Connect with us

Hi, what are you looking for?


Vyper vulnerability exposes DeFi ecosystem to stress tests

Photo credit: Photon photo / Shutterstock

Decentralized finance (DeFi) protocols are undergoing a stress test following a critical vulnerability was found on versions of Vyper programming language, resulting in the theft of millions of dollars worth of cryptocurrencies on July 30.

A number of pools using Vyper 0.2.15, 0.2.16 and 0.3.0 have been exploited due to a malfunctioning reentrancy lock, targeting at least four liquidity pools on Curve Finance protocol. “The short answer is that everything that could be drained was drained. The targeted pools are aETH/ETH, msETH/ETH, pETH/ETH and CRV/ETH. All remaining pools are safe and unaffected by the bug,” Curve Finance said on Discord.

BlockSec, an auditing firm for smart contracts, noted that the reentrancy could potentially place all pools with wrapped Ether (WETH) at risk of attack.

Vyper is a contract programming language designed for Ethereum Virtual Machine (EVM). It is considered one of the most widely used Web3 programming languages, which means the bug in three of its versions could have an impact on several other protocols.

The attack affects a number of decentralized finance projects, with Alchemix’s alETH-ETH reporting outflows of $13.6 million, PEGd’s pETH-ETH pool drained by $11.4 million, Metronome’s sETH-ETH pool hacked by $1.6 million and over 32 million in Curve DAO (CRV) tokens worth over $22 million drained over the past few hours. Decentralized exchange Ellipsis also reported that a small number of stable pools with BNB were exploited using an old Vyper compiler.

The incident also negatively affected CRV’s price, which was down over 12% at the time of writing to $0.64. Community members also noted a potential ripple effect on Aave’s protocol, as the falling price of CRV could force Curve founder Michael Egorov to liquidate a $70 million borrowing position on Aave.


You May Also Like


In the past year, Peloton, manufacturers of stationary exercise bicycles and treadmills, has been experiencing some severe financial difficulties. The company went through a...


While the ongoing supply chain problems affecting the global economy have had the expected effects, they’ve also had some decidedly unexpected effects. Specifically, many...


As gas prices continue to rise and consumer confidence drops, not to mention the ongoing war in Ukraine, the European economy is taking a...


As the environmental need for electric vehicles becomes more pressing, and the car-buying public becomes more eager for them, automotive manufacturers are getting ready...


This morning, Coinbase CEO Brian Armstrong sent a mass email out to his company informing everyone that, as stock and crypto prices slip and...


Last week, a former cybersecurity expert for Twitter, Peiter “Mudge” Zatko, released a whistleblower report on the social platform. In his report, Zatko cited...


Zelle is a peer-to-peer payment app and service that can be used by individuals to send and receive money, in a similar vein to...


Earlier this week, following the third-term victory of Chinese President Xi Jinping, market shares in Hong Kong experienced a sudden, violent sell-off. Xi’s controversial...