On July 2023, Conic Finance was exploited in a reentrancy, resulting in approximately $3.25M in losses. That makes the Conic Finance exploit the 54th largest DeFi incident out of 690 documented in our archive.
Attack Mechanics: How the Conic Finance Reentrancy Played Out
Exploit Class Applied to Conic Finance
The Conic Finance incident on July 21, 2023 is classified as a Reentrancy. A malicious contract re-enters a vulnerable function before state is updated, letting it drain funds multiple times. In the full archive, Conic Finance is 1 of 51 documented reentrancy incidents.
Conic Finance in Context
At $3.25M, the Conic Finance exploit is a significant ($1M–$10M) event compared to the largest same-class incident in our archive — Curve (2023) at $41M.
Prior Reentrancy Before Conic Finance
The nearest reentrancy incident before Conic Finance was Libertify, 10 days earlier on July 11, 2023 ($452K lost). The same exploit class surfaced again within the reentrancy attack surface.
Conic Finance Vulnerability Signature
The primary source categorises the Conic Finance exploit specifically as “Read-Only-Reentrancy && MisConfiguration”. This narrower label is entity-specific: it reflects how the Conic Finance contract failed, rather than the broad reentrancy pattern alone.
Impact & Recovery for Conic Finance
Conic Finance Loss Figure
The Conic Finance exploit caused $3,250,000 in losses — a significant ($1M–$10M) incident and the 17th largest of 214 documented in 2023. This single incident represents 0.5% of all tracked losses that year.
Where Conic Finance Sits Among Reentrancy Attacks
Ranked by loss size, Conic Finance is the 5th largest of 51 reentrancy incidents documented. That puts the Conic Finance loss above the class average of $2.87M.
Timeline Since the Conic Finance Incident
The Conic Finance exploit occurred 2.7 years ago (998 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for Conic Finance
Public post-mortem / on-chain analysis for the Conic Finance incident: view source.
FAQ
How much did Conic Finance lose?
The Conic Finance exploit in July 2023 resulted in $3,250,000 in losses — the 17th largest of 214 DeFi incidents that year.
When did the Conic Finance hack happen?
The Conic Finance exploit was recorded on July 21, 2023 — 998 days ago.
What type of exploit hit Conic Finance?
The Conic Finance incident is classified as a Reentrancy. A malicious contract re-enters a vulnerable function before state is updated, letting it drain funds multiple times.
How common is the Reentrancy pattern seen at Conic Finance?
Our archive contains 51 documented reentrancy incidents. The Conic Finance incident is one of them.
How does Conic Finance compare to the largest Reentrancy attack?
The largest reentrancy incident in our archive is Curve (2023) at $41M. The Conic Finance loss is $3.25M.
What are the limitations of the current system, and how can they be addressed?
Limitations include scalability and privacy concerns, which can be mitigated through layer 2 solutions and privacy-preserving technologies.
What is a significant risk associated with the taxation of cryptocurrencies?
The risk of VAT/sales tax evasion is profound due to cryptocurrencies' nature and transaction methods.