Losses exceed 50 million, founder buys luxury mansion accused of fraud, is there still hope for Curve during this "retrograde period"?

Author: Xiyou, ChainCatcher

Today, the Curve platform's liquidity pool attack has become the headline news in the crypto market. As of now, the losses from the liquidity pools on the Curve platform have reached as high as $52 million.

On July 31, according to data from DeFiLlama, the total value of locked crypto assets on the Curve platform is $1.7 billion, marking a new low since January 2021. The asset scale has shrunk by about 50% within 24 hours, and its TVL ranking among DeFi applications has dropped out of the top ten, currently ranking 11th.

The attack on Curve has triggered a series of chain reactions, implicating several of its DeFi applications. The drastic fluctuations in the price of the CRV token also hide a potential on-chain liquidation crisis. Among them, the lending platform Aave has disabled the CRV borrowing feature, with some users speculating that this is to prevent users from borrowing CRV to maliciously short it, leading to a chain liquidation. Meanwhile, the South Korean exchange Upbit announced a suspension of CRV token deposits and withdrawals due to significant price volatility.

This can be considered Curve's darkest hour; will it be able to navigate through this crisis as smoothly as before?

The attack has implicated multiple DeFi applications; what are the potential risks?

Now, when users open the Curve official website, the first thing they see is a security warning related to the Vyper vulnerability: due to a failure in the Vyper reentrancy lock, liquidity pools using Vyper versions 0.2.15, 0.2.16, and 0.3.0 have been attacked, and the liquidity of these pools has been drained. The team is currently assessing the situation. The affected liquidity pools include alETH/ETH, msETH/ETH, pETH/ETH, and CRV/ETH, while other pools remain unaffected.

The Curve liquidity pool attack has implicated multiple DeFi applications. According to monitoring statistics from PeckShield, the cumulative losses from this attack have reached approximately $52 million.

Among them, the pETH issued by the NFT lending protocol JPEG'd, which formed the pETH-ETH pool on Curve, has incurred losses of about $11 million, causing its pETH price to decouple, currently priced at $862; the alETH-ETH pool of the DeFi lending protocol Alchemix suffered losses of about $13 million, with the current alETH price at $1,246, still in a decoupled state; the msETH/ETH pool of the DeFi synthetic asset protocol MetronomeDAO was stolen for about $1.6 million and has suspended its mainnet functions; the CRV/ETH liquidity pool on Curve was stolen for over $10 million; the DEX platform Ellipsis lost $68,000; and the cross-chain application deBridge lost $24,000, among others.

At the same time, the price of Curve's native token CRV has experienced drastic fluctuations on-chain, with its CRV/WETH trading pair on Uniswap dropping to as low as $0.03 in a short period (around 3 AM on July 31), nearly reaching zero. The current price has recovered to around $0.63.

Today, South Korea's largest exchange Upbit announced that due to the attack on some Curve stablecoin pools, which has led to significant volatility in CRV, it has suspended the deposit and withdrawal services for Curve (CRV).

The drastic fluctuations in CRV's price have always kept users on edge, as there are a large number of CRV collateral positions on-chain. If the CRV price falls below a certain level, a large amount of CRV will face liquidation, which often leads to a death spiral for its assets.

Among the most concerning is the position held by Curve founder Michael Egorov, as users are worried about whether his substantial CRV position will be liquidated and the resulting chain reaction.

According to researcher 0xLoki's tweet, Michael Egorov has collateralized 292 million CRV on lending platforms Aave, FRAXlend, Abracadabr, and Inverse, valued at $181 million, borrowing $110 million in funds, with an overall liquidation price of around $0.4.

Among them, the largest position is on Aave, where 190 million CRV is collateralized, borrowing $65 million, with a liquidation price of $0.37. Next is FRAXlend, with 46 million CRV collateralized, borrowing 21 million FRAX, with a liquidation price of $0.4; Abracadabr has 40 million CRV deposited, borrowing $18 million, with a liquidation price of $0.39; and Inverse has 16 million CRV deposited, borrowing $7 million, with a liquidation price of $0.4.

If CRV falls below $0.4, then all 300 million CRV will be liquidated.

However, despite the on-chain price of CRV dropping to $0.03, why did it not lead to any CRV positions being liquidated? This is mainly because the pricing mechanism used by lending protocols is based on Chainlink oracles. The Chainlink pricing mechanism does not rely on a single on-chain data point or a specific DEX but uses a weighted average price based on both on-chain (DEX) and off-chain (CEX) data, weighted by trading volume.

For this instance of CRV, the prices on CEX platforms like Binance and OKX did not reach $0.03, so Chainlink would not quote $0.03 but rather a price based on multiple weighted averages; according to data, the lowest price quoted by Chainlink was $0.59.

It is precisely because of the differences in Chainlink's pricing mechanism that CRV's collateral positions were not liquidated despite facing temporary on-chain abnormal prices.

Now Aave has disabled the CRV borrowing feature, and some users speculate that this may be to prevent traders from exploiting the Curve vulnerability event to panic, borrowing CRV to maliciously short it, leading to chain liquidations. Currently, there are about 291 million CRV supplied on Aave, with about 95% coming from Curve founder Michwill's deposits. In the past few hours, founder Michwill has gradually repaid part of the debt and increased CRV collateral.

The Vyper vulnerability in Ethereum's contract language led to the attack

The Curve attack incident has a wide-ranging impact and has garnered significant user attention. However, fortunately, the attack on Curve was not due to a vulnerability in its own contracts but rather an issue with the underlying Ethereum smart contract programming language.

After the stable pools on Curve were attacked, on July 31, the Ethereum programming language Vyper tweeted that the reentrancy locks in Vyper versions 0.2.15, 0.2.16, and 0.3.0 had failed, and the liquidity pools attacked on Curve (alETH/msETH/pETH) were deployed using Vyper 0.2.15.

Vyper is a Python-based Ethereum smart contract development language created in 2017. Compared to the currently commonly used Solidity for writing Ethereum smart contracts, this language is easier for developers accustomed to Python-based languages. Ethereum founder Vitalik has previously stated in a tweet that Vyper is quietly becoming a more advanced Ethereum high-level language. Examples of projects written in Vyper include Uniswap v1 and Curve.

The failure of the reentrancy lock function mentioned in this Vyper version allows malicious actors to repeatedly re-enter the contract, executing certain functions multiple times within a single transaction, leading to unauthorized operations or theft of funds.

Currently, a new version of Vyper has been released to fix the existing vulnerabilities, but the contracts of the liquidity pools attacked on Curve are not upgradeable.

The root cause of this hacker attack is actually the underlying programming language Vyper rather than Curve itself, which is a relief but also raises greater concerns among users regarding the security of the foundational layer that supports DeFi applications. This is because vulnerabilities in the foundational layer are more frightening than application issues. The disasters caused by foundational layer vulnerabilities can have a fatal impact on its on-chain ecosystem, often triggering multiple chain reactions, and the rebuilding process can be more difficult (such as the contracts of the liquidity pools attacked on Curve not supporting upgrades to the programming language version), while the impact range of a single application issue is mostly controllable.

Fortunately, it was not Solidity that had the problem, but rather the less popular Vyper.

Crypto KOL CM tweeted: "Curve was hacked, and the technical issue with Vyper can be seen as pulling the rug. This is no longer a problem with the protocol itself or the design of the smart contract. If Solidity also has the potential to have issues, then there is no security for all on-chain applications. So when you say DeFi is gone, that’s not the worst; the more tragic scenario is that blockchain itself is gone."

However, some users have pointed out that this validates a truth: there is no absolute security. When you enjoy the benefits brought by smart contracts, you must also bear the corresponding costs.

Can the "disaster-prone" Curve weather this storm?

Although the reason for the attack is unrelated to the project's own contracts, Curve still becomes the target of criticism.

Some users believe that although this incident is a programming language issue, Curve cannot escape blame, as it failed to adequately review and did not proactively inform users about the programming language used in the liquidity pools. However, other users argue that this incident actually validates the security of Curve's smart contracts, as not all liquidity pools used Vyper, thus not putting all eggs in one basket, and the official team diversified the risk.

Overall, this black swan event has more negative impacts than positive ones for the Curve platform.

This year has indeed been "disaster-prone" for Curve.

First, at the end of May, Michael Egorov was reported by the media to have purchased two luxury homes in Melbourne with his wife Anna Egorova, totaling $41 million and covering an area of 4,251 square meters.

Then, in early June, Curve founder Michael Egorov was sued by well-known crypto VCs ParaFi, Framework Ventures, and 1kx for commercial fraud. They claimed that after investing $1 million in Curve in 2020, Michael Egorov deposited these investment funds into Curve's liquidity pool, and the three VCs received no commercial returns, neither CRV tokens nor refunds. They accused Michael Egorov of intentionally relinquishing control over Curve, failing to hand over power to Curve DAO, and locking in more CRV than expected to maintain overwhelming control, while earning rewards through staking and selling some tokens.

Subsequently, it was revealed that founder Michael Egorov holds more than one-third of the circulating CRV supply, with a total of 291 million CRV tokens collateralized in Aave, accounting for 34.15% of the circulating supply of CRV. This is seen by users as a low-cost monetization strategy by the Curve founder.

The 291 million CRV collateralized in Aave has always been viewed by users as a hidden dam that could trigger a collective shorting of CRV. This poses a significant threat to both the Curve ecosystem and the Aave protocol, as users worry that CRV's liquidation could lead to a death spiral, which would also bring bad debts to Aave. Although this black swan event did not lead to the liquidation of that position, it has once again raised concerns among users; the market's risks are unpredictable, and once an extreme event occurs, the impact of these 300 million CRV positions will also be unpredictable.

Although later, with the launch of the stablecoin crvUSD and the growth of data, users gradually forgot about the controversies surrounding its founder, the series of events have still dealt a significant blow to Curve. Will Curve be able to recover quickly this time like it has in previous instances?

To be fair, it seems that recent events, whether related to the founder's controversies or the attack caused by the smart contract language vulnerability, do not have a direct relationship with the operation of the project itself and cannot truly pose a fatal threat to a decentralized project. Today, Wu Jihan also tweeted that he has bottomed out on CRV and supports Curve, stating: "In the upcoming RWA wave, CRV is one of the most important infrastructures."