Crypto Mufasa
Advertise
  • Crypto News
    • General News
    • Bitcoin News
    • Altcoin News
    • Ethereum News
  • NFT NEWS
  • Beginner Guides
  • Price Predictions
  • Crypto Prices
No Result
View All Result
  • Login
  • Register
  • Crypto News
    • General News
    • Bitcoin News
    • Altcoin News
    • Ethereum News
  • NFT NEWS
  • Beginner Guides
  • Price Predictions
  • Crypto Prices
No Result
View All Result
Crypto Mufasa
No Result
View All Result
Home General News

Reentrancy vulnerability in Curve Finance pools exploited for over $24M.

James by James
July 30, 2023
in General News, Altcoin News
Reading Time: 3 mins read
A A
0
curve finance hack
Share on FacebookShare on Twitter
ADVERTISEMENT

The world of decentralized finance (DeFi) was sent into a frenzy on July 30 when several stable pools on Curve Finance, using Vyper, fell victim to an exploit, resulting in staggering losses of $24 million. Vyper disclosed that its 0.2.15, 0.2.16, and 0.3.0 versions were susceptible to malfunctioning reentrancy locks, leaving many projects relying on these versions vulnerable.

Curve Finance Vulnerability: $24 Million Losses and DeFi Impact

Security firm Ancilia conducted an analysis of the affected contracts, revealing that 136 contracts utilized Vyper 0.2.15 with reentrant protection, 98 contracts deployed Vyper 0.2.16, and 226 contracts were dependent on Vyper 0.3.0.

A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.

Other pools are safe. https://t.co/eWy2d3cDDj

— Curve Finance (@CurveFinance) July 30, 2023

Initial investigations pointed towards certain versions of the Vyper compiler failing to implement the reentrancy guard correctly. This guard is crucial in preventing multiple functions from being executed simultaneously by locking a contract, thereby thwarting potential reentrancy attacks that could drain all funds from the contract.

Vyper, which is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM), has become a well-liked option for Python developers who are moving into the Web3 space.

You May AlsoLike

Mixin Network Falls Victim to $200 Million Security Breach

Mixin Network Falls Victim to $200 Million Security Breach

September 25, 2023
Shiba Inu’s Price Turns Green After A Brief Bearish Phase

Shiba Inu’s Price Turns Green After A Brief Bearish Phase

September 25, 2023

The attack had far-reaching consequences, impacting various decentralized finance projects. Exchange on a decentralized level Ellipsis disclosed the use of a dated version of the Vyper compiler in their exploit of a few stable pools. Meanwhile, Alchemix’s alETH-ETH experienced an outflow of $13.6 million, along with JPEGd’s pETH-ETH pool witnessing $11.4 million exploited and Metronome’s sETH-ETH pool losing $1.6 million.

Certain type of Curve factory pool is encountering read-only reentrancy attack and causing a total loss of $11m(@JPEGd_69) + $13m(@AlchemixFi) + …

Initial investigation founds that vyper compiler (0.2.15) doesn't implement the reentrancy guard correctly.

add_liquidity and… pic.twitter.com/avaHdtSFsm

— Tony KΞ (@tonyke_bot) July 30, 2023

The exploit set off a chain reaction of panic across the DeFi ecosystem, prompting a flurry of transactions across pools and a rescue operation by white hats. As a result, Curve Finance’s utility token Curve DAO (CRV) recorded a decline of over 5% in response to the news. The declining liquidity of CRV in recent months exposed it to significant price swings, increasing its vulnerability, as previously reported by Cointelegraph. Notably, Curve Finance confirmed that crvUSD contracts and associated pools remained unaffected by the attack.

curve finance price chart
source: coinstats

Curve Finance, a prominent DeFi protocol facilitating the decentralized exchange of stablecoins within Ethereum, has been the target of a series of incidents within its ecosystem. Merely days before this event, its omnipool platform Conic Finance was exploited for $3.26 million in Ether, with the majority of the stolen funds redirected to a new Ethereum address in a single transaction.

The DeFi space has been grappling with numerous attacks in recent times. According to a report by DeFi, a Web3 portfolio app, more than $204 million was lost to DeFi hacks and scams in the second quarter of 2023 alone. The ongoing challenges faced by DeFi protocols underscore the need for robust security measures and heightened vigilance within the ever-evolving landscape.

Tags: CurveDAOhackvulnerability
Share76Tweet48
ADVERTISEMENT
Previous Post

Barbie Star Margot Robbie’s Unique Take on Bitcoin Sparks Crypto Community’s Interest

Next Post

Binance Becomes The 1st Cryptocurrency Exchange To Get A Major License In Dubai

James

James

James is a 33-year-old cryptocurrency enthusiast who has been involved in the industry since 2017. He has always been a keen follower of the crypto space and has experience in trading and mining cryptocurrencies. Since then, James has also written numerous articles on the subject and is passionate about sharing his knowledge and insights with others.

Related Posts

Mixin Network Falls Victim to $200 Million Security Breach
General News

Mixin Network Falls Victim to $200 Million Security Breach

September 25, 2023
Shiba Inu’s Price Turns Green After A Brief Bearish Phase
Altcoin News

Shiba Inu’s Price Turns Green After A Brief Bearish Phase

September 25, 2023
3 Cryptocurrencies To Avoid Trading In The Upcoming Week
Altcoin News

3 Cryptocurrencies To Avoid Trading In The Upcoming Week

September 22, 2023
Ripple vs. SEC Lawsuit Update For September 2022
Altcoin News

Ripple vs. SEC Lawsuit Update For September 2022

September 22, 2023
Crypto Taxes India: WazirX CEO’s Forecast For The Next Two Years
Bitcoin News

Crypto Taxes India: WazirX CEO’s Forecast For The Next Two Years

September 22, 2023
XRP Takes The Throne As The Most Traded Altcoin on US Crypto Exchanges
Altcoin News

XRP Takes The Throne As The Most Traded Altcoin on US Crypto Exchanges

September 21, 2023
Next Post
Binance Becomes The 1st Cryptocurrency Exchange To Get A Major License In Dubai

Binance Becomes The 1st Cryptocurrency Exchange To Get A Major License In Dubai

Discussion about this post

Live Prices

Stay Connected

You May Also Like

  • Terra Classic Price Prediction: What Is an Ideal LUNC Buy Zone?

    Terra Classic Price Prediction: What Is an Ideal LUNC Buy Zone?

    201 shares
    Share 80 Tweet 50
  • Elon Musk’s Silence And Its Impact On DOGECOIN

    194 shares
    Share 78 Tweet 49
  • Grayscale vs. SEC Decision Boosts XRP

    194 shares
    Share 78 Tweet 49
  • 3 Cryptocurrencies To Avoid Trading In The Upcoming Week

    193 shares
    Share 77 Tweet 48
  • Bitcoin (BTC) vs. Worldcoin (WLD) Comparative Study

    192 shares
    Share 77 Tweet 48
  • About Us
  • Contact Us
  • Work With Us
  • Privacy Policy
  • Terms Of Service

© 2022-2023 CryptoMufasa - All Rights Reserved!

No Result
View All Result
  • General News
  • Beginner Guides
  • Bitcoin News
  • Ethereum News
  • Altcoin News
  • NFT News
  • Price Predictions
  • Google News

© 2022-2023 CryptoMufasa - All Rights Reserved!

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

*By registering into our website, you agree to the Terms Of Services and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.