Curve Exploit Post Mortem

Alchemix Finance
4 min readSep 21, 2023


On July 30th, 2023, Curve contacted the Alchemix team alerting us of a vulnerability in several of their pools, including our alETH — ETH pool.

The Alchemix Multisig team immediately started work to pull AMO-owned liquidity from the affected pool, and they successfully removed 8,027 alETH before the remainder of the pool was drained by the exploiter.

The funds stolen by the exploiter consisted of 4,821 alETH and 7,258 ETH.

Details of Vulnerability & Fix

The exploit was a result of a latent vulnerability in the Vyper compiler, which was used to create the affected Curve pools. The bug was present in versions 0.2.15, 0.2.16, and 0.3.0. The bug was patched in version 0.3.1, but Vyper were not aware of the impact of using the vulnerable compilers at the time.

All future alAsset pools deployed by Curve will be using Vyper version 0.3.1 and above, and they will no longer have this vulnerability.


Some times are estimated.

July 30th, 2023:
14:49 UTC — Curve contacted the Alchemix team alerting us to a vulnerability in our alETH — ETH pool

14:55 UTC — The Alchemix Multisig team met and immediately started to remove liquidity from the affected pool.

15:21 UTC — 8027 alETH was unstaked and removed from the pool.(1-2)
Due to the nature of the AMO, a balanced complete withdrawal is only possible with the sweep function, which removes the entirety of the funds to the Multisig. This is behind a timelock function, so given the time-sensitive nature of the vulnerability, the only practical possible functions to withdraw liquidity and keep it in the AMO contract were to withdraw funds single sided (as alETH or ETH). alETH was done first to balance the pool, with the intent to withdraw the remainder as ETH in a follow-up transaction. The pool was drained while submitting txn for ETH withdrawal.

15:34 — 4,821 alETH and 7,258 ETH in the pool was removed by the exploiter.(3)

15:34 — The remaining 3,856 alETH left in the pool was removed by an arbitrage bot. The net result of the exploiter and arbitrage bot resulted in a partial loss of backing to alETH of approximately 5,000 ETH.(4)

~18:00 UTC — Out of an abundance of caution, the Multisig team paused the alETH Transmuter, Disabled Yield tokens and bridging.(5–18)

August 4th-5th, 2023:
13:21 onwards — The exploiter returned all alETH stolen from the LP over several transactions.(19–21)

14:20 onwards — Hacker returned all ETH stolen from the LP over several transactions.(22–26)

Moving forward

Alchemix is working with Curve to analyze LP positions prior to the attack and develop a compensation plan. The exact nature of compensation will include returning the recovered funds to LPers (including the Alchemix AMO), as well as potential compensation from Curve in the form of vested CRV tokens.

alETH vaults have been unpaused, and all yield flow, repays, and self-liquidations have been redirected to the AMO contract per AIP-97.(27)

Some Arbitrageurs have returned profits, and we are continuing to reach out to others.(28)

Stuck bridgers were partially reimbursed, as per AIP-96.(29)

Thank you

We’d like to extend a huge thank-you to everyone involved in the recovery of these funds. We couldn’t have done it without you.

Our advisors and collaborators in no specific order:

Ogle Security
X\Tg: @cryptogle

Alicia Katz
X: @aliciakatz

Igor Igamberdiev
Head of Research at Wintermute
X: @FrankResearcher

Yearn Finance
X: @bantg

Michael Egorov
Curve Finance
X: @newmichwill

Green Jeff
Head of Strat @ Vesper,
Co-founder @ Metronome Governor DAO
X: @jeffthedunker

Jordan Kruger
Metronome CEO/Co-founder
X: @jordanjkruger

MEV BOT White hats


Etherscan links

1 — Unstake LP from Convex

2 — Remove alETH

3 — Hacker drained all ETH and part of the alETH from pool

4 — Arbitrage bot removed the remaining alETH from the pool

5 — Disable OP bridge

6 — Pause USDC transmuter

7 — Pause DAI transmute

8 — Pause USDT transmuter

9 — Pause ETH transmuter

10 — Pause FRAX transmuter

11 — Disable yvwETH Yield token

12 — Disable wstETH Yield token

13 — Disable WETH Yield token

14 — Disable s_aWETH Yield token

15 — Disable rETH Yield token

16 — Disable rETH Yield token

17 — Disable vaETH Yield token

18 — Disable SfrxETH Yield token

19 — Curve pool hacker alETH return #1

20 — Curve pool hacker alETH return #2

21 — Curve pool hacker alETH return #3

22 — Curve pool hacker ETH return #1

23 — Curve pool hacker ETH return #2

24 — Curve pool hacker ETH return #3

25 — Curve pool hacker ETH return #4

26 — Curve pool hacker ETH return #5

27 — AIP-97

28 — Arbitrage profit returns tweet thread.

29 — AIP-96