Domen Grabec 2021-1-21.
Saddle Finance launched their fork of the Curve protocol. Blog post on Rekt suggests that they did so with minimal code changes. Curve was designed to more effectively provide liquidity pools for stable coins doing swaps with more depth and less slippage.
Upon contract creation Saddle Finance hasn't supplied balanced initial liquidity to the pools. Then users provided their own liquidity and pools were exposed to highly profitable arbitrage. Here is an example of swap transactions that greatly benefited the swapping user at the cost of funds lost to liquidity providers:
Not much technical description is needed since this wasn't so much a bug in the contract code, rather a pretty sloppy release strategy. There is still reproduction code available under reproductions folder. Simulating a transaction where user swapped 0.34 sBtc for 4.3 WBTC.