Changelly.com Exchange Exploit

1. Found a short PDF that documents what appears to be a persistent pricing inconsistency on Changelly when using Bitcoin as the source asset in a swap.
2.  
3. It seems that when an older, deprecated Node.js backend (v1.9) is manually injected through the browser console, the exchange interface begins quoting significantly higher-than-expected amounts in the destination currency — typically around 27% more than the current market rate.
4.  
5. For example:
6. Swapping the equivalent of $1000 in BTC would normally return ~$1000 worth of ETH (or other altcoins),
7. but with the legacy node active, the quoted return jumps to around $1270, effectively creating a one-sided gain in value.
8.  
9. This discrepancy doesn’t affect other input currencies — it seems to be specific to BTC as the base asset.
10.  
11. Once the swap is completed and the altcoin received, the funds can, in theory, be exchanged back into BTC, allowing for the process to be repeated in a loop (although the exact profitability per iteration would vary depending on fees and timing).
12.  
13. The full explanation, including the script used to load the older backend and a working example, is documented in this write-up:
14.  
15. 📄 PDF: docs.google.com/document/d/1mbfHb_apWiKICtwTjtRxUzyHQX2w2wuWjvOAhX5GYOM/edit?usp=sharing
16.  
17. Posting for informational and archival purposes — surprised this hasn’t been patched, considering the backend is officially deprecated.