Recent Updates
16:00
Bitcoin's Weekend Trading Volume Hits Historic Low in 2024
15:00
NFT Sales Plummet 44% in Q2 Amid Memecoin Frenzy and Market Downturn
14:00
McGlone Explains What Will Happen to Bitcoin "If the Bubble Bursts"
13:00
Binance Faces Major Legal Setback in SEC Case
12:00
TON Token: A Future Contender Against Ethereum?
10:30
Latest on Bitcoin and Cryptocurrencies - July 1
10:00
Will Bitcoin Bounce Back in July? Analysts Share Optimistic Forecasts
Crypto:
30445
Bitcoin:
$62.788
% 1.98
BTC Dominance:
%53.4
% 0.12
Market Cap:
$2.29 T
% 1.42
Fear & Greed:
47 / 100
Bitcoin:
$ 62.788
BTC Dominance:
% 53.4
Market Cap:
$2.29 T
News, Crypto News

Curve Finance Awarded a Security Researcher

Efe Nail Saltık
Update Date: 01 May 2024 12:38:45
SUBSCRIBE: Youtube Google News
Curve Finance
01
May

Curve Finance awarded the maximum bug bounty of $250,000 to cybersecurity researcher Marco Croc after thoroughly investigating the vulnerability. A security researcher has been rewarded $250,000 for discovering a vulnerability that has allowed hackers to siphon millions of dollars from crypto protocols in the past.

Pseudonymous cybersecurity researcher Marco Croc of Kupia Security has identified a reentrant vulnerability in decentralized finance (DeFi) protocol Curve Finance. In an X thread, he explained how the bug could be exploited to manipulate balances and withdraw funds from liquidity pools.

Marco Croc explained that Curve Finance acknowledges potential vulnerabilities and “recognizes the severity of the vulnerability.” After a thorough investigation, Curve Finance awarded Marco Croc the maximum error award of $250,000.

According to Curve Finance, the threat was not classified as “very dangerous” and they believed that they would be able to recover the stolen funds in such a situation. However, the protocol noted that a security incident of any scale “might have created serious panic.”

Curve Finance survived a $62 million hack in July. As part of returning to normalcy, the DeFi protocol voted to compensate liquidity providers (LPs) worth $49.2 million in assets.

On-chain data confirms that 94% of token holders have approved the distribution of over $49.2 million worth of tokens to cover losses of Curve, JPEG’d (JPEG), Alchemix (ALCX), and Metronome (MET) pools.

According to Curve’s proposal, the community fund will provide Curve DAO (CRV) tokens. The final amount includes a deduction for tokens recovered since the incident.

“In total, the recovery of ETH 2,887 was calculated to be 5919.2226 ETH, the CRV to be recovered was calculated to be 34,733,171.51 CRV, and the total to be distributed was calculated to be 55,544,782.73 CRV,” the proposal states.

READ:  Justin Sun Gives Encouraging News!

The attacker exploited a vulnerability in stable repositories using some versions of the Vyper programming language. The bug made Vyper versions 0.2.15, 0.2.16 and 0.3.0 vulnerable to reentrant attacks.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *