Decentralized Finance platforms Curve Finance, Alchemix, and Metronome have announced a joint initiative to recover the stolen funds in the wake of the recent exploits that hit Curve’s pools.
The exploit resulted in a loss of around $70 million worth of crypto assets, meaning the bounty offered is around $7 million.
A Resolution In Sight?
The DeFi platforms impacted by the Curve heist are doing everything they can to recover the stolen funds. According to on-chain data, Curve, Alchemix, and Metronome have offered the hackers a 10% bounty as a reward, urging the hackers to return the remaining 90% of the stolen funds. Curve Finance updated users about their offer to the hackers via X, stressing that they would face no further legal or law enforcement actions if they chose to return the funds. Curve stated in the joint message sent via Etherscan,
“The offer comes with a guarantee of no further legal actions or involvement of law enforcement. We want to resolve this in a civilized manner. You will have no risk of us pursuing this further, no risk of law enforcement issues.”
Final Warning
The three protocols gave the hackers a deadline of 6th August to accept their offer. They added that should the hackers refuse the offer; the protocols would expand the bounty to the public and offer the 10% to anyone who would be able to identify them in a way that leads to their conviction. The stark warning read,
“If you choose not to partake in the voluntary return and complete the process by 6th August at 0800 UTC, we will expand the bounty to the public and offer the full 10% to the person who is able to identify you in a way that leads to your conviction in the courts. We will pursue you from all angles with the full extent of the law.”
All three protocols have opened a direct line of communication with the hackers through [email protected] and urged the hackers to respond and take the offer to avoid legal action. The protocols also stressed that any individuals responding for negotiations would need to verify their credentials and ownership of their email address on-chain.
Curve and the other protocol’s outreach is similar to the strategy adopted by DeFi protocol Euler Finance, which fell victim to a crippling hack earlier in the year. However, the protocol was able to negotiate with the hackers and retrieve the stolen funds successfully.
The Curve Hack
The Curve exploit saw around $70 million worth of crypto stolen by hackers. This figure included CRV tokens worth around $4.52 million, which led to a significant drop in the price of the token. At the heart of the exploit was a vulnerability in Vyper called a reentrancy bug. This vulnerability allowed hackers to drain several stablecoin pools on Curve, leading to considerable chaos in the DeFi ecosystem.
DeFi markets were further spooked after reports emerged that Curve Finance founder Michael Egorov had allegedly taken several loans using around 47% of CRV’s circulating supply. Several DeFi protocols, such as Aave, Abracadabra, and several others, faced major implications following the drop in CRV’s value. This is because the decline put Egorov’s $168 million lending position at risk of liquidation, potentially unleashing a domino effect on DeFi.
However, Curve and Egorov found support from prominent names in the crypto and DeFi space, such as Power DeFi user DCF God, Tron Foundation CEO Justin Sun, and Jeffrey Huang, also known as Machi Big Brother. Sun, DCF God, and Huang purchased large quantities of CRV from Egorov, helping reduce the principal value of Egorov’s loan from $63 million to $54 million. Other players who assisted Egorov were Cream Finance, which sent Egorov $1 million worth of USDT and USDC, and Huang, who sent Egorov $1.5 million worth of USDT.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source:https://cryptodaily.co.uk/2023/08/curve-extends-olive-branch-offers-10-bug-bounty-to-hackers