A $450,000 hack on Clipper was likely from a withdrawal vulnerability, not a leak, the decentralized exchange said.
Decentralized exchange (DEX) Clipper clarified that a vulnerability in its withdrawal function allowed a recent $450,000 hack of its protocol, rather than a private key leak as suggested by a “third-party.”
Clipper said in an X post that the attacker exploited two liquidity pools on Dec. 1 and took about 6% of its total value locked. It added that no other pools were affected and the exploit had ended.
“There have been third-party claims suggesting a private key leak,” Clipper wrote. “We can confirm that this is not the case and is inconsistent with the design and security architecture of Clipper.”
