Cryptocurrency worth more than $1.5 billion has been removed — some stolen, some moved for safekeeping — from the decentralized exchange Curve Finance since it revealed on Sunday it had been hacked.
(Bloomberg) — Cryptocurrency worth more than $1.5 billion has been removed — some stolen, some moved for safekeeping — from the decentralized exchange Curve Finance since it revealed on Sunday it had been hacked.
Curve was the second-largest decentralized exchange in crypto before it announced the discovery of an vulnerability. The total amount of cryptocurrency on the exchange has since plummeted by nearly 50% to $1.62 billion, according to tracker site DeFiLlama.
On Sunday, initial estimates of losses resulting from the hack ranged from $20 million to more than $40 million. The sharp decline is a result of both the hack as well as the project’s guidance to remove funds.
Read: Crypto Token of Key DeFi Exchange Curve Finance Sinks After Exploit
Some funds may also have been removed by hackers who exploit vulnerabilities in networks and alert companies and organizations to fix them, also known as white hat hackers, according to Will Sheehan, founder of crypto data provider Parsec Finance.
Curve identified four main liquidity pools that had been hacked, the result of a vulnerability in Vyper, a programming language widely used in decentralized finance, or DeFi, applications. The project asked users of pools at higher risk to temporarily withdraw their funds.
Curve is one of the most important liquidity providers in DeFi, especially for stablecoins, according to crypto data firm Kaiko.
Historically, the exchange has been able to withstand large outflows because of its design. That said, “falling liquidity is never a good thing for markets, especially stablecoins, which need to trade with a very tight range,” said Clara Medalie, director of research at Kaiko.
Michael Egorov, founder of Curve Finance, told Bloomberg that the DeFi industry will survive the hack.
Egorov has borrowed more than $100 million across various DeFi lending projects, backed by CRV tokens, the native token of the Curve project, according to Bloomberg calculations. The token’s value has sunk 17% since the hack was announced according to cryptocurrency site CoinGecko. A decline that leads to forced liquidations of loans backed by CRV could have ramifications on lending platforms, such as Aave.
Read: DeFi Loan’s Partial Repayment Helps to Ease Crypto Anxiety
“We, and I personally, work on minimizing or eliminating the impact,” Egorov wrote in an email about the exploit, adding that he is also planning to reduce his loans.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.