Security Team: Curve may have security risks related to ERC-777, and the related liquidity pool has already been deprecated
ChainCatcher message, the security team Decurity has discovered another security vulnerability on the Curve platform. Curve uses ERC-777 Callback in the smart contracts of a portion of its token markets, and this usage poses security risks, potentially leading to reentrancy attacks.
Decurity also pointed out that an MEV bot has exploited this vulnerability to execute an attack worth $1,900. Curve's official response stated that this issue is a legacy problem. The attack occurred in the pBTC pool, which had previously been deprecated and only a small amount of funds remained in the contract.
Related tags
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related tags
Mention the project
