Curve Finance has publicly accused decentralized exchange PancakeSwap of copying its proprietary StableSwap code without permission, alleging a violation of its software license. The allegation was posted by Curve on X on March 6, 2026, directly addressing PancakeSwap and stating the exchange copied code "without asking." Curve emphasized this is both a legal issue and a technical risk, citing historical problems for projects that reused its code improperly.
The dispute centers on PancakeSwap's recent "Infinity StableSwap" upgrade, which aims to provide better pricing and lower slippage for stablecoin swaps. Curve's post included a screenshot purportedly showing code where PancakeSwap was listed as the author despite the logic originating from Curve's StableSwap system. StableSwap is a core Curve innovation, an automated market maker model designed for low-slippage swaps between stablecoins and pegged assets.
PancakeSwap responded swiftly, stating its team would reach out to Curve directly to discuss the matter. Curve welcomed the move, expressing a preference for cooperation over conflict, stating "Better to be friends and build together." Curve suggested PancakeSwap could obtain a proper license and collaborate to use the technology safely and legally.
Curve also highlighted significant security concerns, noting that "deep stableswap expertise" is required for safe integration. It pointed to the 2022 hack of Saddle Finance and the $116 million Balancer exploit in 2025 as examples of vulnerabilities stemming from improper implementation of similar swap-based code.
The incident underscores ongoing cybersecurity and intellectual property challenges within the DeFi sector as projects iterate and expand features. As of the reports, both teams appear open to a negotiated resolution, potentially involving formal licensing and technical collaboration.
