Saturday, May 18, 2024
spot_img
HomeInvestmentCurve Finance pools exploited in over $24M due to reentrancy vulnerability By...

Curve Finance pools exploited in over $24M due to reentrancy vulnerability By Cointelegraph

[ad_1]



Several stable pools on Curve Finance using Vyper were exploited on July 30, with losses reaching $24 million at the time of writing. According to Vyper, its 0.2.15, 0.2.16 and 0.3.0 versions are vulnerable to malfunctioning reentrancy locks.

“The investigation is ongoing but any project relying on these versions should immediately reach out to us,” Vyper wrote on X. Based on an analysis of affected contracts by security firm Ancilia, 136 contracts used Vyper 0.2.15 with reentrant protection, 98 contracts used Vyper 0.2.16 and 226 contracts used Vyper 0.3.0.

Curve DAO token prince on July 30, 2023. Source: CoinMarketCap.