- Curve Finance, A DeFi stablecoin lending platform, has assured its users a refund following the July 30 security breach that saw the firm lose $62 million
- The effects of this attack ran through the entire DeFi ecosystem, highlighting the lack of incentives for discovering and reporting bugs in previous software versions.
- Alchemix’s alETH-ETH, JPEGd’s pETH-ETH pool, and Metronome’s sETH-ETH pool suffered a loss of $13.6 million, $11.4 million, and $1.6 million, respectively.
Curve Finance, A DeFi stablecoin lending platform has assured its users a refund following the July 30 significant security breach that saw the firm lose $62 million. The protocol found itself falling to malicious actors who exploited its Vyper compiler release history.
Speculators reveal that the hack was well orchestrated and could have possibly taken weeks of planning. Among the pools that were affected by the hack include CRV/ ETH, alETH/ETH, msETH/ETH, and pETH/ETH. Additionally, there is a growing concern that the tri-crypto pool on Arbitrum might have been compromised.
The hacker accepts to return the funds
In an interesting turn of events, the hacker had a change of heart and is returning the stolen funds. Curve Finance declared a 10 percent bounty reward to whoever helped them recover the funds. The hacker accepted the bounty and began returning the stolen assets in portions.
Etherscan data shows the trail of the hacker, whose first transaction was to return 4, 821 ETH to Alchemist Finance. However, the decision to return to Alchemist rather than Curve Finance has raised eyebrows to the genuinety of the hacker.
This hack has rippled throughout the system, further destroying the market’s reputation. The Decentralized ecosystem remains on edge awaiting further developments.
Digging deeper into the Curve Finance hack
Unfortunately, the same factor that made Curve Finance so famous is the same factor that lured crypto hackers. According to investigators, the crypto hacks mainly targeted their famous liquidity pool and managed to bypass its standard blockchain security measures. In addition, hackers used a Vyper programming language to exploit the stable pools running within its ecosystem. The Vyper Vulnerability did more damage after investigators discovered the exploit had been in other DeFi projects.
Vyper is a contract programming language designed to Ethereum Virtual machine. It is one of the sots widely used programming languages in Web3. The discovery of this exploit shakes the foundation of the entire industry. It contains a history o exploitation, but among its failures was the loss of 584.05 Ether tokens.
The Vyper exploit affected the decentralized exchange Ellipsis which reported several missing BNB tokens from its pool. Alchemix’s alETH-ETH, JPEGd’s pETH-ETH pool, and Metronome’s sETH-ETH pool also suffered a loss of $13.6 million, $11.4 million, and $1.6 million, respectively.
The Vyper exploited significantly damaged Layer Two projects withinEtherum’s blockchain network causing many to question the titan’s security measures. Michael was forced to announce a 32 million missing Curve DAO(CRV) token worth $22 million from the exploit. Preliminary investigations discovered that the crypto hack existed before the recent incident. They unearthed several older versions of the Vyper Exploit, indicating how weak its systems were.
The crypto hack has caused quite the panic as security analysts warn other Defi projects to avoid utilizing Vyper-based applications. In addition, they have also caused the developers in Ethereum since the wrapped Ether token might be at risk of a potential crypto hack.
Curve Finance whitepaper
There are currently thousands of crypto coins alongside hundreds of crypto exchanges, each eyeing to dethrone Bitcoin. Amid this competitive race stands Ethereum, which has chosen a different path from the original cryptocurrency. According to Vitalik Buterin, Ethereum exist to improve the entire web3 ecosystem.
Curve Finance has developed a suitable blockchain ecosystem to achieve this, willing numerous developers to create and develop new blockchain-based systems. Along its long line of success stands Curve Finance which took a rather rudimentary approach to the entire market.
Curve Finance is a popular automated market maker platform offering efficient ways to exchange tokens while maintaining low fuel charges. Its functionalities are similar to Uniswap and the balancer, with significant difference intel the approach. Curve Finance resides within Ethereum’s blockchain network as a Decentralized exchange. Unlike its peers, this DEX accommodates liquidity polls of stable coins or wrapped versions of cryptocurrencies like wBTC and tBTC.
Michael Egorov founded the Decentralized Exchange in 2020 to create an Automated Market Maker(AMM) exchange that provides low fees and efficient fiat savings accounts for liquidity providers. An AMM exchange allows digital assets to be traded permissionless ad automatically through liquidity pools.
Curve Finance has implemented several systems that stabilize the high volatility of serval tokens in its pool, like wBTC and tBTC. This is because the decentralized exchange forgoes its need to stabilize its value in correspondence with BTC and instead stabilizes its value relative to another token within the pool.