Decentralized exchanges (DEXs) have gained significant popularity in the world of cryptocurrency trading due to their promise of enhanced security and user autonomy. One such DEX, Curve Finance, which ranks among the largest in terms of trading volume, faced a devastating setback last month when it fell victim to a series of attacks resulting in the loss of over $50 million in various digital assets. The attack was attributed to a critical flaw in Vyper, a pythonic programming language utilized for writing smart contracts on the Ethereum Virtual Machine. Let’s delve into the intricacies of this exploit and how a missing reentrancy lock in Vyper led to hackers exploiting various DeFi protocols en masse.

Solidity and Vyper are high-level, Turing-complete programming languages for writing smart contracts on the Ethereum Virtual Machine

Understanding Decentralized Exchanges and Vyper

Decentralized exchanges (DEXs) facilitate peer-to-peer cryptocurrency trading without the need for a central intermediary. Unlike traditional centralized exchanges, DEXs enable users to have complete control over their funds and prioritize security through blockchain-based smart contracts. These smart contracts execute trades and handle the flow of digital assets without relying on a central authority.

Smart contract languages like Vyper and Solidity are essential for coding decentralized protocols like DEXs, automated market makers and lending platforms. Vyper, a relatively new language, gained popularity as an alternative to Solidity due to its relative ease of use (simplified syntax) and (supposed) enhanced security features. However, last month, vulnerabilities in Vyper led to the exploitation of several projects running versions 0.2.15, 0.2.16, and 0.3.0.

The Missing Reentrancy Lock in Vyper

The exploit that targeted Curve Finance was made possible through a vulnerability that enabled bad actors to carry out reentrancy attacks. A reentrancy attack is quite simply a type of exploit wherein a hacker repeatedly calls a smart contract’s withdrawal function before it has a chance to update its internal state. This allows the attacker to drain the contract’s funds by exploiting the function’s logic and bypassing crucial security measures.

Reentrancy is one of the most famous attacks in the smart contract security field. The most notorious example of a reentrancy attack is The DAO hack in 2016 that enabled hackers to misappropriate 3.6 million ETH. The incident resulted in the infamous hard fork of Ethereum to restore the seized assets.

Drawing parallels to a real-world scenario:

Reentrancy happens when a program or contract calls another program or contract and then keeps executing the same task without waiting for the called program to finish executing the original task.

To understand this better, let’s use an example: Imagine you have an online bank account with $100 and you want to transfer $10 to your friend’s account. You have a function in your account that handles these transfers, and it updates both your account as well as your friend’s account following the transfer.

Now, let’s say a hacker discovers a flaw in the code of the transfer function, which allows them to repeatedly call the function before it finishes updating the balances. So, when you try to transfer $10, the hacker can quickly call the function multiple times and take $10 from your account each time.

As a result, even though you only intended to transfer $10, the hacker manages to drain $100 from your account by repeatedly exploiting the flaw in the function. This is what we call a reentrancy attack – where the hacker keeps calling the transfer function repeatedly to drain all the resources from your account.

The Impact on Curve Finance

Curve Finance is a DEX that boasts 232 different liquidity pools. It was unfortunately the largest victim of last month’s Vyper exploit. Liquidity pools are smart contracts that hold tokens and provide liquidity to crypto markets without intermediaries. However, a vulnerability in the Vyper versions used to build specific pools allowed attackers to exploit them and extract over $50 million in digital assets.

The affected pools included aETH/ETH, msETH/ETH, pETH/ETH, and CRV/ETH. Fortunately the remaining (228) pools remained secure and unaffected. This incident serves as a stark reminder that even the smallest of flaws in smart contracts can lead to substantial losses, and security remains a paramount concern for DeFi protocols.

Lessons Learned and Future Precautions

Reentrancy attacks have been a recurring threat in the decentralized finance space, targeting various projects over time. The incidents involving Vyper last month underscore the importance of thorough code audits, rigorous testing, and continuous updates to smart contract languages and protocols.

Fortunately there is a silver lining. As the crypto space continues to evolve, future iterations of Vyper and upcoming smart contract languages will undoubtedly learn from this costly mishap. Developers and project teams must remain vigilant and prioritize security in their code to protect users’ funds and ensure the long-term viability of the DeFi ecosystem.