Last Issues (9)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 2 | 1 | - | - | 3 |
Fixed | 6 | - | - | - | 6 |
| Total | 8 | 1 | 0 | 0 | 9 |
Reported rekts
Conic Finance was reported as rekt on 2023/07/20
Click to show description
Quick Summary Conic Finance on Ethereum was exploited due to a reentrancy issue, resulting in a loss of 3,254,850 $USD. Details of the Exploit Conic Finance is a protocol for liquidity providers on Curve pools. The project fell victim to a reentrancy attack due to a wrong assumption about the address returned by the Curve Meta Registry for ETH in Curve V2 pools. As a result, 1,724 $ETH equivalent to approximately 3,254,850 $USD were stolen and transferred to another EOA, where they currently remain. Interestingly, there was an unsuccessful attack attempt 10 minutes before the successful attack. A transaction was marked as read-only reentrancy. Conic has reached out to the exploiter via a transaction sent from the official Conic Multisig address. Block Data Reference Attacker Address: https://etherscan.io/address/0x8D67db0b205E32A5Dd96145F022Fa18Aae7DC8Aa Funds Holder Address: https://etherscan.io/address/0x3d32c5a2e592c7b17e16bddc87eab75f33ae3010 Malicious Transaction: https://etherscan.io/tx/0x8b74995d1d61d3d7547575649136b8765acb22882960f0636941c44ec7bbe146 Unsuccessful Attack Attempt: https://etherscan.io/tx/0x97a8315e942dd180fb90a17b92f7dabd6e8a2e5b9fd5e4a95ee4049ff33d2f16
Audits (2)
| # | Name | Auditor | Date | Chains | Issues |
|---|---|---|---|---|---|
| 1 | Conic Crypto Pool Update | ChainSecurity | 2024/09/03 | Off-Chain (Private) | No active critical issues |
| 2 | Conic Protocol | ChainSecurity | 2024/02/26 | Off-Chain (Private) | No active critical issues |