On April 2020, UniSwapV1 was exploited in a reentrancy, resulting in approximately $220K in losses. That makes the UniSwapV1 exploit the 157th largest DeFi incident out of 690 documented in our archive.
Attack Mechanics: How the UniSwapV1 Reentrancy Played Out
Exploit Class Applied to UniSwapV1
The UniSwapV1 incident on April 18, 2020 is classified as a Reentrancy. A malicious contract re-enters a vulnerable function before state is updated, letting it drain funds multiple times. In the full archive, UniSwapV1 is 1 of 51 documented reentrancy incidents.
UniSwapV1 in Context
At $220K, the UniSwapV1 exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — Curve (2023) at $41M.
Prior Reentrancy Before UniSwapV1
The nearest reentrancy incident before UniSwapV1 was SpankChain, 559 days earlier on October 7, 2018. The same exploit class surfaced again within the reentrancy attack surface.
UniSwapV1 Vulnerability Signature
The primary source categorises the UniSwapV1 exploit specifically as “ERC777 Reentrancy”. This narrower label is entity-specific: it reflects how the UniSwapV1 contract failed, rather than the broad reentrancy pattern alone.
Impact & Recovery for UniSwapV1
UniSwapV1 Loss Figure
The UniSwapV1 exploit caused $220,000 in losses — a minor (<$1M) incident and the 2nd largest of 9 documented in 2020. This single incident represents 0.9% of all tracked losses that year.
Where UniSwapV1 Sits Among Reentrancy Attacks
Ranked by loss size, UniSwapV1 is the 19th largest of 51 reentrancy incidents documented. That puts the UniSwapV1 loss below the class average of $2.87M.
Timeline Since the UniSwapV1 Incident
The UniSwapV1 exploit occurred 6 years ago (2,187 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for UniSwapV1
Public post-mortem / on-chain analysis for the UniSwapV1 incident: view source.
FAQ
How much did UniSwapV1 lose?
The UniSwapV1 exploit in April 2020 resulted in $220,000 in losses — the 2nd largest of 9 DeFi incidents that year.
When did the UniSwapV1 hack happen?
The UniSwapV1 exploit was recorded on April 18, 2020 — 2,187 days ago.
What type of exploit hit UniSwapV1?
The UniSwapV1 incident is classified as a Reentrancy. A malicious contract re-enters a vulnerable function before state is updated, letting it drain funds multiple times.
How common is the Reentrancy pattern seen at UniSwapV1?
Our archive contains 51 documented reentrancy incidents. The UniSwapV1 incident is one of them.
How does UniSwapV1 compare to the largest Reentrancy attack?
The largest reentrancy incident in our archive is Curve (2023) at $41M. The UniSwapV1 loss is $220K.
What challenge does the protocol aim to address in cross-chain transactions?
The need for a secure, privacy-preserving, and offline-tolerant multi-party transaction protocol.
Which machine learning models are evaluated in the study?
Random Forest, AdaBoost, XGBoost, Bagging, Extra Trees, and Voting Classifier.