Curve Finance, a prominent decentralised finance (DeFi) system, has a vulnerability that has led to the loss of money from several of its liquidity pools, with almost $100 million still in danger.
The Curve team said in a tweet dated Sunday that “a number” of their pools that employ the Vyper programming language version 0.2.15 have been hacked because of “a malfunctioning reentrancy lock.”
“We are evaluating the situation and will keep the community updated as events develop,” the team said.
The Curve team identified all pools that have been compromised as a result of the vulnerability in a follow-up tweet on Monday.
Additionally, it advised users to remove all cash from the Arbitrum Tricrypto pool, which is where ETH, WBTC, and USDT tokens are stored.
The listed Curve pools currently have up to $100 million worth of cryptocurrency in danger, which poses a serious threat to the reputation of the entire protocol.
Curve Finance, a decentralised exchange (DEX) for stablecoins, uses the automated market maker (AMM) mechanism to maintain liquidity. Curve Finance has historically been regarded as one of the most reliable projects in the cryptocurrency space.
The CRV token price falls.
The native CRV token of Curve Finance, however, has seen a sharp decline in market value as a result of recent events.
As of Monday afternoon, the token had dropped 12% over the previous 24 hours alone and more than 15% over the previous week.
The CRV token has lost more than half of its value in the last year, while the prices of other significant cryptocurrencies like Bitcoin (BTC) and Ether (ETH) have increased.
The flaw Curve mentions is the same kind of flaw that Era Lend and Conic Finance claimed was to blame for stealing money from them last week via DeFi protocols.
Following the latest hacking issues, a white-hat hacker has already returned 2,870 ETH, valued at almost $5.4 million, to Curve Finance.
For more updates on crypto, please visit Cryptured.com.