Home Web3 SecurityCrypto Hacks & Exploits Kaoya Swap Hack – Aug-24, 2022 – Deep Analysis

Kaoya Swap Hack – Aug-24, 2022 – Deep Analysis

by ImmuneBytes

On August 24, 2022, Kaoya Swap, a decentralized protocol on the Binance Smart Chain, fell victim to a hack exploiting a flaw in its swapExactTokensForETHSupportingFeeOnTransferTokens function.

This vulnerability allowed an attacker to manipulate a swap path involving fee-on-transfer tokens, leading to unauthorized fund transfers and a profit of around 271 wBNB and 37,294 BUSD (approximately $118,000).

Kaoya Swap Overview

Kaoya Swap is a decentralized transaction protocol built on Automated Market Maker (AMM) and exchange pool principles.

Hosted on the Binance Smart Chain, the platform includes an investment component designed to enhance the earnings of liquidity providers. Kaoya Swap leverages the liquidity pool’s funds to execute automatic trading strategies.

Vulnerability Analysis & Impact

The attack centered on a flaw present in the swapExactTokensForETHSupportingFeeOnTransferTokens function within the contract’s codebase. This function was responsible for swapping Fee-On-Transfer Tokens, which are ERC20 tokens that incur fees for every transfer() or transferFrom() operation.

Unlike standard ERC20 tokens, the receiver of such tokens would receive a smaller amount than the one initially sent.

Kaoya swap exploit Aug 23, 2022

The vulnerability was a result of inadequate logic in the swapExactTokensForETHSupportingFeeOnTransferTokens function. This flaw allowed malicious actors to manipulate the swapping process to their advantage, resulting in unauthorized fund transfers.

The attack exploited the function’s miscalculation of the amount to be transferred in cases where the last pair in the swap path appears multiple times.

Exploit Details

Exploit Txn: https://bscscan.com/tx/0xc8db3b620656408a5004844703aa92d895eb3527da057153f0b09f0b58208d74

The attacker executed the exploit by carefully constructing a swap path involving two custom tokens labeled as tokenA and tokenB. The swap path was designed as follows: [tokenA, wBNB, tokenB, tokenA, wBNB], deliberately including the tokenA and wBNB pair twice in the path.

  • The initial swap of tokenA to wBNB and the subsequent swap of tokenA to wBNB (second instance) introduced a balance difference in the wBNB pair. This discrepancy led to both parts of the swap being incorporated into the router, causing the router contract to transfer more wBNB than intended to the attacker.
Kaoya Swap Hack -

The attacker borrowed a flash loan of 1800 wBNB and utilized these funds to add liquidity to the newly created token pairs: [tokenA, wBNB] and [tokenB, wBNB].

Following the swap and subsequent liquidity removal, the attacker realized a profit of approximately 271 wBNB and 37,294 BUSD, equivalent to approximately $118,000.

Addresses who profited from the exploit:

  1. 0x8df3dd42bd51dd637580be6f15f651608b749ca1
  2. 0x236b6150d7cc095d923fc0463977b71e84c891e5
  3. 0xb77e7ee8e131d7425112df0f0f3c10e1c2208589
  4. 0xe946bc154baa243b48fcf156977910bbb236df09
  5. 0x50fc7d751cdde692682a04f59c2c9be2530b4d28

Mitigation Measures

To prevent such attacks in the future, it is essential to implement robust logic for swap functions involving fee-on-transfer tokens.

Specifically, adjustments should be made to the amountOutMin parameter, focusing on evaluating the recipient’s amount rather than the sender’s amount during invariant calculations.

This can help ensure that the correct amounts are transferred, reducing the risk of manipulation.


The Kaoya Swap hack on the 24th of August, 2022, underscored the importance of meticulous code review and thorough security testing in decentralized protocols.

By auditing the smart contract effectively and implementing appropriate safeguards, the DeFi community can strive for a more secure and resilient ecosystem.

You may also like