News linked to both this project and an event.
According to an official announcement from Curve Finance, due to a hacker attack on the rsETH LayerZero infrastructure, Curve Finance has suspended its LayerZero infrastructure for security reasons, pending further investigation into the root cause before resuming operations. This suspension affects the following: cross-chain bridging of CRV tokens from BNB Chain, Sonic, Avalanche, Fantom, Etherlink, and Kava (chains using native bridges remain unaffected), as well as the crvUSD fast bridge functionality (the L2 slow bridge remains fully operational). Meanwhile, KelpDAO is also reported to have suffered a vulnerability exploit involving approximately $291 million; the exact extent of losses is still under investigation.
Odaily News: Sonic Labs co-founder and Flying Tulip founder Andre Cronje posted on platform X, stating that his team is continuing to investigate the L0/rsETH incident. Preliminary reports indicate that approximately $200 million worth of rsETH was stolen, possibly due to a private key leak or configuration error. The related assets were subsequently deposited into Aave as collateral to borrow ETH (due to insufficient rsETH liquidity).Andre Cronje pointed out that the affected positions are technically still overcollateralized. However, if bad debt occurs, Aave's token mechanism and Safety Module will serve as the first line of defense to absorb the risk. Nevertheless, Aave has no mechanism to subsidize user losses, as doing so could trigger a bank run. Currently, Aave holds approximately $7 billion in ETH with an outstanding borrowing amount of around $100 million, so the overall impact of this incident is limited. Furthermore, prioritizing user liquidity, Flying Tulip has withdrawn all its ETH from Aave to its fund management wrapper contract. This action was taken because Aave's available liquidity had fallen below its set minimum threshold.