1. BITBILIHome
  2. Article

Curve Finance confirms the affected pools in the platform’s exploit

43 views

TL;DR Breakdown

  • Curve Finance has confirmed the list of affected pools following the recent hack that it suffered.
  • Assessing the impact and strengthening security for the future.

Description

Curve Finance, a popular decentralized exchange (DEX), recently faced a significant security breach that affected multiple Ethereum pools and an Arbitrum-based liquidity pool. The incident occurred over the weekend, leading to the theft of millions of dollars. As the situation unfolded, blockchain security firm PeckShield updated the stolen amount to an alarming $52 million. Curve … Read more

Curve Finance, a popular decentralized exchange (DEX), recently faced a significant security breach that affected multiple Ethereum pools and an Arbitrum-based liquidity pool. The incident occurred over the weekend, leading to the theft of millions of dollars. As the situation unfolded, blockchain security firm PeckShield updated the stolen amount to an alarming $52 million. Curve Finance’s DEX allows users to swap like-assets, such as Ethereum for Staked Ethereum or Tether’s USDT for Circle’s USDC.

Curve Finance reveals updated information about the hack

The platform serves as a valuable arbitrage tool for traders seeking to take advantage of price discrepancies between assets. The initial reports indicated that the exploit occurred on Sunday, resulting in losses exceeding $24 million. However, the real-time unfolding of the hack revealed a much higher sum. The exchange’s team confirmed that the security breach affected three liquidity pools, involving tokens paired with Ethereum (ETH) and Curve governance token CRV.

Additionally, several ERC-20 tokens issued on Alchemix (alETH), Metronome Synth (smETH), and JPEG’d (pETH) were also compromised due to a vulnerability in older versions of the Vyper compiler. Vyper is a programming language commonly used for writing smart contracts on the Ethereum blockchain. The language’s core team acknowledged that certain outdated versions were susceptible to exploitation, making them a target for hackers. A lead contributor for Vyper took to Twitter, suggesting that the hackers had likely spent a significant amount of time researching and identifying the vulnerability.

As the security breach unfolded, another concerning development emerged regarding the Vyper-based liquidity pool deployed on the layer-2 solution, Arbitrum. The team at Curve Finance revealed that the Tricrypto pool, comprising USDC, wBTC, and ETH, was “potentially affected.” Despite no profitable exploits being discovered by security experts, the team advised liquidity providers to exit this pool due to its vulnerability.

Assessing the impact and strengthening security for the future

The security breach did not remain limited to Curve Finance alone. Another decentralized exchange, Ellipsis, which operates on the BNB Chain, also reported an exploit in its stable swap pools on the same weekend. The impact of the exploit was not confined to the decentralized exchanges. South Korean crypto exchange Upbit took precautionary measures, temporarily suspending deposits and withdrawals of CRV tokens.

The exchange urged its members to closely monitor the situation and be cautious of the increased price volatility surrounding Curve Finance. The incident has raised concerns within the decentralized finance (DeFi) community, as it highlights the importance of robust security measures in the rapidly growing DeFi sector. The vulnerability in older versions of the Vyper compiler underscores the need for continuous auditing and updates to protect smart contracts from potential exploits.

Furthermore, the exploit on Arbitrum-based liquidity pools has prompted the DeFi community to reevaluate the security measures on layer-2 solutions. As the demand for scalable and low-cost solutions increases, it becomes essential to ensure that these layer-2 platforms can withstand potential attacks. As the investigation into the security breach continues, the DeFi community is closely monitoring the situation to understand the full extent of the damage and identify ways to prevent similar incidents in the future.

In light of these events, decentralized exchanges and other DeFi projects are likely to implement additional security protocols and conduct more rigorous audits to safeguard user funds and maintain trust in the ecosystem. As the DeFi landscape evolves, it is imperative for all stakeholders, including developers, liquidity providers, and users, to remain vigilant and prioritize security. Only by proactively addressing vulnerabilities and continuously improving security measures can the DeFi sector continue to thrive and fulfill its promise of transforming the traditional financial landscape.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Curve Finance confirms the affected pools in the platform’s exploit

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月1日 10:46
Next 2023年8月1日 11:42

Related articles

  • U.S. sanctions against Tornado Cash ruled unlawful

    TL;DR Breakdown The Blockchain Association and the DeFi Education Fund have joined forces to express their support for Coin Center’s lawsuit against the U.S. Treasury regarding the imposed sanctions on Tornado Cash. According to the associations, OFAC lacks the statutory authority to sanction software like Tornado Cash. The Treasury has argued that crypto mixers like Tornado Cash pose a national security threat and have failed to implement adequate measures to prevent money laundering.  The Blockchain Association and the DeFi Education Fund have joined forces to express their support for Coin Center’s lawsuit against the U.S. Treasury regarding the imposed sanctions on Tornado Cash. The two cryptocurrency industry advocacy groups filed a joint amicus brief, arguing that the sanctions imposed by the Treasury’s Office of Foreign Assets Control (OFAC) are both unprecedented and unlawful. According to the associations, OFAC lacks the statutory authority to sanction software like Tornado Cash. They contend that Tornado Cash is a decentralized protocol and cannot be owned by anyone. While acknowledging that there have been instances of malicious use of the protocol for money laundering, including…

    Article 2023年6月9日

  • Cryptocurrency exchange Crypto.com battles user over mistaken $50,000 deposit

    TL;DR Breakdown Crypto.com seeks court confirmation of an arbitration award after mistakenly depositing $50,000 into a user’s account. The user promptly transferred the money to an offshore bank account and refused to return it. The arbitrator ruled in favour of Crypto.com and awarded them $76,391.46 but lacked the authority to compel the user to pay. Description Crypto.com, the leading cryptocurrency exchange, has taken legal action to secure confirmation of an arbitration award in its favour after a user’s account was wrongly credited with $50,000. According to court documents filed on July 6, Crypto.com claimed the funds were mistakenly deposited into James Deutero McJunkins’ account in June 2022. McJunkins swiftly transferred the … Read more Crypto.com, the leading cryptocurrency exchange, has taken legal action to secure confirmation of an arbitration award in its favour after a user’s account was wrongly credited with $50,000. According to court documents filed on July 6, Crypto.com claimed the funds were mistakenly deposited into James Deutero McJunkins’ account in June 2022. McJunkins swiftly transferred the money to an offshore bank account, evading Crypto.com’s attempts to recover…

    Article 2023年7月9日

  • Israel foreign residents could get tax-free crypto sales

    TL;DR Breakdown A bill recently passed a preliminary reading in the Israel parliament, the Knesset, which could grant foreign residents an exemption from capital gains taxes on the sale of digital currencies. The explanatory note accompanying the bill highlights the regulatory gap in the country’s digital currency industry and proposes legislative amendments to address this issue. One notable aspect of the bill is the separation of the terms “digital currency” and “security” which is in contrast to the proposed regulatory framework put forward by the Israeli Securities Authority (ISA). Description A bill recently passed a preliminary reading in the Israeli parliament, the Knesset, which could grant foreign residents an exemption from capital gains taxes on the sale of digital currencies. The bill, sponsored by Likud party member Dan Ilouz, also seeks to reduce the tax rate on crypto bonuses for employees from the current 50% … Read more A bill recently passed a preliminary reading in the Israeli parliament, the Knesset, which could grant foreign residents an exemption from capital gains taxes on the sale of digital currencies. The bill,…

    Article 2023年7月7日

  • Big fine for Credit Suisse after Archegos debacle

    TL;DR Breakdown Credit Suisse fined $388 million by US and UK regulators for serious risk management and governance failures in relation to the collapse of Archegos Capital. The bank’s downfall led to a takeover by rival UBS, under government supervision. Swiss supervisor Finma opened enforcement proceedings against a former employee, citing serious and systematic violation of financial market law. Description Staggering monetary penalties have been imposed on the renowned Swiss banking institution, Credit Suisse, following a cataclysmic financial debacle tied to the collapse of Archegos Capital. The regulatory watchdogs from both the U.S. and the UK have dealt out fines totalling a whopping $388 million, citing “significant failures in risk management and governance.” The aftermath … Read more Staggering monetary penalties have been imposed on the renowned Swiss banking institution, Credit Suisse, following a cataclysmic financial debacle tied to the collapse of Archegos Capital. The regulatory watchdogs from both the U.S. and the UK have dealt out fines totalling a whopping $388 million, citing “significant failures in risk management and governance.” The aftermath of this crisis has rattled the bank,…

    Article 2023年7月26日

  • US unemployment rate spikes to 3.8% as wage rate slows

    TL;DR Breakdown In August, the US saw an increase in job growth, but the unemployment rate increased to 3.8%. Despite progress in slowing price increases, the unemployment rate continues to challenge policymakers. Description In August, job growth in the United States increased, yet the unemployment rate rose to 3.8% while wage growth slowed. The data suggests that the job market might be softening, confirming expectations that the Federal Reserve won’t raise interest rates this month. The Labor Department’s widely observed employment report revealed that 736,000 individuals joined the … Read more In August, job growth in the United States increased, yet the unemployment rate rose to 3.8% while wage growth slowed. The data suggests that the job market might be softening, confirming expectations that the Federal Reserve won’t raise interest rates this month. The Labor Department’s widely observed employment report revealed that 736,000 individuals joined the job market in the past month. That pushed the participation rate to its highest level in three and a half years, whereby it seems that worries about the economy slowing down are likely encouraging…

    Article 2023年9月2日
TOP