Velocore Addresses Remaining Vulnerability With White Hat Operation, Allows Affected LPs To Claim Funds Based On Snapshot
In Brief
Velocore disabled most functions in response to a recent exploit and initiated fund claiming for affected LPs.
Decentralized exchange (DEX) on Ethereum Layer 2 networks ZKsync and Linea, Velocore, announced that it has temporarily disabled most functions, retaining only the withdrawal, in response to a recent exploit of vulnerabilities.
During the security breach, only the volatile pools were exploited, while the others remained unaffected. Imbalances in stable pools and depegged pools caused additional losses for Liquidity Providers (LPs), as frontend swaps were unable to resolve these issues through arbitrage. Meanwhile, on Linea, Velocore could only adjust the swap fee to zero without implementing deeper structural changes. This measure was taken to mitigate potential further damage and ensure a consistent withdrawal method for all users.
Furthermore, during a contract reevaluation, Velocore identified another vulnerability that could potentially lead to the theft of all assets. As a precautionary measure, Velocore conducted a white-hat operation to swiftly mitigate risks, securing assets in a separate Safe vault.
Velocore has emphasized that affected LPs are now able to claim their funds based on the LP snapshot captured at the specific block on both ZKsync and Linea.
Additionally, the Telos blockchain remained secure and was promptly patched without implementing a timelock. Velocore intends to return the stolen assets directly to their owners on a 1:1 basis, which is separate from the overall compensation for LPs. The team is currently in the process of taking snapshots for Telos and updating the claims function.
Notably, regarding compensation for victims of the previous exploit involving LPs, the decision will be determined later through a community vote on whether to reboot or liquidate. All remaining assets will be consolidated into a single treasury for collective decision-making.
Velocore Faces $6.8M ETH Loss In Security Breach, Multiple Pools Compromised
Velocore is positioned as the first veDEX spanning multiple blockchains developed on Velodrome. It provides a trading environment characterized by low fees and minimal slippage, aiming to alleviate protocols from the need to inflate their token rewards, thereby fostering growth within the decentralized finance (DeFi) ecosystem.
Velocore encountered a security breach on June 2nd, resulting in approximately $6.8 million worth of ETH being lost. The vulnerability stemmed from weaknesses within the Balancer-style CPMM pool contract. The affected contracts included all volatile pools (CPMM) on Linea and ZKsync Velocore. Although Telos Velocore also had similar vulnerabilities, actions were taken to mitigate them before any exploitation occurred.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
More articles
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
