Curve Finance, a prominent decentralised finance (DeFi) system, has a programming flaw that has led to the loss of money from several of its liquidity pools, with almost $100 million still in danger.
The Curve staff said in a tweet that “a number” of its pools that employ the Vyper programming language version 0.2.15 have been abused as a result of “a failed reentrancy lock.”
The Curve team said, “We are assessing the situation and will keep the community informed as events unfold.”
The Curve researchers identified all pools that have been compromised as a result of the issue. Additionally, it advised users to remove all cash from the Arbitrum Tricrypto pool, which is where ETH, WBTC, and USDT tokens are stored.
The listed Curve pools currently have up to $100 million worth of cryptocurrency at danger, which poses a serious threat to the credibility of the entire protocol.
One of the most reliable projects in the cryptocurrency space is Curve Finance, a decentralised exchange (DEX) for stablecoins that manages liquidity using the automated market maker (AMM) approach.
The native CRV token of Curve Finance has seen a sharp decline in market value as a result of recent events.
The CRV token has fallen by more than half of its value in the last year, while the prices of other significant cryptocurrencies like Bitcoin (BTC) and Ether (ETH) have increased.
The bug mentioned by Curve is the same kind of flaw Era Lend and Conic Finance claimed was responsible for stealing money from them last week over DeFi protocols.
After the latest hacking issues, a white hat hacker has already returned 2,870 ETH, valued at almost $5.4 million, to Curve Finance.