Unveiling the Security Breach
PSA: Vyper versions 0.2.15, 0.2.16 and 0.3.0 are vulnerable to malfunctioning reentrancy locks. The investigation is ongoing but any project relying on these versions should immediately reach out to us.
— Vyper (@vyperlang) July 30, 2023
A multitude of decentralized finance (DeFi) platforms fell prey to a significant cyberattack on a recent Sunday, with cybercriminals absconding with cryptocurrency worth over $24 million. The Curve pool exploit was orchestrated via a loophole in the liquidity pools of Curve, a widely-used automated market maker platform.
Contenu
- 1 Unveiling the Security Breach
- 2 Identifying the Source of the Curve Pool Exploit
- 3 Primary Casualties of the Curve Pool Exploit
- 4 Deciphering the Nature of the Curve Pool Exploit
- 5 Other Platforms Impacted
- 6 Vyper’s Role in the Incident
Identifying the Source of the Curve Pool Exploit
A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.
— Curve Finance (@CurveFinance) July 30, 2023
Other pools are safe. https://t.co/eWy2d3cDDj
The loophole was linked back to Vyper, an alternative programming language employed for Ethereum smart contracts. Curve assured that other liquidity pools that did not utilize Vyper remained secure. Liquidity pools, which are essentially smart contracts that hold tokens, offer liquidity to crypto markets without the necessity for financial intermediaries. However, as several platforms found out, even a minor glitch can result in significant financial damage.
Stablepools are pools of stablecoins (cryptocurrencies pegged to a stable asset, often the US dollar) that users can trade between. In this case, the stablepools mentioned (alETH/msETH/pETH) are pools that contain different versions of Ethereum-based stablecoins.
Vyper is a programming language that’s used to write smart contracts on the Ethereum blockchain. The version mentioned, 0.2.15, seems to have a bug.
A reentrancy lock is a security feature in smart contracts that prevents a certain type of attack called a reentrancy attack. In a reentrancy attack, an attacker can repeatedly call a function in a smart contract before the first function call is finished, potentially causing the contract to behave in unexpected ways.
So, putting it all together, the tweet is saying that there’s a bug in the Vyper programming language (version 0.2.15) that has caused the reentrancy lock in some of their stablepools to malfunction, making them vulnerable to attack. They are currently looking into the issue and will provide updates as they learn more. They also assure that other pools (those not using Vyper 0.2.15) are not affected and remain secure.
To give a simple analogy, imagine a bank vault (the stablepool) with a special lock (the reentrancy lock) that’s supposed to prevent thieves from getting in. However, due to a manufacturing defect in the lock (the bug in Vyper 0.2.15), the lock isn’t working properly, and thieves have been able to get into the vault. The bank (Curve Finance) is now investigating how this happened and how to fix it, and they’re assuring customers that other vaults with different locks are still safe.
Primary Casualties of the Curve Pool Exploit
Certain type of Curve factory pool is encountering read-only reentrancy attack and causing a total loss of $11m(@JPEGd_69) + $13m(@AlchemixFi) + …
— Tony KΞ (@tonyke_bot) July 30, 2023
Initial investigation founds that vyper compiler (0.2.15) doesn't implement the reentrancy guard correctly.
add_liquidity and… pic.twitter.com/avaHdtSFsm
One of the major casualties was the NFT lending protocol JPEG’d, which suffered a loss of cryptocurrency worth $11 million, as reported by Decurity, a firm specializing in decentralized finance security. JPEG’d was among the first to detect a problem with its pool on Curve. Despite the cyberattack, JPEG’d assured that the code safeguarding NFTs and treasury funds remained unscathed.
In simpler terms, an initial look into the matter reveals that some versions of the Vyper compiler, a tool that translates code into a format that computers can understand, have a flaw. This flaw affects the reentrancy guard, a safety feature that stops multiple functions from running at the same time by locking a contract. This flaw could potentially allow an attacker to take all the funds from a contract.
Vyper is a programming language that’s similar to Python and is used to write contracts for the Ethereum Virtual Machine (EVM), which is a part of the Ethereum network. Because Vyper is similar to Python, it’s often the first choice for Python developers who are starting to work with Web3, a term used to describe the decentralized internet powered by blockchain.
A small number of stablepools with BNB using an old Vyper compiler have been exploited.
— Ellipsis (@Ellipsisfi) July 30, 2023
We are assessing the situation and will update the community on any further findings. https://t.co/pxkhRRSr5w
Several projects in decentralized finance, a type of finance that doesn’t rely on traditional financial institutions, were hit by the attack. Ellipsis, a decentralized exchange, reported that a few of its stable pools with BNB, a type of cryptocurrency, were exploited using an old version of the Vyper compiler. Alchemix’s alETH-ETH pool saw an outflow of $13.6 million, JPEGd’s pETH-ETH pool lost $11.4 million, and Metronome’s sETH-ETH pool lost $1.6 million. Michael Egorov, the CEO of Curve Finance, later confirmed that 32 million CRV tokens, which are worth over $22 million, were taken from the swap pool
Deciphering the Nature of the Curve Pool Exploit
@CurveFinance hack root cause analysis. Essentially the lock slot on two different functions, add_liquidity and remove_liquidity are different. As you can see from our internal took, one is 2 and another is 0. That means the re-entry protection is gone. pic.twitter.com/o2bemxiGVf
— Ancilia, Inc. (@AnciliaInc) July 30, 2023
Initially, Curve characterized the loophole as a standard “re-entrancy” attack, a prevalent exploit where a smart contract interacts with another contract, which then communicates back to the first contract before fully executing. This allows a cybercriminal to initiate multiple calls within a single function, fooling a smart contract into computing inaccurate balances. However, Curve later revised its initial evaluation, stating it was incorrect.
Other Platforms Impacted
The problem was not confined to JPEG’d. Alchemix and Metronome DAO also became victims of similar exploits, incurring losses of $13.6 million and $1.6 million, respectively. Both platforms are actively probing and striving to rectify the issues with their liquidity pools.
Vyper’s Role in the Incident
Vyper admitted that the failure was in its compiler, which converts code written in human-readable format into a form that computers can process. This failure obstructed the re-entry guards, which were designed to defend against re-entry attacks, from functioning as intended. The malfunction in the compiler was pinpointed as the primary cause of the loophole that facilitated the cyberattack.