Aave V2 Safeguards Users by Temporarily Disabling CRV Borrowing Amidst Curve Finance Attacks
In a swift response to the ongoing relentless attacks on the Curve Finance liquidity pools, the Aave Ethereum v2 version has taken precautionary measures by disabling the CRV borrowing function. This move is aimed at preventing traders from exploiting the recent Curve vulnerability and engaging in malicious shorting of borrowed CRV to promote serial liquidation.
The decision to disable the CRV borrowing function aligns with the guidelines set forth in the Aave Improvement Proposal (AIP-125), which empowers the Aave governance to restrict the borrowing function of specific assets in the event of emergencies. This measure is taken to safeguard the integrity of the platform and protect users’ funds during tumultuous times.
As of now, Aave v2 holds a substantial supply of over 300 million CRV tokens, with approximately 95% of these coming from CRV founder Michwill’s supply. However, the borrowing activity for CRV has been relatively low, with only about 35 million CRV being borrowed so far.
The ongoing attacks on Curve Finance have been relentless, targeting multiple stablecoin pools that employ the Vyper 0.2.15 programming language, including alETH, msETH, and pETH. These pools have fallen victim to repeated reentrancy attacks, exploiting vulnerabilities and withdrawing funds in a way that severely impacts the liquidity provided.
According to BlockSec, a reputable security firm, over 41 million USD has already been withdrawn from various pools on Curve due to the aforementioned exploit. The attacks have caused significant financial losses and heightened concerns among the DeFi community about the overall security of decentralized financial platforms.
By temporarily disabling the CRV borrowing function, Aave v2 intends to mitigate the impact of these attacks on its platform. This proactive step demonstrates the platform’s commitment to ensuring the safety and stability of its users’ assets during periods of market stress and vulnerability.
However, it’s important to note that disabling the borrowing function of CRV may have broader implications for Aave’s users and traders. Aave users who rely on borrowing CRV may face limitations in executing their strategies, while traders may need to seek alternative approaches to manage their positions. As such, it remains crucial for Aave’s governance and community to closely monitor the situation and consider appropriate measures to balance security with the needs of users.
In conclusion, the decision by Aave Ethereum v2 to disable the CRV borrowing function comes as a timely response to the ongoing attacks on Curve Finance’s liquidity pools. This measure aims to protect the platform and its users from potential exploitation while underlining the importance of robust security measures in the decentralized finance ecosystem.
- Hackers Drain Over $41 Million From Curve Finance, CRV Token Plunges 15%
- Aave Launches Stablecoin GHO On Ethereum Mainnet