• © Goverland Inc. 2026
  • Privacy Policy
  • Terms of Use
CoW DAOCoW DAOby0x0385d80c2e1086277Ecd11d75F87f1c63a279414auctionmaster.eth

CIP-22: Slashing of the Barter Solver (responsible for a hack causing CoW DAO a loss of 1 week fee accrual)

Voting ended almost 3 years agoSucceeded
CIP: 22
title: Slashing of the Barter Solver
author: Anna
status: active
created: 2023-02-08

Simple Summary

On February 7th 2023, the Barter Solver was hacked, causing the CoW settlement contract to lose a total of $166,182.97 in funds (CoW Swap’s accrued fees of the last 7 days). The Barter Solver had been added to CoW DAO’s Solver Bonding Pool and was whitelisted 11 days prior to the incident. In line with CIP-7 it is CoW DAO’s responsibility to assess the damages caused and decide whether the bond should be slashed to make up for any incurred losses. In this case the hack and its cause and impact can clearly be identified, it is therefore proposed to slash CoW DAO’s Bonding Pool in the size of the funds drained by the hack in order to refund the CoW settlement contract.

It is important to note here that CoW DAO’s Bonding Pool was created with help of CoW DAO’s own funds. The rationale behind setting up CoW DAO’s own Bonding Pool was to reduce the entry barrier for new solvers. Solvers have to undergo a vetting process before being added. The Barter Solver has been collaborative since the occurrence of the hack and already made a transfer of 166,300 USDC to COW DAO’s Bonding Pool, covering the total amount proposed to be slashed in order to cover the incurred losses in the settlement contract.

Motivation / Rationale

CoW DAO is aware that the funds stored in the CoW settlement contract are exposed to some risks due to the nature of the solver competition: in order to ensure optimal execution, solvers are allowed to tap into the funds stored in the CoW settlement contract (called the “buffers”) to replace certain AMM interactions and thus save on gas, reduce execution risk and thus improve the overall user experience. In order to mitigate the risk of solvers exploiting their access to the buffers and thus causing financial losses to CoW DAO, solvers have to join a bonding pool before being allow-listed. This bonding pool mechanism was set up under CIP-7, which requires solvers to deposit $500,000 worth of cUSDC and 1.5M COW tokens as collateral. In the event of malicious behavior or a hack, it is CoW DAO’s responsibility to slash part of the solver bond to cover for the losses incurred.

A list of the events in order of occurrence:

  • The Barter Solver got whitelisted and added to the CoW Bonding Pool on Jan 27th (tx link)
  • Shortly after, the Barter Solver set an approval to a contract allowing arbitrary calls (tx link), allowing for anyone to use this approval to transferFrom
  • The Barter Solver noted security issues and therefore deployed a new contract which has no arbitrary execution code functionality built in (link), but didn’t clear the allowances set to the old contract
  • Feb 7th, a hacker exploited the old contract and drained about $166K in funds from the settlement contract. (link)
  • Feb 7th, the Nomev Team, which is responsible for the handling of the settlement contract delegated by and on behalf of CoW DAO, revoked all approvals from the old contract and denylisted the Barter Solver
  • Feb 7th, a few hours after the hack, the Barter Solver sent 166,300 USDC to the CoW Bonding Pool (tx link)

Based on the events and the collaboration of the Barter Solver in the aftermath of the hack, no malicious intent by the Barter Solver can be determined. However, due to the gross negligent failure of revoking previously set approvals by the Barter Solver, CoW DAO incurred financial losses of $166,183. It is therefore proposed to slash the bonding pool the Barter Solver is part of in the full amount of the funds lost in the hack and send those funds to the Solver Rewards Safe to cover the lack of fees withdrawn from that week.

Though now having occurred for the first time, it’s important to stress that this is an intended process. Decentralization is insured by a diverse set of solvers and there should explicitly not be an entity controlling and overseeing each solver's strategies and blockchain interactions. The bonding pool and slashing set-up is the risk mitigation for letting every solver access the settlement contract, adding a lot of efficiency, in the interest of the users!

Given the facts of the matter, the Barter Solver is free to rejoin the pool in case this proposal passes and the reimbursement process of both the CoW settlement contract and the CoW Bonding Pool is completed.

Specification

  1. Withdraw all USDC from Compound
  2. Claim COMP rewards
  3. Slash the CoW Bonding Pool by sending 166,183 USDC to the Solver Rewards Safe to refund the losses incurred by the hack.
  4. Reinstantiate the bonding pool using 500k USDC (including 166,300 USDC compensation received from the Barter Solver), by depositing to Compound v2. This ensures that the requirements of CIP-7 are met and sufficient funding is available in the CoW Bonding Pool for the continuous operation of its participating solvers.
  5. Send all remaining funds in the bonding pool safe (generated from bonding pool yield) to the treasury management safe: 3.4k USDC, and 41.4 COMP

Safe Transaction Data

{
  "version": "1.0",
  "chainId": "1",
  "createdAt": 1676629079000,
  "meta": {
    "createdFromSafeAddress": "0xcA771eda0c70aA7d053aB1B25004559B918FE662"
  },
  "transactions": [
    {
      "to": "0x5d4020b9261F01B6f8a45db929704b0Ad6F5e9E6",
      "value": "0",
      "data": "0x6a76120200000000000000000000000040a2accbd92bca938b02010e17a5b8929b49130d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000140000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000004848d80ff0a0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000042f0039aa39c021dfbae8fac545936693ac917d5e756300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024db006a750000000000000000000000000000000000000000000000000007dcaa770f325c003d9819210a31b4961b30ef54be2aed79b9c9cd3b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000841c3db2e00000000000000000000000005d4020b9261f01b6f8a45db929704b0ad6f5e9e60000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000100000000000000000000000039aa39c021dfbae8fac545936693ac917d5e756300a0b86991c6218b36c1d19d4a2e9eb0ce3606eb4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044a9059cbb000000000000000000000000a03be496e67ec29bc62f01a428683d7f9c20493000000000000000000000000000000000000000000000000000000026b14757c000a0b86991c6218b36c1d19d4a2e9eb0ce3606eb4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044095ea7b300000000000000000000000039aa39c021dfbae8fac545936693ac917d5e7563000000000000000000000000000000000000000000000000000000746a5288000039aa39c021dfbae8fac545936693ac917d5e756300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024a0712d68000000000000000000000000000000000000000000000000000000746a52880000a0b86991c6218b36c1d19d4a2e9eb0ce3606eb4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044a9059cbb000000000000000000000000616de58c011f8736fa20c7ae5352f7f6fb9f066900000000000000000000000000000000000000000000000000000000cc6e6c6200c00e94cb662c3520282e6f5717214004a7f2688800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044a9059cbb000000000000000000000000616de58c011f8736fa20c7ae5352f7f6fb9f06690000000000000000000000000000000000000000000000023ee31eb50b15fa640000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041000000000000000000000000ca771eda0c70aa7d053ab1b25004559b918fe66200000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000"
    }
  ]
}

Tenderly Simulation

Link to Tenderly simulation

Off-Chain Vote

For
47.03M vCOW99.9%
Against
29.22K vCOW0.1%
Abstain
18.52K vCOW0%
Download mobile app to vote

Discussion

CoW DAOCIP-22: Slashing of the Barter Solver (responsible for a hack causing CoW DAO a loss of 1 week fee accrual)

Timeline

Feb 17, 2023Proposal created
Feb 17, 2023Proposal vote started
Feb 24, 2023Proposal vote ended
Dec 20, 2024Proposal updated