Curio, a liquidity firm dealing with real-world assets, encountered a smart contract exploit resulting in a significant loss of digital assets valued at $16 million. This incident unfolded due to a critical vulnerability within a MakerDAO-based smart contract, specifically tied to the management of voting power privileges.
The exploit was orchestrated by an attacker who, after acquiring a nominal quantity of Curio Governance (CGT) tokens, manipulated the smart contract to unjustly amplify their voting power within the Curio DAO. This unauthorized elevation of privileges enabled the attacker to mint 1 billion CGT tokens illicitly.
Comprehensive Recovery Plan Unveiled
In response, Curio has promptly initiated a multifaceted recovery strategy. At the forefront of this plan is the introduction of CGT 2.0, a new token iteration designed to fully reimburse the original CGT holders.
Additionally, Curio has outlined a phased compensation scheme for the liquidity providers impacted by this incident. The compensation, distributed in USDC/USDT, will be rolled out over four stages, each spanning 90 days, potentially extending the restitution process to a year.
Curio also aims to motivate white hat hackers, offering rewards for assistance in recouping lost assets. The firm reassures its community, affirming the integrity of its Polkadot and Curio Chain contracts, thereby reinforcing confidence in its digital infrastructure amidst this challenging episode.
Also Read: Hacker Exploits Flaw in Dolomite Project, Steals $1.8M in USDC
