On March 9, 2023, a sophisticated attacker exploited a vulnerability in the Hedera network’s Smart Contract Service code, draining approximately $600,000 worth of tokens from decentralized exchange liquidity pools before the network’s operations team could respond. The attack targeted DEXs operating on Hedera, including Pangolin, SaucerSwap, and HeliSwap, sending shockwaves through the broader ecosystem and raising urgent questions about the security of precompiled smart contract functions across layer-1 blockchains.
The Exploit Mechanics
The attacker leveraged a bug in Hedera’s precompiled contract code — specifically, the way the Hedera Token Service (HTS) handled delegate calls from smart contracts. The attack unfolded in multiple stages. First, the attacker deployed a smart contract (0.0.2015837) that exploited the precompiled contract vulnerability to grant themselves unauthorized token withdrawal privileges from specific DEX liquidity pools. With those privileges in place, a second contract (0.0.2015850) was used to interact with the compromised liquidity pools and drain tokens directly into the attacker’s wallet.
The stolen tokens included 287,998 USDC, 66,997 USDT, 1,001 DAI, and 3,630,000 wrapped HBAR (WHBAR) — collectively valued at just under $600,000 at the time of the attack. The attacker targeted accounts used as liquidity pools at multiple DEXs that had ported Uniswap v2-derived contract code from Ethereum to use the Hedera Token Service, a pattern that may have made them particularly susceptible to this class of vulnerability.
Affected Systems
The attack directly impacted three decentralized exchanges operating on the Hedera network: Pangolin, SaucerSwap, and HeliSwap. All three relied on liquidity pools that utilized HTS tokens through Uniswap v2-style smart contracts. Crucially, no retail user Hedera accounts or wallets were ever at risk — the exploit was limited to the specific smart contract architecture governing DEX liquidity pools.
The Hedera network itself remained operational throughout the incident. No consensus layer was compromised, and no validator nodes were attacked. The vulnerability existed purely within the Smart Contract Service’s handling of delegate calls to HTS precompiled contracts, a narrow but critical attack surface that the attacker exploited with precision timing.
The Mitigation Strategy
The response from Hedera’s network operations team — composed of personnel from both Hedera and Swirlds Labs — was methodical but not instantaneous. After being notified of the attack by affected DEXs, the team took eleven hours to analyze the exploit before shutting down proxy access to the Hedera mainnet at 20:18 UTC on March 9. This action prevented further exploitation but also temporarily prevented all users from accessing the mainnet.
Simultaneously, the core maintainers of the Hedera open-source software developed and tested a fix within thirteen hours of discovering the vulnerability. The patch prevents a smart contract from using a delegate call to invoke an HTS precompiled contract, closing the specific attack vector. The Hedera Governing Council members signed transactions to update the network’s codebase, and the mainnet upgrade was completed at 02:04 UTC on March 11 — just forty-one hours after initial discovery. The DEXs also collaborated with a whitehat team to deploy a smart contract that used the same exploit technique to revoke the attacker’s unauthorized privileges over remaining funds.
Lessons Learned
The Hedera incident underscores a fundamental tension in blockchain architecture: precompiled contracts offer performance advantages, but they also create concentrated points of failure. When a precompiled function contains a bug, the impact extends to every smart contract that interacts with it — exactly what happened here across multiple DEXs simultaneously. The forty-one-hour response time, while reasonable, also highlights the challenges of coordinating emergency upgrades across a decentralized network of node operators.
The attack also demonstrates the risk of porting smart contract code between blockchains without thorough security audits that account for differences in underlying architecture. The Uniswap v2 contracts were designed for Ethereum’s execution environment, and porting them to Hedera’s token service introduced an interaction layer that contained an exploitable vulnerability.
User Action Required
Users who held funds in Pangolin, SaucerSwap, or HeliSwap liquidity pools on Hedera should verify their positions and check whether they were affected by the exploit. The affected DEXs and the Hedera team have been working together to trace the stolen funds and explore recovery options. Anyone interacting with DEXs on networks that use precompiled token services should monitor official communications from both the DEX and the network itself for security updates and patches.
This article is for informational purposes only and does not constitute financial or security advice. Always conduct your own research before interacting with any DeFi protocol.
Pangolin and SaucerSwap getting drained because of a precompile bug is rough. layer 1s really need to treat HTS code like critical infrastructure
287K USDC alone from one pool. the real question is why delegate calls werent sandboxed in the first place
delegate calls should never have direct access to token service functions without explicit whitelisting. the sandboxing failure is on Hedera here
chain_gecko_ the HTS delegate call sandboxing was literally a one line fix after the exploit. missing basic access control on a $600M TVL chain is inexcusable
precompile_audit a one line access control fix on a chain handling millions in TVL. audit processes failed at every level here, not just the code review
$600K is relatively small in the grand scheme but the attack pattern of deploying two contracts in sequence is becoming standard
two-contract deployment patterns are becoming standard because it separates the exploit logic from the attack execution. harder to detect in real time
Stefan T. two contract deployment is the new meta. first contract gets the privileges, second one executes the drain. detection tools still dont flag this pattern reliably
$600K from 3 DEXs on a layer 1 in a single exploit and hedera barely made the news. if this happened on ETH or SOL it would be trending for a week. L1 bias is real
dex_watcher_ 100%. ETH or SOL gets exploited and crypto twitter is on it for a week. hedera loses $600K from 3 DEXs and its crickets. the L1 branding matters more than the exploit size