All of this Data is NOT CONCLUSIVE! This is Research I did and I might ended up doing a mistake here! This is just the first result I want to share!

DefiChain Atomic Swap Exploit outcome

This script uses several ways to find out how much unbacked dBTC have been created with the Exploit.

It uses different methods to determine the dBTC:

1. Go through each and every Block and find used Addresses. Use these Addresses and check for funds using RPC getaccount
2. Use RPC listaccounts and find all Addresses with Account Funds
3. Get all ICX Orders and check for BTC History before and after the Order has been filled

• Check all ICX Orders and all go through all Transactions per OwnerAddress for Swaps, AccountToAccount, AnyAccountToAccount, PoolAdd, DepositToVault
• Check all AccountToAccount and AnyAccountToAccount Transactions and check level1 Transactions

Everything then is stored into a MySQL Database for easier lookup of data.

Results

All of this has been perfomed on Block Height 1506532. BTC Collateral as 2840 BTC is assumed to be the one on the collateral address (38pZuWUti3vSQuvuFYs8Lwbyje8cmaGhrT).

On all Accounts, 4634.426623660001 dBTC are stored. (unbacked: 1794.4266236600006 dBTC)

On all ICX Orders, 1797.69560661 dBTC (unbacked: 1796.2223622799995 dBTC). But: There are two orders with a negative backing result, this might be 2 valid orders.

It is quite difficult to process all of this data. It might not even be possible to find each and every Satoshi in the System. The mixed system of UTXO and Account Model makes these nearly impossible. I found a difference of ~2 dBTC in Accounts and ICX. Since the attacker used an Exploit, this could be the reason for that.

Swaps

I looked into that on two levels. Level 0 is the direct owner of the ICX Order. Level 1 is after one AccountToAccount or AnyAccountToAccount Transaction has been made.

From dBTC to DFI:

• Level 0: From 836.4473037699996 dBTC to 11126903.52666495 DFI
• Level 1: From 884.5156554299992 dBTC To 16435557.617798528 DFI
• Total: From 1720.9629592000015 BTC to 27562461.144463483 DFI

From DFI to dBTC:

• Level 0: From 0.00015863 dBTC to 2 DFI
• Level 1: From 0.62288011 dBTC to 7358.73352168 DFI
• Total: From 0.62303874 dBTC to 7360.73352168 DFI

That COULD mean that the total BTC-DFI Pool with a Reserve of 2694.82430428 BTC/34400445.40385937 DFI could have more than half unbacked dBTC: 1720,33992046 dBTC

Vaults

No ICX Order dBTC in Level 0 and Level 1 have been added as Collateral to a Vault

Liquidity Mining

No ICX Order dBTC in Level 0 and Level 1 have been added to the Pools as Liquidity

Tokens still on ICX Addresses

These funds are still on Level 0 and Level 1 ICX Addresses:

• 15.011639270000002 BTC
• 742461.3386999901 DFI

Total

Total Distribution of dBTC in the Blockchain:

• Account: 1032.3079827100012 dBTC
• Vault Collateral: 871.3753581199993 dBTC
• Vault Liquidation: 35.91897855000001 dBTC
• Pool: 2694.82430428 dBTC
• Total: 4634.42662366 dBTC
• Unbacked: 1794,42662366 dBTC

Processed Data

• Account Addresses: 1520980
• Account Addresses with Funds of Tokens: 70966
• Blocks: 1506533
• ICX Orders: 434
• ICX Transactions: 27554
• ICX Swaps: 1741
• ICX Account to Account Transactions: 12903
• Vaults: 7320
• Vault Liquidation Collaterals: 3077
• Vault Collaterals: 8528