31.07.2023

There was an asset leak in Curve Finance

Yesterday, a hacker carried out a successful attack on the pools of stable coins of the Curve Finance decentralized crypto exchange. He was able to withdraw about $47 million. To do this, he exploited a vulnerability in Vyper.

Details about the hack


Representatives of the site reported that several pools of stablecoins that use Vyper 0.2.15 were able to hack, as there was a malfunction in the re-entry mechanism. At the moment, the situation is being assessed. We are talking about pools alETH, msETH, pETH. The rest remained untouched.


Vyper is a contract-oriented programming language. It is based on Python and is designed for Ethereum EVM. The developers noted that the above vulnerability is observed in Vyper 0.2.15, 0.2.16 and 0.3.0.


Ancilia analysts report that the software with the vulnerability is involved in 460 protocols.


Curve studies report that some program code compilers have incorrectly implemented re-entry protection. It was supposed to prevent multiple functions from being performed simultaneously due to account blocking.

31.07.2023
The regulator called on Coinbase to remove all coins from the listing, except Bitcoin
31.07.2023
Transactions on crypto exchanges are restricted at Bendigo Bank in Australia
28.07.2023
Bity filed a lawsuit against FINMA

The GRIN4 ecosystem

We have created a bot to make money on crypto exchanges. You set the settings, and he trades 24/7. Manage all assets from one service: with your own hands or with the help of algorithmic trading. Anonymously. Simply. Stress-free.
Learn about the bot