Velocore, operating across Linea and zkSync blockchains, faced a significant security breach on June 2, 2024, resulting in a substantial loss of Ethereum (ETH). Exploiting vulnerabilities within its smart contracts, the breach targeted Velocore’s volatile pools, posing concerns over the platform’s security measures. Despite prior security audits and preventive steps, Velocore’s response to the breach has triggered discussions about the safety of decentralized exchanges. With ongoing investigations and community reactions, the incident underscores broader implications for investor confidence and regulatory oversight within the decentralized finance (DeFi) sector.
Velocore Faces Major Security Breach
Decentralized exchange Velocore, deployed on both the Linea and zkSync blockchains, suffered a security breach on June 2, 2024, resulting in a loss of about $6.8 million in Ethereum (ETH). The exploit targeted vulnerabilities within Velocore’s liquidity pool smart contracts, particularly affecting its volatile pools on the Linea and zkSync Era blockchains.
The hacker executed a complex attack by manipulating the fee rate calculation logic, managing to bypass Velocore’s security measures. This allowed for the unauthorized withdrawal of funds into the hacker’s wallet. The exploit primarily affected the protocol’s Linea deployment. Fortunately, Velocore’s stable pools remain unaffected by the breach, allowing users to safely withdraw funds from the reserves.
Despite undergoing multiple audits and implementing preventive measures, Velocore acknowledged the breach and expressed regret. The protocol had earlier passed security audits by prominent blockchain security firms Zokyo, Hacken, and Scalebit.
Velocore is collaborating with security experts from Hexagate and Hypernative to investigate and address the issue. While Velocore has assured users that the exploit has been contained, blockchain security experts have raised concerns regarding the possibility of the exploit spreading to other chains utilizing similar smart contracts.
The incident prompted the Linea blockchain team to temporarily halt block production, a move that has drawn mixed reactions from the community. Many applaud the decisive action taken to prevent further losses. However, it has sparked a heated debate regarding the centralization risks of Layer 2 solutions like Linea. Many Layer 2s like Linea operate centralized sequencers, allowing their teams to possess undue control over their operations.
White Hat Bounty
Velocore is actively working to recover the stolen funds. The protocol reached out to the hacker via an on-chain message, offering a 10% white hat bounty for the return of the remaining funds by June 3, 2024, 08:00 UTC. On-chain data revealed that the hacker bridged the stolen funds to Ethereum mainnet, before laundering 1807 ETH via cryptocurrency mixer Tornado Cash. Without the hacker’s corporation, the fate of the stolen funds remains bleak, as successful laundering is enabled by services like Tornado Cash, which has been utilized in previous hacks.
User Compensation
According to Coinspeaker, Velocore has promised to compensate affected users. A snapshot of the blockchain state before the incident was taken and an appropriate compensation plan will be implemented once operations resume. Velocore has also pledged to enhance its security measures to rebuild trust and minimize damage. The team is working closely with security partners and foundations, as well as requesting cooperation from various protocols and centralized exchanges to track the hacker’s activities. The crypto community has commended Velocore for its swift response to the breach, with many applauding the protocol’s proactive measures in dealing with the situation.
Impact on Market and Asset Prices
Market Implications
The security breach experienced by Velocore raises concerns about the overall security of decentralized exchanges, potentially shaking investor confidence in similar platforms. This could lead to increased scrutiny and demand for stricter security measures across the decentralized finance (DeFi) sector. Additionally, the incident may prompt regulatory bodies to reassess their approach to overseeing DeFi platforms, potentially introducing new compliance requirements.
Asset Price Implications
The security breach and subsequent loss of funds could have a negative impact on the price of Ethereum (ETH) in the short term, as it highlights vulnerabilities within the DeFi ecosystem. Investors may become more cautious about holding assets on decentralized exchanges, leading to a temporary decrease in trading volumes and liquidity for ETH and other cryptocurrencies. However, if Velocore successfully implements enhanced security measures and compensates affected users, it could restore confidence in the platform and stabilize asset prices over time.
Conclusion
The security breach at Velocore has sparked concerns about the safety of decentralized exchanges, potentially impacting investor trust in such platforms. This incident may prompt calls for stricter security measures and increased regulatory oversight in the decentralized finance (DeFi) sector. In the short term, the loss of funds could lead to a decline in Ethereum (ETH) prices and trading activity on decentralized exchanges. However, if Velocore implements effective security enhancements and compensates affected users, it could help restore confidence in the platform and stabilize asset prices.
Official Website:
Website: https://www.bitrue.com/
Sign Up: https://www.bitrue.com/user/register
Disclaimer: The views expressed belong exclusively to the author and do not reflect the views of this platform. This platform and its affiliates disclaim any responsibility for the accuracy or suitability of the information provided. It is for informational purposes only and not intended as financial or investment advice.