Yesterday in Crypto - Issue #11

Read time: ~8 minutes

Here’s what you missed this weekend.

On July 30, several stable pools on Curve Finance, a decentralized finance (DeFi) protocol, were exploited due to vulnerabilities in the Vyper programming language, leading to losses of over $47 million. The versions 0.2.15, 0.2.16, and 0.3.0 of Vyper, a contract-oriented language that targets the Ethereum Virtual Machine (EVM), were found to be vulnerable to malfunctioning reentrancy locks. Reentrancy attacks can potentially drain all funds from a contract.

The exploit affected a number of DeFi projects. The decentralized exchange Ellipsis reported exploitation of some stable pools with BNB due to an old Vyper compiler. Alchemix’s and Metronome’s pools also witnessed significant outflows. Curve Finance CEO Michael Egorov confirmed that 32 million CRV tokens, worth over $22 million, had been drained from the swap pool.

In the midst of the chaos, a white hat hacker, known as "c0ffeebabe.eth", managed to seize around 2,879 Ether (ETH), worth approximately $5.4 million, from the exploiter and returned it to Curve Finance. The hacker used a front-running bot against the malicious hacker to secure almost 3,000 ETH. The funds were then returned to the Curve deployer address, which appears to be its rightful custodian.

The incident sparked panic across the DeFi ecosystem, leading to a wave of transactions across pools and a rescue operation from white hat hackers. The utility token of Curve Finance, Curve DAO (CRV), declined over 10% in reaction to the news.

The situation was further complicated by Twitter accounts impersonating Curve Finance and promoting a fake refund scheme targeting those who lost their funds in the recent hack. The official Curve Finance account has not announced any plans for a refund at the time of writing.

This incident is part of a series of attacks targeting DeFi protocols. A report by Web3 portfolio app De.Fi revealed that more than $204 million was lost through DeFi hacks and scams in the second quarter of 2023 alone.

The U.S. Securities and Exchange Commission has adopted new rules for cybersecurity incidents involving public companies, requiring these companies to disclose a cyberattack four days after being considered “material” and to periodically report on policies to identify and manage cybersecurity risks.

None of this helps, as Curve is not a public company and the SEC’s rules are simply about disclosure. Does the SEC ever really protect investors?

An obscure digital currency named $BALD has experienced an extraordinary growth of over 40,000% within just 48 hours of its launch, catching the attention of crypto enthusiasts worldwide.

$BALD was launched on a new blockchain called BASE, a chain developed by the popular crypto exchange, Coinbase. BASE is built on Optimism, a technology known for enhancing the scalability of Ethereum, one of the world's leading cryptocurrencies. One of the intriguing aspects of BASE is that it hosted the launch of $BALD, making it one of the few cryptocurrencies available on this chain.

For those new to the world of cryptocurrencies, $BALD is classified as a memecoin. Memecoins are a type of digital currency that are often driven by social media trends and sentiment, rather than intrinsic value. They have gained notoriety in the crypto world for their potential to yield massive returns, but they also pose significant risk due to their high volatility.

Investors in $BALD have reported tremendous returns. Some individuals have shared stories of hitting nearly 1000x return on investments (ROI), while others have made astonishingly large profits of up to $400,000 overnight.

However, it's important to note that currently, there is no way to transfer these gains out of the Base blockchain to other chains like Ethereum. There is only a one-directional way to move funds over to Base. This means that while investors can see their $BALD holdings increase in value, they cannot yet capitalize on many of these gains

While $BALD's rise has created substantial wealth for some investors, it also serves as a reminder of the volatile and unpredictable nature of the cryptocurrency market. Many were caught off guard and missed the opportunity for these outsized returns.

Investing in relatively unknown and highly volatile coins like $BALD carries significant risk. Therefore, while the tales of overnight riches can be enticing, potential investors should exercise due diligence and consider their risk tolerance before getting involved in such ventures.

As the journey of $BALD continues, the crypto community is watching with anticipation, curious about what surprises this new coin on an unbridged chain will bring next. Whether $BALD will continue its meteoric rise or become another cautionary tale in the volatile world of memecoins remains to be seen.

SPOILER ALERT - $BALD is a rugpull (scam). DO NOT attempt to buy this coin. Update coming tomorrow.

In a recent interview, Coinbase CEO Brian Armstrong revealed that the U.S. Securities and Exchange Commission (SEC) had suggested that the crypto exchange stop trading all cryptocurrencies except for Bitcoin. Armstrong disagreed with this suggestion, stating that complying with it would have essentially ended the crypto industry in the United States.

The SEC later sued Coinbase in June, alleging it operated illegally because it failed to register as an exchange and traded at least 13 crypto assets that should have been registered as securities, including tokens such as Solana, Cardano, Polygon, and The Sandbox.

In response to these events, Armstrong stated that had Coinbase agreed to the SEC's request, it would have set a precedent and may have led to the regulator cracking down on the majority of American crypto businesses operating under similar conditions. He added that Coinbase didn't really have a choice at that point and decided to go to court to find out what the court says.

The Coinbase representative added that the crypto exchange is still in discussions with the SEC and believes "that transparent and fair rulemaking and Congressional action, such as bills that gained bipartisan support in the U.S. House of Representatives last week, represent the best path forward for American crypto users and the companies building the crypto economy in the U.S.”

SEC Chair Gary Gensler has previously suggested that all cryptocurrencies aside from Bitcoin are securities and has often cited the lack of investor protection as a reason for enforcement actions against crypto companies, comparing the sector to “the Wild West.” However, in the June lawsuit against Coinbase, the SEC didn’t mention Ethereum (ETH), the world’s second-largest cryptocurrency by market cap, among those tokens it asserted to be securities. On June 28, Coinbase filed a motion to dismiss the SEC’s lawsuit, arguing that the agency does not have statutory authority over the exchange and that its position regarding its powers is “untenable as a matter of law.”

Coinbase Vs. SEC… Freedom Vs. Tyranny. We’re in for a battle of the ages.

That’s all for today. We’ll see you on on tomorrow.

“We are building on Bitcoin Lightning because it’s time for the world to have a universal open protocol for payments.”

- David Marcus, Former Paypal CEO