• JPEG’d has confirmed the return of 5,495 ETH stolen from Curve Finance by a hacker for a 10% bounty.
• The hacker exploited a security vulnerability in Vyper to drain several pools on Curve Finance, resulting in estimated losses of $70 million.
• Projects such as Ellipsis, Alchemix, JPEG’d and Metronome were all affected by the exploit.
JPEG’d Confirms Return of 5,495 ETH
JPEG’d has confirmed that 5,495 Ether (ETH) worth roughly $10 million at current prices has been returned by the Curve Finance hacker. The DeFi protocol lost $11.6 million of crypto in the Curve hack in exchange for returning the funds that were stolen on July 30th, the hacker received a 610.6 ETH ($1.1 million) bounty.
Curve Finance Hacker Exploits Security Vulnerability
The hacker managed to exploit a security vulnerability in the Vyper smart contract programming language used in various liquidity pools on Curve Finance which resulted in total losses estimated to be around $70 million worth of crypto assets. Projects such as decentralized exchange Ellipsis, lending platform Alchemix, JPEG’d and synthetic protocol Metronome were all affected by this exploit with significant amounts being drained from their respective liquidity pools.
A Joint Initiative to Recover Stolen Funds
On Aug 3rd Curve Finance alongside Metronome and Alchemix jointly announced an initiative offering hackers who return stolen funds a reward ranging from 0-10%. This was done with hopes that some of these funds will be recovered and help make up for some of the losses incurred due to this attack on DeFi projects within the ecosystem.
Whitehat Bounty Paid Out
In exchange for returning some of these funds back to JPEG’d specifically, a whitehat bounty of 610.6 WETH (worth approximately $1.1 million) was awarded out by them as an incentive for recovery efforts carried out by those involved with resolving this incident .
The actions taken today serve as an example of how DeFi protocols can work together when faced with difficult situations such as these and hopefully set a precedent moving forward about rewarding those who help recover lost funds due to malicious attacks or exploits like this one seen here recently on Curve finance .