- Pin
- 🍕 Bitcoin Pizza Day is Almost Here!
Join the celebration on Gate Post with the hashtag #Bitcoin Pizza Day# to share a $500 prize pool and win exclusive merch!
📅 Event Duration:
May 16, 2025, 8:00 AM – May 23, 2025, 06:00 PM UTC
🎯 How to Participate:
Post on Gate Post with the hashtag #Bitcoin Pizza Day# during the event. Your content can be anything BTC-related — here are some ideas:
🔹 Commemorative:
Look back on the iconic “10,000 BTC for two pizzas” story or share your own memories with BTC.
🔹 Trading Insights:
Discuss BTC trading experiences, market views, or show off your contract gai
- 🎉 Follow to Win! Gate_Activity account is now live!
💰 Follow Gate_Activity and grab your share of $50 Points rewards!
10 Lucky Followers * $5 Points Each
Join:
1️⃣ Follow Gate_Activity 👉 https://www.gate.io/profile/Gate_Activity
2️⃣ Like this post
📅 Deadline: May 17, 10:00 AM (UTC)
Follow now and don't miss the great activities!
- 👩 Gate Post User Experience Survey is Now Live! 💻
💙 We sincerely invite you to participate in our survey — your valuable feedback will help us continuously improve and grow!
💰 Complete and successfully submit the questionnaire for a chance to share a $200 points prize pool!
👉 Join Now: https://www.gate.io/questionnaire/6641
⏰ Event Period: May 8, 8:00 AM – May 18, 6:00 PM (UTC)
Is there no cure for the Curve crisis? Countermeasures from the perspective of DeFi mining
Luke is the Head of Product at Cobo Argus and a DeFi enthusiast. From the perspective of miners participating in DeFi mining, this article discusses how to reasonably use Cobo Argus to deal with the Curve crisis.
The DeFi world has been in crisis for the past two days due to the latest attack on Curve. Since the attack on July 30, the price of CRV plummeted from 0.74 USDT to below 0.5 USDT. It rebounded slightly today and is currently stable above 0.6 USDT. Although it has been found that the attack was caused by a bug in the old version of the Ethereum programming language Vyper, the crisis facing Curve has not been eliminated.
Since the founder of Curve will hold a large amount of CRV for mortgage loans on the chain, once the price drops further, it may cause a large number of CRV to be liquidated, forming a chain of liquidation, and it is not impossible for the price of CRV to return to zero. As one of the largest protocols in the DeFi field, Curve's latest crisis has once again dealt a major blow to the security and credibility of DeFi, which may also have many adverse effects on the future development of DeFi.
Here, the author only discusses how to reasonably use Cobo Argus to prevent similar potential risks in daily DeFi mining from the perspective of miners participating in DeFi mining.
Background of the event
First, we briefly review the occurrence of the Curve crisis through the timeline.
On July 30, at 21:34, the pETH-ETH pool on Curve was attacked, and the price of pETH dropped to $383. At 22:50, the msETH-ETH pool on Curve was attacked. At 23:34, alETH-ETH on Curve was attacked.
At 0:44 on July 31, the Ethereum programming language Vyper tweeted that the reentry locks of Vyper versions 0.2.15, 0.2.16 and 0.3.0 are invalid.
At 0:45, Curve tweeted that the stablecoin pool (alETH/msETH/pETH) using Vyper 0.2.15 was attacked due to a reentry lock failure, and other pools were safe.
3:08 CRV-ETH was attacked, and the lowest CRV on the chain dropped to around 0.08.
16:41 Curve tweeted, suggesting that everyone remove the liquidity of the Tricrypto pool on Arb. Although it has not been attacked, the pool may also be at risk.
Due to the attack on Curve, a large number of abnormal events also appeared on the chain, the price of CRV plummeted, and the panic that mich's loan positions might be liquidated caused users to withdraw liquidity from Aave, and the interest rates of USDC and USDT rose abnormally. The DeFi world is embroiled in a series of associated risks.
Cause Analysis
The special thing about this security incident is that it was a bug in the language level of the smart contract, which caused the re-entry lock defense of some well-known projects to fail. Fortunately, there is a problem with Vyper instead of Solidity, otherwise the entire DeFi world may be in jeopardy.
DeFi has attracted a large number of users to participate in DeFi because of its low friction cost and composability, as well as higher investment income than the traditional world. However, wallet security and smart contract security have always been the sword of Damos hanging over DeFi.
The thunder of Euler, Curve and other well-tested old protocols has indeed made many DeFi believers begin to lose confidence. Once there is a problem with the protocol, the entire principal is often lost. In addition to smart contract risks, there are also risks of phishing, private key Leakage risk, etc., how to achieve both safety and efficiency when participating in DeFi has always been a problem that plagues the industry.
The Cobo team has been active in the DeFi field for a long time and is also known for its focus on security. Within Cobo, there are already a set of internal solutions for various DeFi security issues. The Cobo team has now commercialized this internal solution and launched Cobo Argus, a solution for DeFi scenarios, and soon reached a TVL of 100 million US dollars after the new version was launched.
preventive solution
For events like what happened to the Curve last night, there is little that can be done to prevent it. For general DeFi miners, they can only see if they can detect problems in the first place and take countermeasures. In this case, if they can make reasonable use of tools such as Cobo Argus, it will be of great help. The retreat robot function provided by Cobo Argus can monitor the risk indicators on the chain and help users withdraw immediately when there is an abnormality.
The following is a specific analysis of how to use the retreat robot on Cobo Argus for the situation of Curve:
When there is a problem with the pool above Curve, there are two obvious signals: **1. There has been a large degree of decoupling of linked assets. 2. Due to hacker attacks and large households fleeing, there was a big drop in TVL. **
If Cobo Argus is used, we can set these two monitoring indicators to monitor the proportion of a certain token in the LP pool, and monitor the comparison between the principal invested by users and the total amount of funds in the LP pool. In this way, we can monitor the abnormality at the first time, and the robot will automatically withdraw the principal.
Under normal circumstances, most users only know that there is a risk in the DeFi protocol through the warning of the white hat on Twitter. It may have been several hours since the attack occurred at this time, and there is no chance to save the principal.
Using robots to monitor risk indicators on the chain and automatically evacuate as soon as there is a risk signal can help users save assets very effectively.
**Cobo Argus has launched a corresponding retreat robot for mainstream protocols and liquidity pools, which can effectively help users monitor risks and save principal. **
Hacking, decoupling of tokens, run on lending agreements... All kinds of risk events on the chain can be monitored through some specific indicators. Cobo Argus also allows users to set custom robots, custom monitoring indicators and contract calls after the robot is triggered.
For expert users with better DeFi knowledge, they can set monitoring values and robot actions by themselves, which can theoretically be used on any DeFi protocol. In the Cobo Arugs community, a user recently saved their assets from a lending agreement through a custom robot.
All these functions are decentralized and trustless-the robot is operated and maintained by Cobo, but the robot can only perform the DeFi operation authority authorized by the user, and cannot perform other operations beyond its authority. All authorizations will be recorded in a non-upgradeable smart contract, and the contract code and authorization records are completely transparent on the chain and can be audited by anyone.
As a supplementary introduction, the smart contract of Cobo Argus is based on the Plugin function of Safe{Wallet}. Safe{Wallet} is the largest multi-signature wallet with the highest TVL and recognized as the safest in the Ethereum ecosystem. Most DeFi protocols will use Safe{Wallet} to manage the treasury. And Plugin is the latest capability launched by Safe{Wallet}, which supports third-party developers to expand the capabilities of Safe{Wallet} by writing Plugin.
Cobo has always been in close contact with the Safe{Wallet} team, and also developed Cobo Argus in the early stage of the Plugin capability launch. Based on Safe{Wallet}, it launched a series of solutions for DeFi scenarios:
By authorizing specific permissions to an address for single-signature execution, efficiency can be improved, but security will not be reduced. Because this address only performs authorized specific operations, it cannot operate beyond authority or transfer the principal.
Through the authorization function of Cobo Argus, it is possible to avoid misuse by phishing, leakage of hot wallet private key and loss of all principal, and misconduct within the team to transfer funds, etc.
At present, Cobo Argus has been used by many DeFi asset management teams and individual DeFi Whales, which not only improves the efficiency of DeFi, but also strengthens the protection of asset security. Recently, projects such as Solv and iZUMi have also used Cobo Argus as the underlying decentralization and security tool. In the future, Cobo will continue to innovate, protect ordinary users and builders in the industry, and promote innovation and progress in the industry.
Finally, DeFi still has unlimited potential in the long run. However, mining in the DeFi world will never avoid potential risks. I hope everyone will participate cautiously. "If a worker wants to do a good job, he must first sharpen his tools." While raising vigilance and accumulating experience, DeFi miners can also make good use of tools to deal with different risks as much as possible.