Is CRV theft a risk or an opportunity?

From the night before yesterday to yesterday, the most shocking news in the circle was probably that Curve was attacked.
The root cause of this attack was that vulnerabilities appeared in certain versions of Vyper, the programming language used by Curve, which caused the funding pool written in these vulnerable languages ​​in Curve to malfunction, and was thus exploited by hackers to empty the pool.
Since the funds in these pools are related to a series of DeFi projects, this loophole has dragged down a series of DeFi projects.
At the same time, affected by this news, the price of Curve tokens plummeted, causing its on-chain price to drop to less than $0.1. The plunge in CRV prices almost led to the liquidation of the assets pledged by Curve founders on AAVE. Fortunately, Chainlink used the weighted on-chain and off-chain prices to avoid this disaster.
As of the time of writing, the total losses caused by this accident have exceeded US$50 million, and the price of CRV has recovered to around US$0.6.
There are two main reasons why this accident has caused great shock to everyone:
The first is that Curve is the cornerstone of the entire DeFi ecosystem, and has an unparalleled position in the entire DeFi's stablecoins and large-scale transactions.
If the cornerstone fails, it means that it has shaken the security of the entire DeFi ecosystem.
The second is that the root cause of the accident was a malfunction in the programming language used by Curve.
Fortunately, Vyper is not the most widely used smart contract programming language in the entire DeFi ecosystem, so the projects affected by Vyper's vulnerability are very limited.
But at the same time, another more worrying concern has emerged: If there is a problem with Solidity, the programming language commonly used in the DeFi ecosystem, will the entire DeFi ecosystem (Uniswap, Comp, MakerDAO, AAVE, etc. are all written in Solidity) be wiped out?
Seeing this, I remembered an opinion I expressed when I was privately discussing EIP-6551 with several friends two weeks ago - the innovation of the Ethereum ecosystem is increasingly dependent on smart contracts, while the security of smart contracts is far behind the pace of innovation. Will this development path affect the development of the ecosystem?
I have introduced EIP-6551 in the article. It can associate wallets with NFTs, increase the flexibility of NFTs, and thus generate quite complex application scenarios.
I certainly think it's good for this, but on the other hand, I think it's "too heavy".
The so-called "heavy" means that while it is innovative, it also brings greater challenges to security and user experience. I am worried that if such a highly complex application is not properly addressed, the potential security risks will hinder the use of ordinary users.
Therefore, I increasingly hope that the Ethereum ecosystem can try another path of innovation while developing smart contract innovation: the inscription technology that I have mentioned many times. It only needs to write data on the chain, and the execution mechanism can be flexibly placed off the chain.
This provides greater flexibility in security, and even if problems occur, remedial measures can be released more efficiently.
If inscription technology can develop in the Ethereum ecosystem, it will greatly enrich the diversity of the entire ecosystem and provide more choices for project owners and users. Ultimately, through market competition, these two innovation paths will find their most suitable application scenarios. This will definitely make Ethereum and the Ethereum ecosystem more powerful and brilliant.
A reader asked whether it is possible to increase purchases of CRV at this time (CRV price plummeted).
I think we should be cautious about this.
Generally speaking, I divide the factors that affect the price of coins into two categories:
The first category is that purely external factors (such as the macro environment) affect the price of the currency.
For example, the plunge in U.S. stocks caused a plunge in crypto assets, and the SEC's chaos caused a plunge in crypto assets...
Among these factors, the fundamentals of crypto assets themselves are intact. I would love for the price of the currency to plummet at this time. If there are conditions to increase purchases at this time, then of course there is nothing wrong with it.
The second category is that factors affecting fundamentals affect the price of currency.
For example, serious internal strife within the team, fundamental flaws in the project...
Among these factors, the fundamentals of crypto assets themselves are likely to be affected. I think we should be cautious about the price plunge at this time.
Specifically for Curve, although the root cause of the accident is not the project party, will Vyper continue to have other security incidents? Will this accident continue to shake people's confidence in Curve and other questions are still unknown.
So I would not buy it at this time. Instead, I suggest suspending the fixed investment in it first. Wait for more investigation results to come out and confirm that this is just an accidental accident before making a decision.
Today’s article ends here. If you think it’s well written, you can click to follow and read~