Decentralized finance (DeFi) platforms Curve, Metronome, and Alchemix have collaboratively unveiled a strategy to recover the funds pilfered in the recent breach of the Curve fund pool. This initiative involves offering a reward of 10% of the stolen funds as a bounty, with the intention of encouraging those responsible for the breach to return the remaining 90%. The breach, which occurred on July 30, resulted in the misappropriation of approximately $70 million in cryptocurrency. As a result, the proposed bounty could amount to ar ound $7 million The parties involved in the recovery plan are assuring that there will be no further legal actions taken, and law enforcement will not be involved. The statement conveyed their intent to resolve the matter amicably.
The Joint Statement EMPHASized Their Preference for A Civil Resolution and Stated, "We will not pursue this matter further and do not risk law enforcement isses. "The TERMS of the OFFER Stipulating that if the Responsible Party Chooses Not to Engage in the Voluntary Return Pro access By 0800 UTC on August 6th, the scope of the bounty will be expanded to the public. Under this scenario, the full 10% reward will be provided to anyone who successfully identifies the perpetrator, resulting in a conviction through legal proceedings. The st atment Conveyed a commitment to exhaust all legal avenues to ensure accountability.
To facilitate direct communication, the trio provided the contact email curvenegotiation@protonmail.com, urging the responsible individual to respond promptly. They also underscored the requirement for anyone engaging in negotiations to validate their ownership of an on-chain email add ress.
The security breach was attributed to a critical vulnerability in a version of the Vyper programming language. This weakness led to a reentrancy lock glitch targeting four liquidity pools on Curve Finance. The incident has brought fresh uncertainty to the broader crypto comm unity, raising concerns about potential repercussions within the DeFi ecosystem. In reaction to the uncertainty stemming from the exploit, Curve Finance's native stablecoin, crvusd, briefly lost its peg on August 3rd.
