Such a lack of transparency may be considered “normal” for some opaque crypto exchanges, such as Fcoin and BitForex, unwilling to show their dirty hands. Even some well-established and leading venues like Bittrex, Huobi, and OKex don’t share their historical trades, which makes their integrity and reliability questionable.
Moreover, despite OKex API trades request has an optional parameter “since” referenced to trade id and designed to fetch historical data, it always responds with only 60 recent trades even if the parameter is applied.
Don’t hesitate to contact us via firstname.lastname@example.org, if you have suggestions on how to make these reviews more interesting and effective.