Crypto Mufasa
Advertise
  • Crypto News
    • General News
    • Bitcoin News
    • Altcoin News
    • Ethereum News
  • NFT NEWS
  • Beginner Guides
  • Price Predictions
  • Crypto Prices
No Result
View All Result
  • Login
  • Register
  • Crypto News
    • General News
    • Bitcoin News
    • Altcoin News
    • Ethereum News
  • NFT NEWS
  • Beginner Guides
  • Price Predictions
  • Crypto Prices
No Result
View All Result
Crypto Mufasa
No Result
View All Result

Home » Reentrancy vulnerability in Curve Finance pools exploited for over $24M.

Reentrancy vulnerability in Curve Finance pools exploited for over $24M.

James by James
July 30, 2023
in Altcoin News, General News
Reading Time: 3 mins read
A A
0
curve finance hack
Share on FacebookShare on Twitter
ADVERTISEMENT

The world of decentralized finance (DeFi) was sent into a frenzy on July 30 when several stable pools on Curve Finance, using Vyper, fell victim to an exploit, resulting in staggering losses of $24 million. Vyper disclosed that its 0.2.15, 0.2.16, and 0.3.0 versions were susceptible to malfunctioning reentrancy locks, leaving many projects relying on these versions vulnerable.

Curve Finance Vulnerability: $24 Million Losses and DeFi Impact

Security firm Ancilia conducted an analysis of the affected contracts, revealing that 136 contracts utilized Vyper 0.2.15 with reentrant protection, 98 contracts deployed Vyper 0.2.16, and 226 contracts were dependent on Vyper 0.3.0.

A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.

Other pools are safe. https://t.co/eWy2d3cDDj

— Curve Finance (@CurveFinance) July 30, 2023

Initial investigations pointed towards certain versions of the Vyper compiler failing to implement the reentrancy guard correctly. This guard is crucial in preventing multiple functions from being executed simultaneously by locking a contract, thereby thwarting potential reentrancy attacks that could drain all funds from the contract.

Vyper, which is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM), has become a well-liked option for Python developers who are moving into the Web3 space.

You May AlsoLike

Polymarket Bets

March 2025 Polymarket Bets Boom for Bitcoin, XRP, ETH, AI, and DOGE – The Future of Cryptocurrency Trading!

March 1, 2025
Ethereum’s Pectra Upgrade

3 Essential Insights from Recent Developer Call on Ethereum’s Pectra Upgrade

March 1, 2025

The attack had far-reaching consequences, impacting various decentralized finance projects. Exchange on a decentralized level Ellipsis disclosed the use of a dated version of the Vyper compiler in their exploit of a few stable pools. Meanwhile, Alchemix’s alETH-ETH experienced an outflow of $13.6 million, along with JPEGd’s pETH-ETH pool witnessing $11.4 million exploited and Metronome’s sETH-ETH pool losing $1.6 million.

Certain type of Curve factory pool is encountering read-only reentrancy attack and causing a total loss of $11m(@JPEGd_69) + $13m(@AlchemixFi) + …

Initial investigation founds that vyper compiler (0.2.15) doesn't implement the reentrancy guard correctly.

add_liquidity and… pic.twitter.com/avaHdtSFsm

— Tony KΞ (@tonyke_bot) July 30, 2023

The exploit set off a chain reaction of panic across the DeFi ecosystem, prompting a flurry of transactions across pools and a rescue operation by white hats. As a result, Curve Finance’s utility token Curve DAO (CRV) recorded a decline of over 5% in response to the news. The declining liquidity of CRV in recent months exposed it to significant price swings, increasing its vulnerability, as previously reported by Cointelegraph. Notably, Curve Finance confirmed that crvUSD contracts and associated pools remained unaffected by the attack.

curve finance price chart
source: coinstats

Curve Finance, a prominent DeFi protocol facilitating the decentralized exchange of stablecoins within Ethereum, has been the target of a series of incidents within its ecosystem. Merely days before this event, its omnipool platform Conic Finance was exploited for $3.26 million in Ether, with the majority of the stolen funds redirected to a new Ethereum address in a single transaction.

The DeFi space has been grappling with numerous attacks in recent times. According to a report by DeFi, a Web3 portfolio app, more than $204 million was lost to DeFi hacks and scams in the second quarter of 2023 alone. The ongoing challenges faced by DeFi protocols underscore the need for robust security measures and heightened vigilance within the ever-evolving landscape.

Tags: CurveDAOhackvulnerability
Share76Tweet48
ADVERTISEMENT
Previous Post

Barbie Star Margot Robbie’s Unique Take on Bitcoin Sparks Crypto Community’s Interest

Next Post

Binance Becomes The 1st Cryptocurrency Exchange To Get A Major License In Dubai

James

James

James is a 33-year-old cryptocurrency enthusiast who has been involved in the industry since 2017. He has always been a keen follower of the crypto space and has experience in trading and mining cryptocurrencies. Since then, James has also written numerous articles on the subject and is passionate about sharing his knowledge and insights with others.

Related Posts

Polymarket Bets
General News

March 2025 Polymarket Bets Boom for Bitcoin, XRP, ETH, AI, and DOGE – The Future of Cryptocurrency Trading!

March 1, 2025
Ethereum’s Pectra Upgrade
General News

3 Essential Insights from Recent Developer Call on Ethereum’s Pectra Upgrade

March 1, 2025
Cramer Suggests Saylor Should Plan for a Strategic Bitcoin Reserve
General News

Cramer Suggests Saylor Should Plan for a Strategic Bitcoin Reserve

February 28, 2025
MetaMask Ethereum Wallet Expands Support for Both Bitcoin and Solana
Crypto Wallets

MetaMask Ethereum Wallet Expands Support for Both Bitcoin and Solana

February 28, 2025
Bitcoin Bull Run Could Continue, says CryptoQuant CEO - Unless This Critical Threshold Is Breached
General News

Bitcoin Bull Run Could Continue, says CryptoQuant CEO – Unless This Critical Threshold Is Breached

February 28, 2025
Solana Futures Launch at CME Boosts Price Amid High Demand
General News

Solana Futures Launch at CME Boosts Price Amid High Demand

February 28, 2025
Next Post
Binance Obtains Regulatory License in Dubai

Binance Becomes The 1st Cryptocurrency Exchange To Get A Major License In Dubai

Discussion about this post

Live Prices

You have not selected any currency to display

Stay Connected

You May Also Like

  • Bitcoin Halving Update: Bitwise CEO's $100k Price Projection Sparks Excitement

    Why the Bitcoin Halving Is Happening Sooner Than Anticipated

    239 shares
    Share 96 Tweet 60
  • MetaMask Ethereum Wallet Expands Support for Both Bitcoin and Solana

    197 shares
    Share 79 Tweet 49
  • March 2025 Polymarket Bets Boom for Bitcoin, XRP, ETH, AI, and DOGE – The Future of Cryptocurrency Trading!

    196 shares
    Share 78 Tweet 49
  • OKB Price Prediction 2023 – 2030: Will OKB reach $200?

    201 shares
    Share 80 Tweet 50
  • November’s Bitcoin Price Forecast: A Bullish Odyssey

    196 shares
    Share 78 Tweet 49
  • About Us
  • Contact Us
  • Work With Us
  • Privacy Policy
  • Terms Of Service

© 2022-2024 CryptoMufasa - All Rights Reserved!

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

*By registering into our website, you agree to the Terms Of Services and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • General News
  • Beginner Guides
  • Bitcoin News
  • Ethereum News
  • Altcoin News
  • NFT News
  • Price Predictions
  • Google News

© 2022-2024 CryptoMufasa - All Rights Reserved!

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Don’t Miss Out on the Best in Crypto!

Stay ahead with a weekly digest of the top news and insights—no spam, no ads, just the essential updates delivered straight to your inbox. Subscribe now for valuable content you can trust!

johnsmith@example.com
subscribe to email

Never see this message again.