Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
The Curve Finance lending protocol has ceased governance token rewards for specific liquidity pools impacted by the Curve exploit on July 30 and the Multichain exploit on July 6, as stated in an Aug. 2 social media update from a member of the protocol’s governing body.
The cessation of rewards was executed by the Curve emergency decentralized autonomous organization (Curve E-DAO), a committee consisting of selected members from the Curve DAO governing body. This action affected pools including alETH+ETH, msETH-ETH, pETH-ETH, crvCRVETH, Arbitrum Tricrypto, and multibtc3CRV, as detailed in the announcement. This decision may be reversed in the future through a full vote by the Curve DAO.
The announcement was made by Curve E-DAO member Gabriel Shapiro.
ATTENTION, FROM A CURVE E-DAO SIGNER:
The @CurveFinance emergency multisig has terminated CRV rewards (gauges) to the liquidity pools impacted by recent exploits, including pools affected by the recent Vyper compiler exploit and the multiBTC pool affected by the recent…— _gabrielShapir0 (@lex_node) August 2, 2023
Related Posts
On July 6, more than $100 million in cryptocurrency was withdrawn from several bridges associated with the Multichain protocol. The Multichain team indicated that the withdrawals were “abnormal” and advised users to refrain from using Multichain. At that time, the Curve team cautioned its users to “Exit multichain assets such as multiBTC (including the pool),” suggesting that its own multibtc3CRV liquidity pool was at risk due to the Multichain incident.
On July 14, the Multichain team revealed that the withdrawals had been executed by an unidentified individual who had accessed its CEO’s cloud computing account, indicating that the funds had been exploited and might not be recoverable.
On July 30, Curve Finance itself fell victim to a reentrancy attack, resulting in a loss of over $47 million in cryptocurrency. The attack impacted the alETH, msETH, and pETH pools, as these were developed using the Vyper protocol that contained the vulnerability. Other Curve pools not built through Vyper remained unaffected.
Related: Hackers compromise Uniswap founder’s Twitter account to promote scam
In spite of these exploits, the affected pools continued to generate Curve DAO (CRV) governance token rewards. This allowed users to deposit their tokens into the pools to earn CRV. In the Aug. 8 announcement, Shapiro mentioned that the emergency DAO has now eliminated these rewards to “avoid incentivizing further participation in these compromised pools.”
Investors have continued to face challenges from hacks and scams throughout July and August. Payment provider Alphapo reportedly lost over $60 million on July 23 due to an attacker gaining access to its hot wallet private keys. The company has not confirmed the alleged attack, but on-chain analysts have suggested that the transfers are unusual and likely the result of a hack. On July 25, zkSync was also exploited for $3.4 million due to a read-only reentrancy bug.
