Curve Finance rolls out a reward of $1.85 million to identify the attacker

Curve Finance, along with other protocols, fell victim to a re-entrancy attack wherein they collectively lost more than $70 million worth of digital assets. The incident dates back to July 30, 2023, and the DeFi protocol has said that it was a software bug that was exploited by an attacker or there could be a group of attackers behind this incident.

The Curve team has now sought the assistance of its community in identifying the attacker. Anyone who helps the team in doing so qualifies for a bounty worth $1.85 million. Most of the funds have been returned to a few protocols; however, not all of them have received funds back to the network. Curve Finance has even issued an ultimatum for the attacker. The team has said that it will not pursue any legal action if they return all the funds to them. Otherwise, the way in which the bug has been exploited could culminate in a lawful conviction in court, said Curve Finance in the ultimatum.

Members can begin identifying the attacker after the voluntary return period expires. Which, going by the tone of the announcement, appears to be now.

All the protocols affected by the attack announced the bounty program on August 03, 2023. PackShield has reported that approximately 73% of the funds that were stolen have been returned to protocols. This comes to $52.3 million, and the number stands true at the time of drafting this article.

The attacker has issued a message to the protocols, informing them the drive to steal funds was not motivated by the intention to cause any damage to their projects. This was clarified after the attacker came across some ridiculous views on the internet. I don’t want to ruin your project, said the attacker while adding that that money may be huge to them or their users, but that is nothing to them.

The attacker has even gone to the extent of claiming that they are smarter than all of them. This was a part of the on-chain message left by the attacker.

The effect of the incident is obviously visible on its CRV governance token. Its price previously was $0.61. It is now down to $0.50 as the community is afraid that a lot of CRV collateral will be used to perform liquidity functions. As of the time of drafting this article, CRV is back on track at the trading value of $0.6227, an increase of 0.60% in the last 24 hours. The price rise is also a result of an increase in the trading volume in recent hours.

CRV is apparently based on a programming language called Vyper, and the re-entrancy attack was made on select Curve liquidity pools. The window to identify the attacker is open with the prize money waiting to be claimed by a user.

Trevor Holman

Trevor Holman follows crypto industry since 2011. He joined CryptoNewsZ as a news writer and he provides technical analysis pieces and current market data. He is also an avid trader. In his free time, he loves to explore unexplored places.

Related Articles

Back to top button