Source: Adobe / Roman Samokhin
Coinbase, the largest US cryptocurrency exchange, has made a $1 million profit from the DeFi platform’s recent hack Curve financing.
The exchange has not yet returned the funds, which some claim belong to the victims of the hack, claiming it is under no obligation to do so.
The incident in question occurred in July when a hacker targeted Curve Finance, a major player in the DeFi market, stealing assets worth $73 million.
During the attack, Curve’s pricing system was disrupted, creating a unique arbitrage opportunity.
A trading bot saw this opportunity and paid 570 ETH (equivalent to $1.06 million at the time) to ensure its trade was quickly processed by an Ethereum blockchain validator.
This payment was the second highest payment ever made in the so-called “maximum extractable value” (MEV).
According to Alchemix, a platform that suffered losses during the Curve exploit, Coinbase was the validator that received the payment, as well as data from Nansen confirming the exchange as the recipient.
Although the majority of the $73 million stolen by Curve has been recovered, Alchemix, which lost $22 million in the hack, claims that Coinbase has rejected requests to return the funds received in the incident.
Alchemix believes that Coinbase is actually withholding stolen funds and criticizes the exchange for showing no willingness to return the funds despite directly benefiting from the exploit.
Coinbase, on the other hand, claims that it is not legally obligated to refund anyone, representatives from the exchange have reportedly told Alchemix.
This situation highlights the dilemma between the principles of blockchain-based finance, which are often based on the “code is law” concept, and the lack of legal recourse for victims of crypto theft.
How Coinbase Made $1 Million
The first attack on Curve exploited a flaw in the code of certain liquidity pools, resulting in the loss of $73 million in assets.
One of the affected pools contained Ethereum (ETH) and alETH, an Ether derivative issued by Alchemix.
Following the hack, there was a significant imbalance between the two tokens in the pool, giving traders the opportunity to purchase alETH at a significant discount.
Sensing this opportunity, a trading bot bought the remaining alETH in the pool and quickly sold it for another derivative called frxETH, which was then exchanged for ETH.
While the trading bot only made a profit of 43 ETH from these transactions, the majority of the profits went to Coinbase, the validator responsible for recording the transaction into the Ethereum ledger.
The unusually high fee of 570 ETH served as an incentive for the validator to prioritize the bot’s transaction over others attempting to make the same trade.
As reported, the Curve exploiter returned all stolen ETH and alETH worth $22 million to Alchemix following public pressure and an ultimatum.
Additionally, white hat actors returned assets worth $13 million in good faith before they could be stolen.
Additionally, the trading bot operator responsible for profiting from the alETH imbalance returned his profit of 43 ETH upon request from the Alchemix team.
Learn Crypto Trading, Yield Farms, Income strategies and more at CrytoAnswers