Details: Curve finance was exploited for $52M (a minor exploit given their $3.7B TVL) due to a weakness in older versions of the Vyper compiler (0.2.15, 0.2.16, 0.3.0), newer Vyper versions …

Several websites (Curve for example) have been attacked with various types of front-end security events. For these reasons we have added questions on protocol monitoring.

Percentage score indicates how closely projects follow best-practice in terms of process quality. Click on review for a breakdown of the score and click again for the full report.

Jan 22, 2024 · Furthermore, the protocol handles Oracle manipulation attacks economically, stating there is too much protocol-owned liquidity for manipulating the Curve / Uniswap pools …

Details: Quickswap Lend exploited by 200K via flashloan from a price manipulation on a Curve pool. Penalty 30% as this was preventable, foreseeable and no funds reimbursed to date.