Vyper vulnerability exposes DeFi ecosystem to stress tests
A number of pools using Vyper have been exploited due to a malfunctioning reentrancy lock that potentially exposes all pools with wrapped Ether (WETH). Decentralized finance (DeFi) protocols are undergoing a stress test following a critical vulnerability was found on versions of Vyper programming language, resulting in the theft of millions of dollars' worth of cryptocurrencies on July 30. A number of pools using Vyper 0.2.15, 0.2.16 and 0.3.0 have been exploited due to a malfunctioning reentrancy lock, targeting at least four liquidity pools on Curve Finance protocol. "The short answer is that everything that could be drained was drained. The targeted pools are aETH/ETH, msETH/ETH, pETH/ETH and CRV/ETH. All remaining pools are safe and unaffected by the bug," Curve Finance said on Discord. BlockSec, an auditing firm for smart contracts, noted that the reentrancy could potentially place all pools with wrapped Ether (WETH) at risk of attack. Please note that this reentr...