Velodrome

The Velodrome Relay is now back online, allowing users to engage in maximal voting and compounding. Users of the old Relays will need to withdraw their locks and deposit into the upgraded strategies.

Velodrome community advises users impacted by the recent DNS attack to open a ticket on their Discord channel. In the ticket, users should provide their wallet address and relevant transactions by 11/23. All losses will be collected and validated through KYC process.

Velodrome has confirmed that it is unaffected by a recent dApp security issue. Users are advised to exercise caution when interacting with any dApps.

The OpenZeppelin team has disclosed details about vulnerabilities in the Relay contracts to the Velodrome community. As a result, Relay has been deactivated and adjustments will be made to address the identified issues. It is important to note that no user funds or veNFTs are at risk, and the core platform is not impacted. Users can withdraw their Relay positions as desired, and an update will be provided when the new version of Relay is available.

The investigation into the incident is ongoing. A full breakdown of events can be found in the incident report. Further details on next steps will be shared soon.

The Velodrome domain has been restored and is currently locked at the top-level domain level. Service has been resumed and the decentralized frontend is accessible and uncompromised. Users are advised to clear their caches before interacting with the site.

The Velodrome community warns users not to interact with their front end as their provider has been exploited again.

Velodrome advises not to use the link in their Twitter bio and instead use the link provided in the quoted tweet, as it is a safe mirror link.

The Velodrome community assures that the protocol funds are safe and contracts are unaffected. Users are advised to access the decentralized frontend at [link] and review any permissions granted in the last several hours.

Velodrome's frontend is currently compromised. Users are advised not to interact with Velodrome until further notice. The team is investigating the issue and will provide updates.