The project team pledged to give the impacted users their crypto back.
Affected Curve Pools
A significant hack that affected Curve Finance twice occurred on July 30. A re-entry vulnerability in the pools allowed hackers to steal around $26 million at first. A second phase of the attack then ensued, during which the perpetrators removed 7.1 million CRVs worth $4.4 million and 7,680 WETH worth $14.37 million from the CRV-ETH pool.
The event happened as a result of issues with re-entry into the Curve smart code being made possible by a flaw in an obsolete version of the Vyper programming language. As a result, TVL decreased from $3.26 billion to $1.72 billion, or approximately 46%, in a single day.
The event, according to analysts at the Kaiko platform, has seriously damaged trust in the stETH-ETH pool, which is still experiencing huge money withdrawals and is running out of liquidity.
70% of Stolen Funds Recovered
70% of the money that was taken has so far been returned by Curve. This was significantly aided by white-hat hackers like Coffeebabe.eth. To determine how to disperse the assets that were recovered, the project team is evaluating the losses incurred by users.
Additionally, Curve is aggressively looking for ways to collect the remaining $18.5 million. The protocol promised a 10% reward of this sum on August 6 in exchange for the hacker’s identification. The squad will decide not to go after the attacker if the stolen goods are all found.
Curve Ecosystem’s Steady Recovery
Even though the attack was only used for two weeks, the Curve ecology is already recovering significantly. Binance Labs just made a $5 million investment in the CRV cryptocurrency. The project also got a lot of help from Justin Sun, the creator of Tron.
Additionally, the overall value of the assets locked on Curve has begun to increase. DeFillama claims that over the previous week, TVL grew by 2% to $2.41 billion.