Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Decentralized finance (DeFi) platforms Curve, Metronome, and Alchemix have collaboratively announced a plan to recover funds that were stolen during the recent exploits of Curve’s pools.
As per on-chain information, the protocols are proposing a 10% bounty of the stolen assets as an incentive, encouraging those accountable for the exploit to come forward and return the remaining 90%. The exploit that occurred on July 30 led to the loss of approximately $70 million in cryptocurrencies, which would make the bounty nearly $7 million.
Dear hacker, you’ve got an incoming message https://t.co/ZKJjrO65PX
— Curve Finance (@CurveFinance) August 3, 2023
This offer includes a promise of no subsequent legal actions or law enforcement involvement. “We want to resolve this in a civilized manner,” states the message included in the transaction.
Related Posts
“You will have no risk of us pursuing this further, no risk of law enforcement issues,” the protocols mentioned in a joint statement, adding:
“If you opt not to engage in the voluntary return and complete the process by 6 August at 0800 UTC, we will make the bounty public and offer the full 10% to anyone who can identify you in a manner that leads to your conviction in court. We will pursue you from all angles with the full extent of the law.”
The three platforms have established a direct communication channel via [email protected] and have urged the responsible parties to respond promptly. They also highlighted that any individuals reaching out for negotiations must confirm their ownership of the email address on-chain.
The attack was a result of a significant vulnerability in certain versions of the Vyper programming language. Several pools utilizing Vyper 0.2.15, 0.2.16, and 0.3.0 were affected by a malfunctioning reentrancy lock, impacting four liquidity pools on Curve Finance.
The security incident has introduced a renewed sense of uncertainty within the crypto community, raising apprehensions about a potential domino effect on the DeFi ecosystem. Curve Finance’s native stablecoin, crvUSD, briefly lost its peg on Aug. 3, responding to the unclear circumstances surrounding the protocol following the exploit.
Magazine: Should crypto projects ever negotiate with hackers? Probably
