Latest News

Convex Finance is working to fix a flaw that might have resulted in a $15 billion rug pull

Convex Protocol, a network that improves rewards for users who use the Curve stablecoin, has prevented a $15 billion rug pull from happening.

When seemingly genuine bitcoin enterprises abscond with investor funds, rug pulls occur. In the last year, it’s become a significant issue in the decentralized finance field.

During a security analysis for Coinbase of the Convex Finance protocol, OpenZeppelin, a blockchain security firm, discovered a severe vulnerability. The business discovered that by following a set of steps, two of the Convex’s three multi-signature wallet signers may acquire access to a pool of liquidity provider tokens. In a blog post, OpenZeppelin outlined the steps.

Convex held the bulk of Curve Finance’s CRV stablecoins in circulation, putting a lot of money on the line. Convex’s anonymous developers — in the form of two of three multisig signers — might use the flaw to seize control of Convex’s locked value, which was over $15 billion at the time.

Only Convex’s development team could exploit or patch the problem, according to OpenZeppelin, complicating the disclosure procedure. The security firm stated that it was “reasonably certain” that the problem was unintentional, implying that the developers were unaware of the flaw and had no intention of fleeing with funds. However, if the firm was wrong, the consequences of alerting the very people with the power to conduct the rug pull could be disastrous.

Finally, before disclosing the vulnerability to the Convex team, OpenZeppelin claimed it tried to gain assurances that it would not be abused. They employed Immunefi, a bug bounty partner, as a middleman.

The bug has been fixed since then. The flaw was never exploited, and no cash were ever lost as a result. Convex’s public documentation includes extra materials that break down the multisig flaw.

Related Posts – XRP Price Goes Up After Unexpected Reappearance On Coinbase

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.