The decentralized finance (DeFi) ecosystem has been severely shaken by the exploitation of the Curve Finance stablecoin lending platform. Various impacted protocols have experienced a tanking in total value locked, and the fallout is impacting areas far and wide.
A reentrancy attack caused an exploit on Curve Finance for upwards of $50 million on July 30. The exploit was across several stable pools running older versions of the Vyper smart contract programming language.
Curve Finance Exploit Causes DeFi Fallout
Curve Finance alerted its users that a number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 “have been exploited as a result of a malfunctioning reentrancy lock.” It added that its crvUSD stablecoin pools were not affected.
According to the Vyper official documentation, the recommended install is actually the faulty version. A bug in the smart contract language layer affects almost all protocols using…
