Curve Finance 獎勵發現關鍵漏洞的網路安全研究人員 25 萬美元

網路安全研究員 Marco Croc 因發現 Curve Finance 中的一個嚴重漏洞而獲得 25 萬美元獎勵，該漏洞使駭客竊取了數百萬美元。儘管將威脅歸類為“不那麼危險”，但 Curve Finance 認識到潛在的風險及其可能對用戶的影響。這起事件是在 7 月發生的一次駭客攻擊事件中造成 6,200 萬美元損失，導致 Curve Finance 向流動性提供者賠償 4,920 萬美元。

Curve Finance Rewards Cybersecurity Researcher with $250,000 for Uncovering Critical Vulnerability

Curve Finance 獎勵發現關鍵漏洞的網路安全研究人員 25 萬美元

In a significant development within the decentralized finance (DeFi) industry, Curve Finance has awarded a substantial $250,000 bounty to cybersecurity researcher Marco Croc, affiliated with Kupia Security, for identifying a critical vulnerability within the protocol.

作為去中心化金融 (DeFi) 行業的一項重大發展，Curve Finance 向 Kupia Security 下屬的網路安全研究員 Marco Croc 提供了 25 萬美元的巨額獎金，以表彰其識別協議中的關鍵漏洞。

The vulnerability, which could have potentially allowed attackers to exploit balances and withdraw funds from liquidity pools, was detected by Croc and promptly reported to Curve Finance. Recognizing the severity of the issue, Curve Finance conducted a thorough investigation and acknowledged the potential security risks associated with the vulnerability.

Croc 發現了該漏洞，該漏洞可能允許攻擊者利用餘額並從流動性池中提取資金，並立即向 Curve Finance 報告。 Curve Finance 認識到問題的嚴重性，進行了徹底調查，並承認與漏洞相關的潛在安全風險。

As a testament to the significance of Croc's contribution, Curve Finance awarded him the maximum bug bounty of $250,000. The protocol expressed its deep appreciation for Croc's vigilance and underscored the importance of collaborative efforts in safeguarding the DeFi ecosystem.

為了證明 Croc 貢獻的重要性，Curve Finance 授予他最高 25 萬美元的漏洞賞金。該協議對 Croc 的警惕表示深切讚賞，並強調了合作努力保護 DeFi 生態系統的重要性。

While Curve Finance classified the threat as "not as dangerous," the protocol emphasized that even minor security incidents could trigger significant panic among users. It also reaffirmed its belief that stolen funds could be recovered in such scenarios.

雖然 Curve Finance 將這一威脅歸類為“不那麼危險”，但該協議強調，即使是輕微的安全事件也可能引發用戶的嚴重恐慌。它還重申了其信念，在這種情況下可以追回被盜資金。

This incident follows Curve Finance's recent recovery from a hack in July, which resulted in a loss of approximately $62 million. To address this setback and restore confidence, the DeFi protocol conducted a vote to reimburse $49.2 million worth of assets to liquidity providers (LPs) affected by the breach.

在這起事件發生之前，Curve Finance 最近從 7 月的一次駭客攻擊中恢復過來，這次駭客攻擊造成了約 6,200 萬美元的損失。為了解決這個問題並恢復信心，DeFi 協議進行了投票，向受違規影響的流動性提供者 (LP) 賠償價值 4,920 萬美元的資產。

On-chain data reveals that 94% of tokenholders approved the disbursement of tokens worth over $49.2 million to cover losses incurred in the Curve, JPEG'd, Alchemix, and Metronome pools. The successful reinstatement of funds serves as a testament to Curve Finance's commitment to security and its enduring support for its users.

鏈上數據顯示，94% 的代幣持有者批准支付價值超過 4,920 萬美元的代幣，以彌補 Curve、JPEG'd、Alchemix 和 Metronome 礦池造成的損失。資金的成功恢復證明了 Curve Finance 對安全的承諾及其對用戶的持久支持。

The identification and resolution of this critical vulnerability underscore the paramount importance of robust cybersecurity measures in the DeFi landscape. The industry remains vulnerable to sophisticated attacks, emphasizing the need for continuous vigilance, collaboration, and unwavering efforts to mitigate potential threats.

這項嚴重漏洞的識別和解決凸顯了 DeFi 領域強有力的網路安全措施的重要性。該行業仍然容易受到複雜攻擊的影響，強調需要持續保持警惕、協作並堅定不移地努力減輕潛在威脅。