🚨 Get Your Free NFT Certificate Mint by Completing the Web3 Exam! START NOW
My Learnlist: Coming Soon!
My Learnlist: Coming Soon!

Learn by real-life examples: Select, Track & Understand any cryptos with the unique Learnlist feature!

Notify Me!
Portfolio: Coming Soon!
Portfolio: Coming Soon!

Set your wallet & get powerful insights backed by data. Easily learn how to use it for your highest rewards!

Notify Me!

$47 Million Vanishes from Curve Finance Pools Due to Reentrancy Vulnerability

$47 Million Vanishes from Curve Finance Pools Due to Reentrancy Vulnerability

The DeFi ecosystem suffers yet another exploit shaking the grounds of several crypto-related firms.

The cryptocurrency world was rattled on July 30th when Curve Finance, a decentralized finance (DeFi) protocol, experienced an exploit in its stable pools, resulting in losses exceeding $47 million.

The incident was attributed to the reentrancy lock malfunction of Vyper's 0.2.15, 0.2.16, and 0.3.0 versions.

What is a Crypto Mining Pool? Is it Worth it? (Beginner-Friendly)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is a Crypto Mining Pool? Is it Worth it? (Beginner-Friendly)

What is a Crypto Mining Pool? Is it Worth it? (Beginner-Friendly) What is a Crypto Mining Pool? Is it Worth it? (Beginner-Friendly)

Curve Finance utilizes Vyper, a contract-oriented, Python-like language mainly targeted toward the Ethereum Virtual Machine (EVM). Vyper's similarities to Python have made it a preferred choice for Python developers entering the Web3 landscape.

According to Vyper, the issue lies in specific versions of their compiler failing to implement a reentrancy guard. This security feature is crucial in preventing reentrancy attacks, which can empty a contract's funds by running several functions concurrently. Vyper urged any projects using the implicated versions to contact the company immediately.

The investigation is ongoing but any project relying on these versions should immediately reach out to us.

Ancilia, a prominent security firm, analyzed the impacted contracts. Their findings reveal that 136 contracts utilized Vyper 0.2.15 with reentrant protection, with another 98 and 226 contracts using versions 0.2.16 and 0.3.0, respectively.

The cyber heist had a broad impact on the DeFi ecosystem. The decentralized exchange Ellipsis acknowledged that several stable pools were exploited due to an old Vyper compiler. Alchemix's alETH-ETH observed an outflow of $13.6 million, while the JPEGd’s pETH-ETH and Metronome's sETH-ETH pools witnessed exploitations amounting to $11.4 million and $1.6 million, respectively.

Curve Finance CEO Michael Egorov subsequently verified that over 32 million CRV tokens, equivalent to over $22 million, had been siphoned from the swap pool.

The fallout of the exploit rippled across the DeFi sector, prompting a flurry of transactions across pools and instigating a damage control initiative from white hats. Curve Finance’s utility token, Curve DAO (CRV), saw a drop of over 12% in response to the incident.

The recent incident adds to a growing list of attacks on DeFi protocols.

A report published by the Web3 portfolio app De.Fi highlights the grim reality, with over $204 million being siphoned off through DeFi scams and hacks in the second quarter of 2023 alone. The unfortunate events emphasize the need for more robust security measures within the crypto space.

Gile K., Market Sentiment Analyst
Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.



Earn Huge Exclusive Binance Learners Rewards