CRV token on a slippery slope following Curve hack

July 31, 2023 11:16 PM AEST | By Invezz

CRV token on a slippery slope following Curve hack — Image source: Invezz

Specific pools affected by the Curve hack

While Curve Finance initially stated that three pools had been affected by the Curve hack, the decentralized finance (DeFi) platform has today acknowledged that the crv/ETH pool was also affected; bringing the total number of affected pools to four.

While Curve Finance has urged that the hacker(s) have not been able to access the funds in the hacked pools, the platform has asked its users to withdraw their funds from these pools as a precaution just in case the hacker outsmarts its auditors and Vyper developers.

Just to re-iterate. Although no way to drain the pool found – please withdraw from this onehttps://t.co/EK3bx5P30V https://t.co/PHsNTqOrNZ
— Curve Finance (@CurveFinance) July 31, 2023

How did the hacker exploit Curve Finance?

Most people including developers acknowledge that the Curve hack is not something a typical researcher would have looked for. The hacker “dug deep” into the protocol’s release history to find an exploitable issue for the protocol that has many millions at stake. The hacker definitely used a significant amount of time to identify the vulnerability.

Curve has pointed out that the best way to avoid being caught up in the mess is by migrating to contracts that use the most recent versions. In a tweet, Curve Finance said that “Vyper 0.3.7+ was well refactored and audited. This is not a guarantee (nothing is), but better to be migrating to contracts using the most recent versions”

The post CRV token on a slippery slope following Curve hack appeared first on Invezz.

Disclaimer

The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations and video (Content) is a service of Kalkine Media Pty Ltd (Kalkine Media, we or us), ACN 629 651 672 and is available for personal and non-commercial use only. The principal purpose of the Content is to educate and inform. The Content does not contain or imply any recommendation or opinion intended to influence your financial decisions and must not be relied upon by you as such. Some of the Content on this website may be sponsored/non-sponsored, as applicable, but is NOT a solicitation or recommendation to buy, sell or hold the stocks of the company(s) or engage in any investment activity under discussion. Kalkine Media is neither licensed nor qualified to provide investment advice through this platform. Users should make their own enquiries about any investments and Kalkine Media strongly suggests the users to seek advice from a financial adviser, stockbroker or other professional (including taxation and legal advice), as necessary. Kalkine Media hereby disclaims any and all the liabilities to any user for any direct, indirect, implied, punitive, special, incidental or other consequential damages arising from any use of the Content on this website, which is provided without warranties. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media. Some of the images/music that may be used on this website are copyright to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures displayed/music used on this website unless stated otherwise. The images/music that may be used on this website are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source wherever it was indicated as or found to be necessary.