DeFi lending protocol Alchemix announced on X platform that it has paid a $100,000 bug bounty to Immunefi, and the bug has been fixed. User funds are safe and a complete report will be released soon. Earlier, on July 30th, Curve Finance notified Alchemix that its alETH/ETH pool may be vulnerable to attack due to a bug in Vyper. Alchemix quickly took action by removing liquidity controlled by AMO contracts from the Curve pool through the AMO contract, but there were still about 5,000 ETH liquidity controlled by AMO in the pool. The bug was executed on the Curve pool contract. Alchemix smart contracts were not attacked and funds were safe.
All Comments