Home Finance & Fintech Curve Finance Exploit Puts $100M+ Worth of Crypto at Risk; CRV Token Tumbles

Curve Finance Exploit Puts $100M+ Worth of Crypto at Risk; CRV Token Tumbles

by delta
0 comment

Curve, a stablecoin exchange at the heart of decentralized finance (DeFi) on Ethereum, has been the victim of an exploit according to a tweet from the project.

Upwards of $100 million worth of cryptocurrency are at risk due to a “re-entrancy” bug in Vyper, a programming language used to power parts of the Curve system. Several stablecoin pools on the platform — used for pricing and liquidity on a number of different DeFi services — have been drained by hackers so far.

Other projects that use the Vyper programming language could share the same vulnerability.

It was unclear at press time how much had been drained from Curve as a result of the attack. BlockSec, a blockchain auditing firm, estimated the total losses above $42 million in a preliminary analysis posted to Twitter.

Curve operates 232 different pools, according to its website, but only pools using Vyper versions 0.2.15, 0.2.16 and 0.3.0 are at risk, said mimaklas, a member of the team in a Discord announcement.

Mimaklas also said that “all affected pools have been drained or white hacked, and the team is assessing the situation with affected teams.”

The heist destabilized trading markets for Curve DAO’s native CRV token, which was down 17% on the day at a price of $0.61 as of press time. That price action threatened to compound the chaos by potentially forcing a liquidation on the founder of Curve’s $70 million borrowing position on Aave.

UPDATE (July 30, 2023, 21:25 UTC): Adds additional information.

You may also like

Leave a Comment


Delta-Compliance.com is a premier news website that provides in-depth coverage of the latest developments in finance, startups, compliance, business, science, and job markets.

Editors' Picks

Latest Posts

This Website is operated by the Company DELTA Data Protection & Compliance, Inc., located in Lewes, DE 19958, Delaware, USA.
All feedback, comments, notices of copyright infringement claims or requests for technical support, and other communications relating to this website should be directed to: info@delta-compliance.com. The imprint also applies to the social media profiles of DELTA Data Protection & Compliance.

Copyright ©️ 2023  Delta Compliance. All Rights Reserved