Fun

News Feed - 2023-07-31 03:07:29

Ana Paula Pereira5 hours agoBreaking: Curve Finance pools exploited in over $47M due to reentrancy vulnerabilitySeveral stable pools on Curve Finance using Vyper were exploited on July 30. Vyper versions 0.2.15, 0.2.16 and 0.3.0 are vulnerable to malfunctioning reentrancy locks.6239 Total views16 Total sharesListen to article 0:00Breaking newsJoin us on social networksUpdate (July 30, at 7:55 pm UTC): This article has been updated to provide more details about the exploit


Several stable pools on Curve Finance using Vyper were exploited on July 30, with losses reaching over $47 million. According to Vyper, its 0.2.15, 0.2.16 and 0.3.0 versions are vulnerable to malfunctioning reentrancy locks. 


"The investigation is ongoing but any project relying on these versions should immediately reach out to us," Vyper wrote on X. Based on an analysis of affected contracts by security firm Ancilia, 136 contracts used Vyper 0.2.15 with reentrant protection, 98 contracts used Vyper 0.2.16 and 226 contracts used Vyper 0.3.0.A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.

Other pools are safe. https://t.co/eWy2d3cDDj— Curve Finance (@CurveFinance) July 30, 2023


According to initial investigation, some versions of the Vyper compiler do not correctly implement the reentrancy guard, which prevents multiple functions from being executed at the same time by locking a contract. Reentrancy attacks can potentially drain all funds from a contract.


Vyper is a contract-oriented, pythonic programming language that targets the Ethereum Virtual Machine (EVM). Vyper similarities to Python makes the language one of the starting points for Python developers jumping into Web3. 


A number of decentralized finance projects were affected by the attack. Decentralized exchange Ellipsis reported that a small number of stable pools with BNB were exploited using an old Vyper compiler. Alchemix"s alETH-ETH also witnessed $13.6 million outflow, along with $11.4 million exploited on JPEGd’s pETH-ETH pool, and $1.6 million in Metronome’s sETH-ETH pool. Curving Finance CEO Michael Egorov later confirmed 32 million CRV tokens worth over $22 million had been drained from the swap pool in a Telegram channel.Certain type of Curve factory pool is encountering read-only reentrancy attack and causing a total loss of $11m(@JPEGd_69) + $13m(@AlchemixFi) + ...

Initial investigation founds that vyper compiler (0.2.15) doesn"t implement the reentrancy guard correctly.

add_liquidity and… pic.twitter.com/avaHdtSFsm— Tony KΞ (@tonyke_bot) July 30, 2023


The exploit sparked panic across the DeFi ecosystem, prompting a wave of transactions across pools and a rescue operation from white hats. Data from CoinMarketCap shows Curve Finance"s utility token Curve DAO (CRV) declining over 5% in reaction to the news. CRV"s liquidity has declined significantly in recent months, making it vulnerable to violent price swings, Cointelegraph reported. According to Curve Finance, crvUSD contracts and any pools with it were not affected by the attack.Curve DAO token prince on July 30, 2023. Source: CoinMarketCap.


Curve Finance is a DeFi protocol that enables the decentralized exchange (DEX) of stablecoins within Ethereum. The protocol has been targeted by a series of incidents within its ecosystem. Just a few days ago, its omnipool platform Conic Finance was exploited for $3.26 million in Ether (ETH), with nearly the entire amount stolen sent to a new Ethereum address in just one transaction.


DeFi protocols have been targeted by multiple attacks over the past months. According to a report by Web3 portfolio app De.Fi, more than $204 million was swindled through DeFi hacks and scams in the second quarter of 2023 alone.


Magazine: Should crypto projects ever negotiate with hackers? Probably# Hackers# Hacks# DeFi# Curve FinanceAdd reactionAdd reactionRelated NewsWhat are NFT royalties, and how do they work?Zero-knowledge tech development heats up amid bear marketWorldcoin is making reality look like a lot like Black Mirror‘Multichain was a big blow,’ says Andre Cronje as Fantom TVL slumpsCurve omnipool platform Conic Finance hacked for $3.2M in ETHAlphapo hot wallets hacked for over $31 million

News Feed
Bitcoin’s Four-Month Bear Trend Intact Even After 16% Price Rise
View Bitcoin remains trapped in a four-month falling channel despite registering double-digit gains last week. Prices could pull back to former resistance-turned-support of $8,800 in the next 24 hours. The bearish case w
2019-10-28 20:01 PM
Dapper Labs Partners With Chainalysis to Curb NFT-Based Money Laundering
Dapper Labs Partners With Chainalysis to Curb NFT-Based Money Laundering Dapper Labs, one of the most successful companies in the NFT space, has partnered with Chainalysis, a block
2021-10-08 19:30 PM
Bitcoin.com Exchange Announces Listing of New Digital Asset BUY by Burency
Bitcoin.com Exchange Announces Listing of New Digital Asset BUY by BurencyBitcoin.com Exchange is thrilled to announce the upcoming listing of a new digital asset on the 20th of Aug
2020-06-20 00:30 AM
Alameda Research Sues Grayscale Investments Seeking to Unlock Billions in Value for Shareholders
Alameda Research Sues Grayscale Investments Seeking to Unlock Billions in Value for Shareholders FTX Debtors and affiliate Alameda Research Ltd. have filed a lawsuit against Grays
2023-03-08 00:00 AM
OVR Land Map: The Biggest Detailed 3D Map of the Real World With NFTs
OVR Land Map: The Biggest Detailed 3D Map of the Real World With NFTs sponsored OVR AR Metaverse goes to a whole other level.Italian company OVRis announcing today the creation of t
2021-10-31 22:00 PM
Helen Partz10 hours agoCrypto investor protections won’t take effect in EU until late 2024Crypto asset service providers may not benefit from full rights and protections afforded to them under MiCA until as late as Jul
2023-10-17 22:15 PM
History of Crypto: Ethereum’s entry and Bitcoin’s expansion
Cointelegraph9 hours agoHistory of Crypto: Ethereum’s entry and Bitcoin’s expansionAs Bitcoin continued its early stages of development, the largest exchange at the time was on its way to ruin.4551 Total views24 Tota
2024-03-27 23:15 PM
Hacker Sent to Prison for Robbing Vietnamese Crypto Exchange
Hacker Sent to Prison for Robbing Vietnamese Crypto Exchange Authorities in Vietnam have caught and sentenced a hacker who stole money and data from a local cryptocurrency exchange
2023-01-09 16:30 PM
Arijit SarkarOct 06, 2023THORSwap goes into ‘maintenance mode’ to counter illicit funds movementTHORSwap acknowledged the ongoing illicit use of the DEX and is acting to find a permanent solution to the misuse.2180 T
2023-10-06 17:39 PM
RBI: Cryptocurrency Is a Big Threat to Macroeconomic and Financial Stability in India
RBI: Cryptocurrency Is a Big Threat to Macroeconomic and Financial Stability in India The governor of India’s central bank, the Reserve Bank of India (RBI), has reiterated h
2022-02-11 01:00 AM
Arijit Sarkar13 hours agoDeSci-focused DAO community funds cancer researchVitaDAO community agreed to fund early-stage cancer research through the launch of a biotech company named Matrix Biosciences.1840 Total views8 To
2023-10-17 19:53 PM
Who Audits the Auditors? Smart Contract Audit Token (SCATDAO) to Hold a Public Sale on KICK․IO
Who Audits the Auditors? Smart Contract Audit Token (SCATDAO) to Hold a Public Sale on KICK․IO press release PRESS RELEASE. The world of audit has always had an inherent problem,
2022-02-20 23:00 PM