Curve-Vyper exploit: The whole story so far

The decentralized finance (DeFi) ecosystem has experienced a challenging week after a seismic security incident led to over $61 million being stolen from Curve Finance’s pools, leaving several protocols facing broader contagion risks.

This attack exposed vulnerabilities across DeFi projects and sparked efforts to recover stolen funds over the past few days.

As the community navigates the aftermath of this exploit, Cointelegraph compiled the week’s events, presenting a timeline of what happened since the hack on July 30.

The hack: Curve Finance pools are exploited for over $61 million due to reentrancy vulnerability

Several stable pools on Curve Finance using the Vyper programming language were exploited on July 30, with losses reaching over $61 million (total losses were initially estimated at $47 million). The vulnerability was found on Vyper’s versions 0.2.15, 0.2.16 and 0.3.0.

Several DeFi projects were affected by the attack. Decentralized exchange (DEX) Ellipsis reported that a small number of stable pools with BNB (BNB) were exploited using an old Vyper compiler. Alchemix’s alETH-ETH also witnessed $13.6 million of outflows due to the attack, along with $11.4 million exploited on JPEGd’s pETH-ETH pool and $1.6 million from Metronome’s sETH-ETH pool. Curve Finance CEO Michael Egorov also confirmed that 32 million Curve DAO (CRV) tokens worth over $22 million had been drained from the swap pool.

The BNB Smart Chain (BSC) was also a victim of copycat attacks due to the same vulnerability, with around $73,000 worth of cryptocurrencies on BSC across three exploits being stolen.

Since news of the exploit broke, white hat and black hat hackers have been duking it out on-chain, attempting to disrupt each others’ exploit attempts or efforts to recover funds.

Preliminary investigations found that some versions of the Vyper compiler did not correctly implement the reentrancy guard, which prevents multiple functions from being executed at the same time by locking a contract.

The impact: Vyper vulnerability exposes DeFi ecosystem to stress tests; CRV price plummets

The security incident exposed DeFi protocols to a stress test in the following days, raising concerns about the impact of the exploit on the crypto ecosystem — in particular, because the vulnerability could place all pools with Wrapped Ether (WETH) at risk of attack.

Vyper is a contract programming language designed for the Ethereum Virtual Machine. It is considered one of the most widely used Web3 programming languages, meaning the bug in three of its versions could threaten several other protocols.

The exploit also led to one of the largest ever maximal extractable value (MEV) reward blocks of 584.05 Ether (ETH). According to Ethereum core developer “eric.eth,” the bot noticed an incoming hack in the mempool, reproduced the transaction and front-ran it. “To do so they pay the block producer a lot of ETH to be front of the line,” he explained. MEV bots can see pending liquidation transactions and front-run them to buy the liquidated assets first at a discount.

Today has produced some of the largest MEV reward blocks in Ethereum’s history.

Slot 6,992,273: 584 ETH
Slot 6,993,342: 345 ETH
Slot 6,992,050: 247 ETH
Slot 6,993,346: 51 ETH

— eric.eth (@econoar) July 30, 2023

Curve’s CEO scurries to pay collateralized loans

Threats elsewhere could also cause ripple effects across DeFi. Curve Finance founder Michael Egorov had around $100 million in loans backed by 47% of the circulating supply of the protocol’s native token, CRV.

However, the CRV price dropped nearly 30% following the hack, falling to a low of $0.48 amid fears that Egorov’s collateralized loans would be liquidated.

To reduce his debt position, Egorov sold 39.25 million CRV tokens to several notable DeFi investors, including Justin Sun, Machi Big Brother and DWF Labs, for a total of $15.8 million. The buyers purchased CRV at $0.40 per token, a 25% discount to the market price at the time. In addition, Egorov made partial payments on two loans on Aave and Frax Finance.

CEX price feed prevents Curve price from collapsing

The CRV token price collapsed on the DeFi market due to the significant draining of several pools; however, it was eventually saved by the centralized exchange (CEX) price feed. The CRV price hit $0.086 on DEXs but traded at $0.60 on CEXs, preventing the token’s price from collapsing to zero. 

The ironic incident drew the attention of Binance CEO Changpeng Zhao, who chuckled at the fact that, in the end, it was a CEX price feed that saved the DeFi protocol.

Also reacting to an uncertain environment, Curve’s native stablecoin, crvUSD, briefly depegged on Aug. 3. The algorithmic stablecoin fell by as much as 0.35% before regaining its peg to the United States dollar. Recently launched, crvUSD uses a mechanism for maintaining its peg called the PegKeeper algorithm, which ensures that the crvUSD value is properly backed by collateral while balancing supply and demand.

DeFi community: Ethical hacker retrieves $5.4M for Curve Finance amid exploit

During the crisis, the DeFi community stood by Curve Finance. On July 31, a white hat hacker managed to retrieve around 2,879 Ether worth around $5.4 million from an exploiter and returned the ETH to Curve Finance. Hours later, another ethical hacker seized almost 3,000 ETH and returned the ETH to Curve’s deployer address.

Amid fears of liquidation surrounding Egorov’s loans, Jun Du, the co-founder of Huobi, purchased 10 million CRV for $4 million from Curve’s CEO. Additionally, Aave Chan founder Marc Zeller proposed the Aave Treasury buy $2 million worth of CRV tokens from the protocol. According to the proposal, the acquisition would signal that DeFi players support the health of the ecosystem. 

What about crvUSD? How does its price react to shock events, does it depeg?

Events of recent days felt similar to SVB/USDC situation in some sense. However, crvUSD had just a 0.35% dip, and currently 0.1% from the peg pic.twitter.com/HaMfbkiFSR

— Curve Finance (@CurveFinance) August 3, 2023

Cross-chain lending platform Abracadabra Money also proposed increasing the interest rate on its outstanding loans to manage risks associated with its exposure to CRV. 

The return of funds: Curve, Metronome and Alchemix offering 10% bug bounty; hacker takes it

On Aug. 3, Curve, Metronome and Alchemix jointly announced an initiative to recover stolen funds from the recent exploits of Curve’s pools. The protocols offered a 10% bounty of the seized funds as a reward, urging those responsible for the exploit to step forward and return the remaining 90%, which would bring the bounty close to $7 million.

The offer came with a guarantee of no further legal actions or involvement of law enforcement. “We want to resolve this in a civilized manner,” the protocols wrote to the hacker.

In less than 24 hours, on Aug. 4, the original attacker for the multimillion-dollar exploit apparently accepted the bounty offer and began returning funds stolen a few days earlier. The hacker sent back 4,820.55 Alchemix ETH (alETH), worth approximately $8,889,118, to the Alchemix Finance team, as well as 1 ETH, approximately $1,844, to the Curve Finance team.

The attacker also posted a message that seems to have been directed at the Alchemix and Curve teams, claiming to be willing to return the funds but only because the person didn’t want to “ruin” the projects involved and not because the attacker was caught.

A total of $8.9 million worth of cryptocurrency has been returned at the time of writing, equal to roughly 15% of the total amount drained.

Additional reporting by Amaka Nwaokocha, Ezra Reguerra, Martin Young, Nivesh Rustgi, Prashant Jha, Tom Blackstone, and Zhiyuan Sun.