Curve Finance opens $1.85M bounty for exploiter’s identity leading to conviction

Curve Finance officially opens $1.85 million bounty for exploiter's identity

Most read

Loading Most Ready posts..


  • Curve Finance is offering a public bounty for information about their identity that could lead to a conviction.
  • The protocol has clarified that it will drop any further actions if the exploiter returns the stolen funds.

Curve Finance, a decentralized finance (DeFi) protocol, is now rewarding individuals capable of identifying the individual behind the draining of more than $61 million from its pools on July 30 unless the hacker fully releases the funds. This bug bounty offer is open to anyone who can pinpoint the exploiter responsible for the incident in a way leading to definitive legal repercussions. 

Curve extends bounty offer to the public

Curve Finance communicated the offer through an Ethereum transaction’s input data stating that the cutoff time for the voluntary return of funds related to the Curve exploit was 0800 UTC, and had passed. Subsequently, they highlighted their decision to broaden the scope of the bounty to the general public. The protocol is now offering a reward of 10% of the remaining exploited funds (currently valued at $1.85 million) to anyone who can successfully identify the exploiter in a manner that results in a conviction in court.

Curve also clarified that they would drop any further actions if the exploiter returned the entire amount of funds they drained. While some of the funds have been returned, before returning the funds, the attacker left a message seemingly aimed at the Alchemix and Curve teams, stating their intention to refund the funds. However, they added that the decision to return the funds was not driven by the fear of being identified but rather out of a desire not to “ruin” the projects associated with the exploit.

Curve Finance’s $61 million attack

On July 30, an attacker used vulnerable versions of the Vyper programming language to execute reentrancy attacks on specific stable pools within Curve Finance, draining over $61 million. This incident stressed DeFi protocols, raising concerns about its impact on the crypto ecosystem, particularly due to the risk posed to all pools with Wrapped Ether (WETH).

Amidst the crisis, the DeFi community provided support to Curve Finance. On July 31, a white hat hacker successfully recovered approximately 2,879 Ether valued at around $5.4 million from the exploiter and returned it to Curve Finance. Shortly afterward, another ethical hacker intervened, retrieving nearly 3,000 ETH and returning it to Curve’s deployer address.

Disclaimer: The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Yvonne Kiambi

Yvonne is a blockchain and crypto enthusiast. She is passionate about writing and looks to effortlessly guide readers through the exciting world of crypto. You'll find her immersed in a good book when she's not writing.

Stay on top of crypto news, get daily updates in your inbox

Related News

Subscribe to CryptoPolitan