Matcha Meta Responds to Security Incident on SwapNet

Matcha Meta reported a security incident linked to SwapNet affecting certain users of its platform. The situation was officially communicated via X, raising concerns among users of this decentralized liquidity aggregator.

Which Users Are Affected?

Users who disabled the “Single Approval” feature in Matcha Meta are the primary ones affected by this security incident. According to reports from Odaily, this functionality is crucial for the operational security of the platform. Matcha Meta immediately contacted the SwapNet team to coordinate a response, and SwapNet responded by temporarily suspending its smart contract as a containment measure.

Security Verification with the 0x Protocol

After a thorough review with the developers of the 0x protocol, it was verified that the incident did not compromise the core contracts of the system, specifically the AllowanceHolder and the Settler. This finding is essential because it means that the core infrastructure of 0x remained protected. Users interacting with Matcha Meta through single approval can maintain their trust in the platform and continue using its services without additional risks.

Preventive Measures Implemented

To prevent similar incidents from happening again, Matcha Meta has removed the functionality that allowed users to set spending limits directly with the aggregator. This measure strengthens the platform’s security architecture. It is worth recalling that SwapNet had previously experienced a significant breach resulting in the loss of approximately $16.8 million in user assets, highlighting the importance of these security updates to protect the DeFi ecosystem.