Fun

Curve Finance awards dev $250K for finding reentrancy vulnerability

News Feed - 2024-05-01 07:05:33

Arijit Sarkar13 hours agoCurve Finance awards dev $250K for finding reentrancy vulnerabilityCurve Finance awarded cybersecurity researcher Marco Croc with its maximum bug bounty award of $250,000 after thoroughly investigating the security flaw.2452 Total views3 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksA security researcher was rewarded $250,000 for discovering a vulnerability that has historically allowed hackers to pull out millions of dollars from cryptocurrency protocols. 


Pseudonymous cybersecurity researcher Marco Croc from Kupia Security identified a reentrancy vulnerability in decentralized finance (DeFi) protocol Curve Finance.


In an X thread, he explained how the bug could be exploited to manipulate balances and withdraw funds from liquidity pools.


Curve Finance acknowledged potential security flaws and “recognized the severity of the vulnerability,” Marco Croc explained. After a thorough investigation, Curve Finance awarded Marco Croc its maximum bug bounty award of $250,000.Source: Curve Finance


According to Curve Finance, the threat was classified as “not as dangerous,” and they believed they could recover the stolen funds in such a case. 


However, the protocol said a security incident of any scale “could have caused serious panic if it had happened.”


Related:Curve Finance debt will cause "one more stress test" in February — Analyst


Curve Finance recently recovered from a $62 million hack in July. As part of returning to normalcy, the DeFi protocol voted to reimburse $49.2 million worth of assets to the liquidity providers (LPs).Source: Curve Finance


On-chain data confirms that 94% of tokenholders approved the disbursement of tokens worth over $49.2 million to cover the losses of the Curve, JPEG’d (JPEG), Alchemix (ALCX) and Metronome (MET) pools.


According to Curve’s proposal, the community fund will supply the Curve DAO (CRV) tokens. The final amount also includes a deduction for the tokens recovered since the incident.


“The overall ETH to recover was calculated as 5919.2226 ETH, the CRV to recover was calculated as 34,733,171.51 CRV and the total to distribute was calculated as 55’544’782.73 CRV,” reads the proposal.


The attacker exploited a vulnerability on stable pools using some versions of the Vyper programming language. The bug made Vyper’s 0.2.15, 0.2.16 and 0.3.0 versions vulnerable to reentrancy attacks.


Magazine:68% of Runes are in the red — Are they really an upgrade for Bitcoin?# Business# Rewards# Awards# Hackers# Hacks# DeFi# Curve FinanceAdd reaction

News Feed
CEO of Mirror Trading International Bitcoin Ponzi Scheme Arrested in Brazil
CEO of Mirror Trading International Bitcoin Ponzi Scheme Arrested in Brazil Johann Steynberg, the wanted CEO of Mirror Trading International was recently arrested by Brazilian law
2022-01-08 21:30 PM
MTV Airs Only the Negative Parts of Crypto Youtuber ‘Ya Girl’ Rachel Siegel’s Bitcoin Analysis
MTV Airs Only the Negative Parts of Crypto Youtuber ‘Ya Girl’ Rachel Siegel’s Bitcoin Analysis A new television series by MTV features arguably the channel’s first cr
2020-03-01 22:45 PM
Summer will offer ‘perfect opportunity’ for investing in crypto — Arthur Hayes
Marco Castrovilli8 hours agoSummer will offer ‘perfect opportunity’ for investing in crypto — Arthur HayesThe BitMEX co-founder says the current phase of price consolidation is ideal for accumulating crypto before
2024-05-07 01:01 AM
Reddit Reportedly Testing NFT Profile Pic Functionality
Reddit Reportedly Testing NFT Profile Pic Functionality Reddit, one of the largest micro-posting sites on the internet, is reportedly venturing further into the world of non-fungib
2022-01-28 14:30 PM
Martin Young4 hours agoSolana records 1 outage in first half of 2023, 100% uptime in Q2The Solana network is seeing steady improvements in performance and reliability as outages become more infrequent.2201 Total views25
2023-07-21 13:32 PM
Sending Cash to Friends and Family Through Bitcoin ATMs Is Safer Than Crowding Bank Offices During Pandemic
Sending Cash to Friends and Family Through Bitcoin ATMs Is Safer Than Crowding Bank Offices During Pandemic Transferring money over traditional channels may involve a lot of queu
2020-03-16 18:15 PM
Matt Damon Shares Story Behind His Crypto Commercial
Matt Damon Shares Story Behind His Crypto Commercial Famous Hollywood actor Matt Damon has revealed the story of how he became involved in creating a cryptocurrency commercial call
2023-04-01 11:30 AM
Gareth Jenkinson1 hour agoSam Bankman-Fried $500M Anthropic stake irrelevant to case, prosecutors sayUnited States prosecutors argue that the potential for FTX investors to be made whole through the high valuation of Ant
2023-10-09 16:38 PM
Tristan Greene2 hours agoCrypto market loses $486M in July, most since 2022: ReportAccording to the report, nearly half of the month’s losses were caused by the Multichain exploit, which resulted in $231 million in los
2023-08-01 06:30 AM
Valve Bans Games Built on Blockchain, NFTs, and Cryptocurrencies From Steam Gaming Platform
Valve Bans Games Built on Blockchain, NFTs, and Cryptocurrencies From Steam Gaming Platform This past week, Valve, the parent company of the video game digital distribution service
2021-10-18 04:00 AM
Crypto users fooled by fake Elizabeth Warren letter proposing crypto tax
Turner Wright4 hours agoCrypto users fooled by fake Elizabeth Warren letter proposing crypto taxThe fake letter addressed to U.S. President Joe Biden suggested a 1% wealth tax on crypto holdings exceeding $500,000.3831 T
2024-04-23 04:05 AM
Crypto Tops Investor Threats for US Securities Regulators
Crypto Tops Investor Threats for US Securities Regulators U.S. state securities regulators have revealed that cryptocurrency investments are their top investor threat this year. &#
2022-01-12 07:30 AM