Several Liquidity Pools Exploited for Nearly $60 Million

Summary:

On July 30, a hackers drained approximately $60 million from liquidity pools that decentralized exchanges uses to offer exchange of tokens. Affected protocols include CurveFi, MetronomeDAO, JPEGd and Alchemix.

Curve, as biggest funds lost from the breach, ranks among the most esteemed and reliable DEXes and relies on automated market makers in much the same way as Uniswap. Though it is still functioning, Curve has seen an exodus of funds since the hack.

Losses

The attack drained $60 million in total from four projects. Detailed protocol-specific losses:

  • CurveFi
    • $19,769,550 worth 10,560.14 ETH
    • $3,956,370 worth 7,193,401 CRV
  • Alchemix
    • $13,663,900 worth 7,258.7 ETH
    • $9,076,167 worth 4,821.55 alETH
  • JPEGd
    • $11,461,200 worth 6,106.65 ETH
  • MetronomeDAO
    • $1,625,950 worth 866.55 ETH

Total Value Locked in the CurveFi slipped from $3.3 billion to $2.3 billion, according to DeFi Llama. Its governance token, CRV, lost about 40% of its value in the weeks following the attack.

Timeline:

  • July 30, 2023:
    • 13:10 UTC: First exploit, on pETH/ETH pool, begins.
    • 14:50 UTC: Attack on msETH/ETH pool.
    • 15:34 UTC: Attack on alETH/ETH pool.
    • 16:44 UTC: Vyper reports vulnerability, followed immediately by Curve identifying targeted pools other than CRV/ETH.
    • 19:16 and 19:30 UTC: Hacker pulls WETH and then CRV from pool
  • July 31, 2023, 09:49 UTC: c0ffeebabe.eth makes return to MetronomeDAO.
  • August 4, 2023, 10:22 PM UTC: JPEG’d confirms return of funds from the hacker.
  • August 06, 2023, 04:10 PM UTC: CurveFi has offered a $1.85 million bounty to anyone who can identify the hacker.
  • August 11, 2023: Curve puts out post-hack safety report, but also says 70% of funds affected have been recovered.
  • August 18, 2023: MetronomeDAO releases its own post-mortem.

Attackers:

The attack to the vulnerable pools came from several parties.

Security Failure Causes:

  • Vyper Compiler Bug: Vyper, a compiler for the Ethereum Virtual Machine, contained a vulnerability in versions from 0.2.15 to 0.3.0 that did not properly lock up a smart contract with a Reentrancy Guard, which was intended to prevent the execution of a malicious sequence of functions at one transaction.