Curve Finance closed yVault2 liquidity pool after vulnerability was discovered

The developers of the DeFi Curve Finance protocol have found a vulnerability affecting the new yVault2 liquidity pool. The pool had to be closed.

According to a statement on Twitter Curve Finance, the vulnerability was discovered affecting the new trading pool yVault2, which includes the Yearn Finance yield aggregator project. The pool was quickly closed to prevent an incident.

Curve gives users the ability to switch between USD-backed stablecoins with extremely low fees and slippage. Curve’s liquidity is entirely provided by its users, who in return earn income from interest charged to Curve’s stablecoin borrowers. According to the developers’ statement, all blocked tokens will be automatically returned to liquidity providers.

Yearn Finance is a yield aggregator that automatically transfers users’ cryptoassets to other yield generating protocols, exchanges and wallets. All users who have blocked their cryptoassets on Yearn receive a token with “Y” in their name in return. For example, a user who invests USDT in Yearn receives yUSDT in return, which can later be used in other protocols to generate income or exchanged for another cryptocurrency.

This structure is called “vault”, where tokens “v1” and “v2” based on two vaults, which charge different fees and use different strategies, are issued to users based on the assets they have deposited. The latest vulnerability affected the “v2” pool, with the team confirming that the problem was not fundamental, but technical.

This is the second vulnerability involving the Yearn Finance protocol in recent days. Last week, an experienced hacker hacked v1 yDAI, causing the vault to lose about $ 11 million worth of crypto assets.

Telegram channel!