A Public Bounty for Finding Remaining Funds in the Curve Finance Hack
Curve Finance has managed to recover 73% of the funds stolen during a hack that resulted in a loss of over $73 million worth of tokens. Here are the key points:
1. Funds Returned: Over the past week, $22 million in stolen ether and ether derivatives were returned. An ethical hacker, “c0ffeebabe.eth,” returned over $6 million from Metronome and a Curve trading pool, while another hacker returned $13 million from Alchemix.
2. Reentrancy Attack: Curve was hit by a reentrancy attack that allowed attackers to steal tokens from Curve, Metronome, and Alchemix. The attack was traced to faulty code on Vyper, a programming language used by Curve.
3. Bounty Offered: Curve initially offered a 10% bounty to attackers for the return of the funds. The attacker started returning funds to Alchemix after confirming the deposit address.
4. Remaining Stolen Funds: Over $18 million in stolen funds are still missing. Curve has now opened up a public bounty with a $1.8 million reward for anyone who can identify the exploiter and lead to a conviction in court.
5. Positive Developments: The return of funds has boosted sentiment for Curve and its governance tokens, CRV. CRV initially lost value but has since recovered and is trading at 61 cents.
Hot Take
The recovery of a significant portion of the stolen funds and the offering of a public bounty for the remaining funds demonstrate the resilience of the crypto community in addressing security breaches. It also highlights the importance of addressing vulnerabilities in smart contracts to prevent future attacks.
By
By
By
By