$4M gone. No bug. No exploit. Just a brutal game of liquidity mechanics.
Here’s how they pulled it off. 🧵👇
1/ What Happened?
A trader turned $10M USDC into a $271M ETH long using high leverage, then withdrew collateral, forcing HLP to take the trade.
They walked away with $1.8M profit, while HLP ate a $4M loss.
Here’s how it worked ⬇️
2/ Step 1: The Setup
If you’re trading with massive size, you have a problem: How do you exit without tanking your own position?
Market selling = slippage = killing your own trade.
This trader found a way to offload everything, without dumping on themselves.
3/ Step 2: The Withdrawal Play
Instead of selling ETH into order books, the trader withdrew collateral, lowering margin and forcing Hyperliquid to liquidate them.
HLP—the protocol’s liquidity vault, took on the $286M ETH long, leaving it exposed.
4/ Step 3: The Perfect Short Hedge
The trader knew HLP’s forced selling would push ETH down, so they played both sides.
By hedging on another exchange (e.g Binance), they let HLP absorb the long while they profited on the short.
No accident, just a calculated trade.
5/ Was This an Exploit?
Hyperliquid says no. HLP isn’t forced to take the other side like GLP, and other MMs joined the liquidation.
HLP lost "only" $4M, roughly one month’s profit, but it wasn’t system-breaking. The vault remains net positive.
6/ Why HLP Took a $4M Loss
HLP isn’t one vault, it’s three:
1️⃣ HLP Liquidator — buys liquidated positions
2️⃣ HLP Strategy A — $145M ETH short
3️⃣ HLP Strategy B — $145M ETH short
On the UI, you only see the net position.
When the whale was liquidated:
✅ HLP Liquidator went long $290M ETH
✅ Strategy A & B shorted to hedge
❌ They couldn’t match the exact entry price → $4M slippage loss
It wasn’t socialized losses, it was execution slippage.
7/ Not the First Time Hyperliquid Got Targeted
In June 2023, an attacker manipulated SNX prices on CEXs to exploit HLP, walking away with $37K USDC.
HLP had to quickly adjust its pricing models to prevent future attacks.
8/ Could This Happen Again?
Hyperliquid has already reacted:
🔹 Max leverage lowered to 40x (BTC) and 25x (ETH)
🔹 Higher margin requirements for large positions
🔹 Likely more HLP risk adjustments coming
But here’s the real question ⬇️
Should protocols rely on liquidations when the smartest traders can front-run them?
9/ Final Takeaway: The Edge Is in the Rules
This wasn’t a code exploit, if anything, it was a mechanism exploit.
Traders don’t break smart contracts but they can still break protocols.
10/ What do you think?
Just smart trading, or should @HyperliquidX change its system to prevent this?
Reply below. 👇
At Three Sigma, We Secure Web3 Projects — Discover How Our Smart Contract Audits Protect Your Code and Your Future, Today. threesigma.xyz/smart-contract…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
🚨 Something wild is happening at MakerDAO & no one is talking about it.
• Emergency governance vote out of nowhere.
• MKR borrowing limits 2x overnight.
• Critics banned mid-vote.
• No clear reason why.
Is this a governance attack? A power grab? Or something worse? 🧵👇
1/ Yesterday, an "out-of-schedule" proposal hit the MakerDAO forum.
• It passed in record time.
• It dramatically increased the amount of USDS that can be borrowed against MKR.
• It lowered collateral requirements from 200% to 125%.
What is happening? 🤔
2/ The official reason? "To protect against a governance attack."
But here’s the catch:
• No actual attack was identified.
• The proposal bypassed standard governance procedures.
• Some of the loudest critics were mysteriously banned mid-vote.
1/ In this series, we explore AMM protocols, anchoring our analysis around fundamental variables that dictate their performance and adoption. 🧑🏫
Our goal is to provide a comprehensive understanding of the differences and operational efficiencies across AMM protocols and models.
1.1/ What Are AMMs?
AMMs let users trade tokens directly from liquidity pools, offering continuous liquidity and simplified market access compared to traditional order books.
The article filters protocols across most of the core areas of #DeFi, including money markets, DEXs, Perp-DEXs, infrastructure, and chains, all analyzed together in a unified framework.
1/15
We classified the protocols based on two key criteria:
• A bilateral standard in the X axis for the programs' capital requirements.
• A bilateral standard in the Y axis for the effort required from users to farm points.
Restaking has been one of the strongest narratives of 2024.
How has the Restaking ecosystem evolved and what has changed since @eigenlayer introduced this concept to the blockchain?
Let's dive deeper into the state of this new industry 🧵
1/ #Restaking is one of the newest blockchain sectors.
The practice of restaking LSTs and native assets introduces a way to share security from one blockchain to support other less developed chains/protocols.
2/ This technology enables protocols with a robust community of network validators to share this resource with other protocols that would otherwise need to allocate significant resources to incentivize their validator bases.