Curve Finance, the innovative decentralized finance platform, is launching a captivating $1.85 million bug bounty program, daring brilliant minds to unmask the elusive exploiter who wreaked havoc on its stable pools.
With the exploiter’s return deadline passing, Curve Finance is now reaching out to the global community of ingenious hackers, code auditors, and security experts, offering them a chance to rise above the challenge and claim a substantial reward.
Everybody who can identify the person responsible for the incident in a way that would result in unambiguous legal ramifications is eligible for the enormous bounty offer.
Using input data from an Ethereum transaction, Curve Finance published the public offer and noted that the deadline for the voluntary return of the funds associated with the Curve exploit had passed at 08:00 UTC.
On August 3, Curve and other protocols that were impacted by the attack gave the hacker a 10% bug prize. In exchange for accepting the offer, the hacker gave some of the stolen assets to JPEGd and Alchemix while keeping the money from other impacted pools.
Since the allotted time had passed, Curve declared that anyone who could identify the hacker would be entitled to $1.85 million worth of assets. The public was included in this most recent announcement’s expanded audience.
Curve Finance: $61 Million Reentrancy Attack:
The Curve Finance community was astonished when, on July 31, a hacker used insecure versions of the Vyper programming language to carry out reentrancy attacks against Curve Finance’s stable pools.
Curve Finance lost more than $61 million as a result of the attack, including $13.6 million from Alchemix’s aIETH-ETH, $11.4 million from JPEGd’s pETH-ETH, and $1.6 million from Metronome’s sETH-ETH.
The incident sparked worries about the potential consequences for the cryptocurrency ecosystem, particularly the dangers posed to every pool employing Wrapped Ether (WETH).