Hyperliquid suffers its fourth attack, with HLP treasury unrealized losses exceeding 10.5 million USD.

robot
Abstract generation in progress

The Hyperliquid Perptual Futures platform suffers its fourth major attack

On March 26, the Perptual Futures platform Hyperliquid was attacked again, marking the fourth major security incident for the project since November of last year and the most serious crisis it has faced since its inception. This attack method was similar to the previous ETH whale attack but was more precise and severe.

The attacker used the low liquidity Solana token JELLY as "dynamite". At 9 PM that evening, the attacker deposited 3.5 million USDC as margin on the platform and opened a short position worth 4.08 million USD in JELLY, reaching the leverage limit of the platform. At the same time, an address holding a large amount of JELLY coordinated a sell-off in the spot market, causing the token price to plummet, resulting in a floating profit for the short position.

Subsequently, the attacker quickly withdrew 2.76 million USDC in margin, leading to insufficient margin for the remaining short position, triggering Hyperliquid's automatic liquidation mechanism. The platform's insurance fund HLP was forced to take over this short position. The attacker then executed a reverse operation, massively buying JELLY within an hour, causing its price to surge several times to $0.034, resulting in a floating loss of over $10.5 million for HLP.

Review of Hyperliquid Black Wednesday: Demand is the starting point, correctness is the endpoint

When Hyperliquid was in trouble, certain centralized exchanges quickly intervened. Two platforms announced the launch of JELLY's Perptual Futures within an hour of the attack, potentially driving up the token price further and amplifying HLP's losses.

In response to the crisis, the Hyperliquid Validator Committee passed a vote to delist the JELLY Perptual Futures, with the final settlement price being the attacker's opening price, resulting in HLP making a profit of $700,000. This decision has raised questions about the platform's level of decentralization.

As a leading protocol in the on-chain Perptual Futures space, Hyperliquid accounts for 9% of the global contract trading volume of a well-known centralized exchange, far ahead in decentralized exchanges. However, the project has frequently been attacked since its inception, raising significant concerns about its security.

Apart from this incident, Hyperliquid has previously experienced three major security incidents:

  1. December 2024: Potential Hacker Threats (Attempted Attacks)
  2. January 2025: ETH whale high-leverage attack, HLP loss of about 4 million USD
  3. March 12, 2025: ETH Whale Second Attack

These events expose the issues with Hyperliquid in terms of the margin mechanism, HLP mechanism, and the limited number of validators.

Review of Hyperliquid Black Wednesday: Demand is the Starting Point, Correctness is the Endpoint

From the architectural perspective, Hyperliquid is a decentralized exchange with its own Layer 1, utilizing an EVM + matching engine design. Its core component, HyperCore, is equivalent to the matching engine of a centralized exchange and shares the same consensus layer with HyperEVM. Although this design is innovative, it also brings potential risks, such as transaction state inconsistency and synchronization delays.

The HLP vault is the core of the Hyperliquid ecosystem, and its design logic is similar to aggregating community user assets to build a decentralized market maker capital pool. However, this fixed logic design appears to be relatively fragile in the face of attacks.

Although Hyperliquid has achieved significant success in the on-chain Perptual Futures space, it still faces enormous challenges. How to enhance security and decentralization while maintaining high efficiency will be key to the future development of the project. At the same time, this event has also sparked in-depth reflection within the industry on the development direction of decentralized exchanges for Perptual Futures.

Reviewing Hyperliquid's Black Wednesday: Demand is the Starting Point, Correctness is the Endpoint

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 7
  • Share
Comment
0/400
AirdropHuntressvip
· 07-09 16:34
Traditional means have been infiltrated again.
View OriginalReply0
AirdropHunter007vip
· 07-08 14:29
This is the fourth time, it's really quite generous.
View OriginalReply0
DAOdreamervip
· 07-06 20:56
Planted again, huh?
View OriginalReply0
MemecoinTradervip
· 07-06 17:00
kek, another day another exploit... memetic chaos theory in action tbh
Reply0
AirdropHunterKingvip
· 07-06 16:53
Four in and four out, not losing but earning. A master at Clip Coupons!
View OriginalReply0
MEVictimvip
· 07-06 16:52
Rug Pull is that quick?
View OriginalReply0
ImpermanentLossEnjoyervip
· 07-06 16:50
Lost again, keep losing.
View OriginalReply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)