A cybersecurity researcher under the pseudonym Marco Croc, associated with Kupia Security, received a reward of $250,000 for identifying this critical vulnerability. The Curve Finance team admitted that the exploit could have allowed hackers to commit multimillion-dollar asset thefts from the DeFi protocol's liquidity pools.
The Curve Finance administration assured that Marco Kroc's remuneration was as high as possible.
"Thank you so much for uncovering the error! If an attack in this direction had taken place, it could have caused serious problems. This is an example of a very professional job," Curve Finance said.
Any such incident could lead to serious panic among users of the protocol, representatives of Curve Finance acknowledged.
On July 30 last year, the Curve Finance protocol was subjected to a hacker attack. The Curve (CRV), JPEG'd (JPEG), Alchemix (ALCX) and Metronome (MET) liquidity pools were hacked. The total amount of losses amounted to $61.7 million. Later, the community of the decentralized finance protocol voted for compensation payments to participants of hacked liquidity pools.