KyberSwap’s $47M Reentrancy Attack: A Deep Dive into the Exploit
Let’s take a closer look inside a $47M reentrancy attack on KyberSwap.
🇺🇦 Hacken stands with Ukraine!Learn more
The BigONE`s founders, whoever they may be, are positioning their exchange as the most universal and secure cryptocurrency trading platform in the world. In the first year of BigONE`s existence, hacks have not happened yet.
Let’s start from the beginning.
The big.one domain was registered on June 24, 2017. On January 23, 2018 (the first trading day after launching the platform), the average daily volume of BTC/USDT, ETH/USDT, and BCH/USDT, was less than 1 BTC (according to BigONE`s official chart). During the first 5 months, until June 20, the daily trade (BTC/USDT) volume did not once exceed 15 BTC. The next few days, BigONE showed an incredible 401 BTC trade volume on June 21, followed by 51,476 BTC on June 22 and 126,013 BTC on June 23, propelling this unknown Chinese crypto exchange to CMC`s Top-3 (by daily volume trade) as soon as June 26.
These factors and more prompted us to write this article, in which we investigate whether BigONE is really successful, or just another manipulative, inflation-prone cryptocurrency platform (or is it just an outright scam)? To understand the matter, let’s study the peculiarities of this exchange, using publicly available information.
Our primary hypothesis, in analyzing this exchange, is that “trade volume on BigONE is manipulated”. While digging deeper into the charts, volume patterns, and historical trade data, we found many interesting things like recurrent patterns of trade volume for different pairs, inconsistencies between volume spikes and price moves, bots dominating in the trading activity along with declining users traffic, significantly higher than that of peers’ average trade size and volume per user metrics.
To clarify, drawing on CMC data, BigOne’s daily trade volume (221.9М) is higher than Bittrex (94.5M) by 2.3 times, and Poloniex (48.5M) by 4.5 times. However, Bittrex’s UU (3,680K) is 16 times higher than that of BigOne’s (230.5K), and Poloniex’s UU (1,838.6K) is higher by 8 times. Also, BigOne, the TOP 15 exchange, has weaker Twitter activity than Bittrex and Poloniex, the TOP 28 and TOP 39 exchanges, as well as Hacken – TOP 500 blockchain company.
All of our findings serve as strong evidence of volume manipulation and suggest that our hypothesis will likely “fail to be rejected”.
There are 82 cryptocurrency pairs in BigONE`s listing. In addition to top coins such as BTC, ETH, and BCH, less well-known altcoins are available, but the trade volume is insignificant. There are trading pairs that are formally supported, but the turnover is zero. There is also a platform token named ONE that is used to attract new customers and increase capitalization.
The exchange implements the RAM Real Trading, which can be described as selling its computing power to everyone. The launch of this type of trading took place on July 9, 2018. Trade is actually conducted not between sellers and buyers but between a person and an EOS.IO account on Blockchain. By purchasing EOS in this mode, you release a certain amount of RAM for the EOS.IO needs. By selling tokens you get the needed amount of RAM.
Why are we talking about it? The Bancor algorithm enables automatic price determination and an autonomous liquidity mechanism for tokens on smart contract blockchains (More info here). It estimates the cost of 1 KB of memory in an automated mode and adjusts it depending on the relationship between demand and supply. Today (July 25, 2018), 0.2757 EOS is given for 1 KB. Every day, the number of ONE coins available in trade-mining mode is limited. Every on-chain RAM trading cost approximately 0.5% transaction fee by the EOS system.
By the end of July 30, 2018, it has 35323 members in BigONE’s official chat group, 10105 subscribers (but only 120 likes) on the Twitter account, 500 subscribers on the Facebook page, and 154 subscribers on Steemit.
So, let’s take a closer look at the BigONE`s activities, in terms of official trading data provided by this exchange for general use.
On daily charts of 4 major pairs we can see similar patterns of immense volume rise starting June 22, 2018. BTC/USDT trade volume on June 20th and 21st was 2 BTC and 401 BTC respectively, but on June 23 it sprung to 51K BTC (127 times higher) and 126K BTC the following day. That accounts for a 63,000 times rise (6,300,000%) from June 20th to June 23rd. 63,000 times in 3 days. How could that be real?
The picture for ETH/USDT is almost the same: 42 ETH and 312 ETH on June 20th and June 21st, but 66K ETH (~210 times higher) on June 22nd and almost 123K ETH on June 23rd.
BCH/USDT volume spiked three days later from 130 BCH on June 24 to almost 34K BCH on the following day (~260 times higher).
EOS/USDT volume soared even more surprisingly, from 12k EOS on June 23rd to 29M EOS on June 24th. That’s more than a 2400 times rise in one day, How could that be real?
After reducing the chart timeframe to 30 minutes for BTC/USDT and ETH/USDT pairs we can see interesting volume patterns evoking suspicions artificiality. It is clearly visible that recurrent daily trading activity is starting and ending at the same time of each day.
Trade volume behavior for all 4 major pairs is inconsistent with the corresponding assets’ price movements. Usually, significant price changes are accompanied by clearly notable volume rises but that’s not the case for BigONE. Such inconsistencies we can see better on the 15 & 30-minute charts.
For instance, Fig. 7 shows BTC’s $200 rise in price (that’s about 3% in 15 minutes) performed by 115 BTC while some hours earlier trade volume peaked as high as 12k BTC over 15 minutes intervals with sideways price move.
Fig. 8 illustrates even bigger 15 minute BTC price jump of $415 (about 6.4%), with a trade volume of 767 BTC, while there are volume spikes to 3-5k BTC accompanied with only minimal price moves.
As Fig. 9 displays, the EOS price moved up $0.62 (about 7.9%) over the course of 30 minutes by 50k volume, but 30-45 times higher volume didn’t manage to shift the price by more than 3 cents.
We can observe similar inconsistent volume spikes and price moves on ETH/USDT and BCH/USDT charts as well.
We’ve also used a popular marketing analytical service, Alexa.com, to evaluate traffic of the Big.One website since the 21st of June. According to Alexa.com, “Traffic Ranks, which are updated daily, are based on a combined measure of Unique Visitors and Pageviews”.
According to Fig.12, there wasn’t a sharp increase in the popularity of the website of the exchange from June 20th to June 23rd. Conversely, the position of the website dropped slightly compared to the end of April. Thus, we can assume that there was not a sharp increase in visitors during the period of Big.One booming liquidity.
Finally, a simple visual analysis of BigONE’s 4 major pairs charts suggests the exchange has been tailoring its trade volumes to make a false impression of high liquidity. This particular case shows that in some cases there is no need to perform sophisticated calculations and scientific investigations in order to spot volume manipulations by crypto exchanges. Nevertheless, let’s go further, and study some numbers to check if there are any confirmations to our suspicions.
*Do you want to know more details about the liquidity of TOP crypto exchanges?
Read our latest Liquidity Score Trends Review.
What can repetitive trades of the same size tell us? In practice, such trades suggest trading bot activity, which is commonly used for volume manipulations, or so-called “painting the tape”.
But sometimes even more mysterious pictures appear. Take a look at the live trade history of BTC/USDT at Big.one.
Do you see what we see? Trades of equal size, priced in the middle of the spread, with 4 to 6-second intervals? Could it be a shadow trader?
While observing such peculiarities, we decided to investigate recurrent trade sizes and discovered the most iterated forms of them. We took historical trade data from June 22nd (the volume burst start date) to July 29th, and discovered that the combined number of trades, of 8 of the most recurrent sizes (see Table 1), covered more than 28% of the total number of transactions for the period.
We then looked at the same statistics for separate days and found that different trade sizes appeared to be most replicated on different days and that the top 8 of them covered up to 54% of the total number of transactions. The following diagrams picture shares of the most frequent trade sizes of June 28th and July 13th.
Such disproportional distribution of recurrent trade sizes suggests that automated trading form the vast bulk of the total volume for the exchange can be a sign of trade volume manipulation.
Wash trading is the most common way to manipulate volume. In practice, it is easier to be performed with transactions of larger than average trade size. Therefore, we calculated the average trade size for BTC/USDT pair for BigONE. In order to bypass extreme values and outliers, we took it as a median value and arrived at 0.1209 BTC for June, which is more than 7-8 times higher than that of Binance (0.0143 BTC) and of Bittrex (0.0158 BTC). Besides, it’s worth mentioning average trade size dynamics that showed as high as a 12 times rise from 0.01 BTC in May, but total monthly volume for BTC/USDT performed more impressively: it showed whopping 5,000 times jump, from 149.5 BTC in May, to more than 751,000 BTC in June.
Seeing such amazing performances of volume and average trade size for the BTC/USDT pair, as well as trading bot dominance and declining user traffic trend, we couldn’t help suggesting that the vast part of trade volume on BigONE exchange is manipulated.
To begin with, we decided to compare daily trading volume (DTV) and traffic analysis of the BigOne exchange to such well-established market players as Bittrex (#28) and Poloniex (#39) to receive more objective data. Now, BigOne is ranked 15th, according to Coin Market Cap daily trading volume (DTV). According to CoinMarketCap (CMC), on July 27, BigOne’s DTV was $221.9M, while Bittrex’s DTV was $94.5M and Poloniex’s one was $48.5M. Thus, BigOne’s DTV is higher than that of Bittrex by 2.3 times, and Poloniex by 4.5 times.
For this part of the research, we used widely an applied analytical tool for marketers – Similar Web. Using the advanced version of the tool, we examined the amount of monthly traffic, unique visitors (UV), and unique users (UU) on the BigOne website over different periods of time.
Undoubtedly, there can be some inaccuracies in the estimations, but in comparison to other exchanges, we can still draw conclusions about the approximate number of users.
We considered unique visits and the percentage of refusals (Bounce Rate) with the determined the number of unique users who have spent more than 3 seconds on the website this month.
The formula is UU = UV * (1 – Bounce Rate)
Analysis for the last 6 months
During the last 6 months, the number of BigOne’s Unique Visitors was 308.2K with a bounce rate of 25.2%. In turn, Bittrex’s UV was 4.73M with a bounce rate of 22.2%. Poloniex’s UV was 2.79M with a 33.1% bounce rate (fig. 21).
Let’s compare BigOne with Bittrex and Poloniex exchanges.
From the numbers received, we can see that the UU of BigOne is 231K. In turn, Bittrex has 3.7M unique users. Poloniex has 1.8M unique users. Bittrex’s number of UU is 16 times higher than that of BigOne’s, and Poloniex’s UU number is higher by 8 times.
In spite of the fact that Bittrex and Poloniex have more users than BigOne, the daily trading volume on BigOne is several times higher. Specifically, BigOne’s (198K monthly unique visits) DTV is 2.3 times higher than that of Bittrex (4.73M monthly visits) and 4.5 times higher than that of Poloniex (2.79M monthly visits).
Analysis for June
To ensure better accuracy of the investigation, we also decided to separately analyze the results of the three exchanges for June.
During this period of time, the number of BigOne’s Unique Visitors was 157K with a bounce rate of 37%. In turn, Bittrex’s UV was 2M with a bounce rate of 46%. Poloniex’s UV number was 1.36M with a 41% bounce rate (fig. 22).
Number of Unique Users: BigOne, Bittrex and Poloniex.
From the data obtained, we detected that the UU of BigOne was 99.9K. In turn, Bittrex’s UU was 1,080K and Poloniex, 933K. As a result, Bittrex’s UU was 11 times higher than that of BigOne’s, Poloniex’s UU was higher by 9.3 times.
BigOne’s Traffic Analysis by Channels (from January to June):
– 82% are Direct Visits to the site (this channel most likely displays the visits of users of the exchange since they are unlikely to use referral links).
– 10% is Referral Traffic. The bulk of this comes from CoinMarketCap (about 36%), CandyOne, a famous platform for bounty programs (24.4%), and Feixiaohao, a Chinese platform similar to CMC (12.8%).
– 6% Organic Search – a mix of users and new visitors.
– 1% E-mail Distribution. The traffic from the email base of this exchange is not large. Considering the fact that usually, an email base of a company contains its most active users, we can presume that the email base of BigOne doesn’t even come close to its UU (230.5K).
– 0.88% Social Traffic. The exchange has a very small social media community.
– 0% Paid Advertising + 0% display ads from Google. The exchange does not spend any money on paid promotion and does not lead traffic through PPC (Pay Per Click).
Direct Visits, Referral Traffic from CMC, CandyOne and Feixiaohao, along with Organic Search (98.08% in total), are the main traffic sources for BigOne. Paid and Social traffic, as well as email delivery, are barely used (less than 2% in total). Therefore, it’s evident that the organization does not invest money in Paid Marketing, nor organic community building, via Social Media Marketing and Email-based subscription models.
Nowadays, a relatively high number of social network subscribers, especially in the crypto industry, is a very important factor that determines the size of a community: the number of users of an exchange or the number of investors of a blockchain startup. You can check by following the social media accounts of many well-established exchanges, such as oKex, Binance, HitBTC, Bittrex, or any blockchain startup from the TOP 100. In the case of exchanges, this number should be at least twice as large as the number of users.
Traditionally, Twitter has become the main communication channel of nearly all projects in the crypto industry. Investors, traders, crypto enthusiasts and media representatives look to Twitter first, if they want to stay updated with the latest news about a project.
BigOne – 10.1K;
Bittrex – 726K;
Poloniex – 188K;
Hacken – 10.2K.
However, the number of followers isn’t as important as engagement rate: number of likes, retweets, and comments.
The average number of likes and retweets on BigOnes’s Twitter is 9 and 5 respectively. In turn, Bittrex collects from 100 to 250 retweets in one post while Poloniex gets, on average, from 75 to 150 retweets. Eventually, the twitter account of Hacken, a blockchain cybersecurity company with 10.2K followers gathers 25 retweets on average.
Evidently, the TOP 15 Exchange has weaker Twitter activity than the TOP 28 and TOP 39 exchanges, as well as a TOP 500 blockchain company. Looks weird, doesn’t it?
Other Social Media
Nevertheless, BigOne has a wide community in Telegram, while Bittrex and Poloniex don’t have offer such chat channels. Thus, we are comparing BIG.one’s Telegram activity with that of Hacken.
BigOne (35.3K of Subscribers) – 1503 messages on 29 July;
Hacken (5.2K of Subscribers) – 266 messages on 29 July.
The number of users in the BigOne Telegram group is 6.8 times higher than that of Hacken, and the velocity of messages of BigOne’s TG group is 5.6 times higher. In BigOne’s group, almost all messages are in Chinese. Therefore, we can conclude that the exchange has a real Chinese community in Telegram.
Drawing on CMC data, BigOne’s daily trade volume is higher than Bittrex by 2.3 times, and Poloniex by 4.5 times. However, Bittrex’s UU is 16 times higher than that of BigOne’s, and Poloniex’s UU is higher by 8 times.
Specifically, despite Bittrex (3,680K of UU) and Poloniex (1,838.6K of UU) have many more users than BigOne (230.5K), the daily trading volume on BigOne (221.9М) is 2.3 times higher than that of Bittrex (94.5M) and 4.5 times higher than that of Poloniex (48.5M).
Direct Visits, Referral Traffic from CMC, CandyOne and Feixiaohao, along with Organic Search (98.08% in total), are the main traffic sources for BigOne. Paid and Social traffic, as well as email delivery, are barely used (less than 2% in total). Therefore, it’s evident that the organization does not invest money in Paid Marketing and organic community building via Social Media Marketing and Email-based subscription models.
That’s why the TOP 15 exchange has weaker Twitter activity than the TOP 28 and TOP 39 exchanges, as well as TOP 500 blockchain company.
The only exception is the active Chinese Telegram Group with 35.3K of members, but KuCoin, which is TOP 44 Exchange with 36.9M DTV, had an active TG group with 52.5k, along with active Twitter and 889K unique users in June, comparing to BigOne’s 99.9K.
It looks weird. Doesn’t it?
As we have explained above, Big.One had experienced a significant increase in liquidity since the 20th of June, 2018. However, the number of its visitors, Unique Users, and followers in SM have not increased. In addition, the exchange’s went down in global rank during this period, comparing to April, which is strange considering the rapid growth of its trading volume within this period of time. In turn, such well-established exchanges like Bittrex and Poloniex, having considerably low daily trading volume, have had better performance, in terms of the amount of traffic, community members, and unique users, than BigOne.
Also, BigOne’s amazing performance of volume and average trade size for BTC/USDT pair, as well as trade bots’ domination, explained in the 3rd section, directly points to the fact that the vast portion of trade volume on BigONE exchange is likely manipulated.
Hence, as it has already been proved in the BitForex Success Case, driving up fake 24h trading volumes is a more effective marketing technique than the fair nurturing of the exchange’s user base, through wide media presence and community management. This approach grants a platform rising brand awareness, consistent influx of high-quality referral traffic from CMC and similar ratings, and avoids spending tangible budgets on paid advertising and PR, community building, and maintenance. In return, it enables a company to earn money by listing different tokens as a top exchange. How much can a spot on a TOP15 Exchange cost for TGE startups?
But the main question that remains unanswered is the following:
“What should the global crypto community do to eliminate the fraud of exchanges and make the industry mature?”