Curve-Vyper exploit: The whole story so far

The hack: Curve Finance swimming pools are exploited for over $61 million due to reentrancy vulnerabilitySeveral stable swimming pools on Curve Finance using the Vyper shows language were made use of on July 30, with losses reaching over $61 million (overall losses were at first estimated at $47 million). Alchemixs alETH-ETH also experienced $13.6 million of outflows due to the attack, along with $11.4 million exploited on JPEGds pETH-ETH pool and $1.6 million from Metronomes sETH-ETH pool. Curve Finance CEO Michael Egorov likewise confirmed that 32 million Curve DAO (CRV) tokens worth over $22 million had been drained from the swap pool.Curves Michael Egorov validated the theft of 32 million Curve DAO tokens on July 30. Curve Finance founder Michael Egorov had around $100 million in loans backed by 47% of the circulating supply of the procedures native token, CRV.However, the CRV cost dropped nearly 30% following the hack, falling to a low of $0.48 in the middle of worries that Egorovs collateralized loans would be liquidated.To lower his financial obligation position, Egorov sold 39.25 million CRV tokens to numerous significant DeFi financiers, consisting of Justin Sun, Machi Big Brother and DWF Labs, for a total of $15.8 million. Hours later on, another ethical hacker seized almost 3,000 ETH and returned the ETH to Curves deployer address.Amid worries of liquidation surrounding Egorovs loans, Jun Du, the co-founder of Huobi, purchased 10 million CRV for $4 million from Curves CEO.

The hack: Curve Finance swimming pools are exploited for over $61 million due to reentrancy vulnerabilitySeveral stable pools on Curve Finance using the Vyper programs language were exploited on July 30, with losses reaching over $61 million (overall losses were initially estimated at $47 million). Alchemixs alETH-ETH also saw $13.6 million of outflows due to the attack, along with $11.4 million made use of on JPEGds pETH-ETH pool and $1.6 million from Metronomes sETH-ETH pool. Curve Finance CEO Michael Egorov also confirmed that 32 million Curve DAO (CRV) tokens worth over $22 million had been drained pipes from the swap pool.Curves Michael Egorov validated the theft of 32 million Curve DAO tokens on July 30.

Curves CEO scurries to pay collateralized loansThreats elsewhere could likewise trigger causal sequences throughout DeFi. Curve Finance creator Michael Egorov had around $100 million in loans backed by 47% of the distributing supply of the procedures native token, CRV.However, the CRV price dropped almost 30% following the hack, falling to a low of $0.48 amid worries that Egorovs collateralized loans would be liquidated.To minimize his financial obligation position, Egorov sold 39.25 million CRV tokens to several noteworthy DeFi investors, consisting of Justin Sun, Machi Big Brother and DWF Labs, for an overall of $15.8 million. The purchasers purchased CRV at $0.40 per token, a 25% discount rate to the marketplace cost at the time. In addition, Egorov made partial payments on two loans on Aave and Frax Finance.CEX cost feed prevents Curve rate from collapsingThe CRV token rate collapsed on the DeFi market due to the substantial draining of a number of pools; however, it was ultimately conserved by the centralized exchange (CEX) price feed. The CRV price hit $0.086 on DEXs but traded at $0.60 on CEXs, preventing the tokens price from collapsing to no. The paradoxical incident drew the attention of Binance CEO Changpeng Zhao, who laughed at the truth that, in the end, it was a CEX cost feed that conserved the DeFi protocol.Also responding to an unpredictable environment, Curves native stablecoin, crvUSD, briefly depegged on Aug. 3. The algorithmic stablecoin fell by as much as 0.35% before regaining its peg to the United States dollar. Recently released, crvUSD utilizes a mechanism for preserving its peg called the PegKeeper algorithm, which guarantees that the crvUSD worth is appropriately backed by collateral while balancing supply and demand.DeFi community: Ethical hacker recovers $5.4 M for Curve Finance amid exploitDuring the crisis, the DeFi neighborhood waited Curve Finance. On July 31, a white hat hacker managed to recover around 2,879 Ether worth around $5.4 million from an exploiter and returned the ETH to Curve Finance. Hours later on, another ethical hacker took practically 3,000 ETH and returned the ETH to Curves deployer address.Amid worries of liquidation surrounding Egorovs loans, Jun Du, the co-founder of Huobi, acquired 10 million CRV for $4 million from Curves CEO. Additionally, Aave Chan creator Marc Zeller proposed the Aave Treasury purchase $2 million worth of CRV tokens from the procedure. According to the proposition, the acquisition would indicate that DeFi gamers support the health of the environment. What about crvUSD? How does its cost respond to shock occasions, does it depeg?Events of current days felt similar to SVB/USDC circumstance in some sense. However, crvUSD had simply a 0.35% dip, and currently 0.1% from the peg pic.twitter.com/HaMfbkiFSR— Curve Finance (@CurveFinance) August 3, 2023

The return of funds: Curve, Metronome and Alchemix using 10% bug bounty; hacker takes itOn Aug. 3, Curve, Metronome and Alchemix jointly revealed an initiative to recuperate taken funds from the recent exploits of Curves pools. The procedures offered a 10% bounty of the seized funds as a reward, advising those responsible for the make use of to step forward and return the remaining 90%, which would bring the bounty close to $7 million.The offer came with an assurance of no more legal actions or participation of law enforcement. Source: EtherscanA overall of $8.9 million worth of cryptocurrency has actually been returned at the time of composing, equivalent to roughly 15% of the overall amount drained pipes.