Curve Finance offers reward to hackers
Curve Finance is offering the hacker a reward of 10 % and will refrain from taking legal action if the offer is accepted. The three projects stated that if the attacker or attackers return the stolen funds, they will not pursue the matter further or involve law enforcement authorities.
However, they announced that if the attackers do not voluntarily appear by August 6, the reward of 10 % will be offered to those who can identify the responsible parties, in a way that will lead to their conviction in court. The three DeFi platforms stated that they will prosecute the attacker "from all angles to the fullest extent of the law".
The message was signed by the decentralized exchange Curve, the synthetic asset protocol Metronome and the platform for loans with the same assets, Alchemix.
Curve Finance sent the message on Twitter/X on August 3, writing, "Dear hacker, you have an incoming message." The full text of the message is embedded in a linked Ethereum (ETH) transaction on the blockchain.
Attacks affect more than just Curve
Curve Finance was originally hacked on July 30, in which an attacker stole 60 to 70 million dollars from the platform. The attack was made possible by a vulnerability in Vyper smart contracts, which have also been used for other attacks elsewhere.
According to Llamarisk via TechCrunch, Alchemix's alETH pools were hacked for $22.6 million, while Metronome's msETH pools were hacked for $3.4 million.
Therefore, Curve's latest announcement also linked to an identical reward for the Alchemix hacker. No reward for the Metronome hacker was linked, although such a reward is implied by the fact that Metronome signed the message.
The far-reaching scope of these recent hacks has led to a decline in total value locked (TVL) on DeFi platforms. On August 2, CryptoSlate noted that investors and liquidity providers have withdrawn more than $3 billion from DeFi services.