Hackers stole round $62 million from Curve Finance on Sunday, inflicting a ripple impact all through the crypto sector and elevating questions concerning the power of the decentralized finance ecosystem.
Curve is likely one of the largest decentralized exchanges (DEX) within the crypto market at the moment, with about $1.67 billion in complete worth locked (TVL), in keeping with information on DeFi TVL aggregator DeFiLlama.
A handful of DeFi initiatives’ swimming pools had been additionally hacked, together with PEGd’s pETH/ETH: $11 million; Metronome’s msETH/ETH: $3.4 million; Alchemix’s alETH/ETH: $22.6 million; and Curve DAO: round $24.7 million, in keeping with Llama Danger’s post-exploit evaluation.
A bug present in older variations of the Vyper compiler contract programming language brought about a failure in a safety function utilized by a handful of Curve liquidity swimming pools. An admin in Curve Finance’s Telegram group declined to remark additional to starcrypto+ and referred us again to the post-exploit evaluation.
By crypto requirements, this wasn’t thought-about a “large” hack; Curve is a large DEX, and this hack makes up about 4% of its TVL. A portion of the exploit was finished by white hat hacker consumer c0ffeebabe.eth, who returned 2,879 ether, roughly $5.4 million, to Curve, in keeping with on chain information.
However this exploit isn’t the one downside Curve — and the broader crypto house — is dealing with.