Uniswap V2 — How I lost money against “unfair” contracts!

There is great hype going on and its called DEX trading and one of the biggest happens at Uniswap. To be totally fair its great thing just it has its own flaws and here I am going try to expose few of them.

To start trading at Uniswap you need some wallet, I am using Metamask and few ETH balance and as you ready to go. Than is cheaper to trade if your ETH are wrapped to WETH (trades can be done from other symbols as well as USDT just WETH is most popular and roghly 80% of trades are done with it).

Once you are at uniswap.com there is cool search option to find contract. And let’s see how many of them are there via Python and GraphQl and what kind of data we can get.

You can play in the sandbox: thegraph.com or use the python code bellow:

So that’s how I got data down and made some script that follows momentum and started trading various tokens with no extra safety. This is the point when I say: Please do not do that to avoid making mistakes as I did!

My advice is to limit trading to only tokens that are trusted and are 100% sure that will return your balance at any time.

Personally, I solved that by avoiding newly created tokens and am trading only well established ones. That message “if you purchase an arbitrary token, you may be unable to sell it back” was simply ignored at my end at first.

So that’s how happened that I lost few hard earned ETH’s or better to say WETH’s.

And how those “unfair” contracts look like?

They are pretty much the same at first glance as some “good” one. Just they are using the same name, similar description and even same total supply of tokens.

The main difference is that you are unable to sell token back or worse even send it to some other wallet. Bassically, it becomes useless name in your wallet with some int figure…

One of those many tokens is called eXRD and the right one is at the address:

https://etherscan.io/token/0x6468e79a80c0eab0f9a2b574c8d5bc374af59414

and copycat is:

https://etherscan.io/token/0x0Cb4A3C00eB951EdAe0849F3691bcF1d017206a4

The “scammers” or to say people who uses an unfair contract make everything look as close to real as it gets.

Both have Total Supply: 4,410,000,000 eXRD, 18 decimals… And if you check trade history is even a lot swaps from wallet and back, just if you look closer in those wallets which are like: https://etherscan.io/address/0x4c6082f6202d8abc7b6da2b5672fa4faf4279ae4

They have a lot of tokens and at Etherscan all are colored gray, which is first indicator that no other info is awailable and there is no other data available when you click the dropdown at token. Meaning that there is a part in contract which detarmains who is possible to communicate with it and who isn’t. Off course they whitelisted only their wallets and without those you can’t access tokens at all.

After few days pool is drained from those tokens and money is transferred to some other address. So even if the token is somehow unlocked, you can’t get any money out as pool is already empty.

To be fair Uniswap has listed these specific token and soon blocked it to be accessible via their web page. Just personally I think that some extra security should be implemented before hand, some token, even comes to their web page. Yes, It can’t be blocked to be downloaded via “the graph” or even listed. Just I believe that listing to Uniswap should be more controlled.

cheers