Three Sigma Profile picture
Mar 12 12 tweets 4 min read Read on X
One trader VS. Hyperliquid’s HLP vault.

$4M gone. No bug. No exploit. Just a brutal game of liquidity mechanics.

Here’s how they pulled it off. 🧵👇Image
1/ What Happened?

A trader turned $10M USDC into a $271M ETH long using high leverage, then withdrew collateral, forcing HLP to take the trade.

They walked away with $1.8M profit, while HLP ate a $4M loss.

Here’s how it worked ⬇️ Image
2/ Step 1: The Setup

If you’re trading with massive size, you have a problem: How do you exit without tanking your own position?

Market selling = slippage = killing your own trade.

This trader found a way to offload everything, without dumping on themselves.
3/ Step 2: The Withdrawal Play

Instead of selling ETH into order books, the trader withdrew collateral, lowering margin and forcing Hyperliquid to liquidate them.

HLP—the protocol’s liquidity vault, took on the $286M ETH long, leaving it exposed.
4/ Step 3: The Perfect Short Hedge

The trader knew HLP’s forced selling would push ETH down, so they played both sides.

By hedging on another exchange (e.g Binance), they let HLP absorb the long while they profited on the short.

No accident, just a calculated trade.
5/ Was This an Exploit?

Hyperliquid says no. HLP isn’t forced to take the other side like GLP, and other MMs joined the liquidation.

HLP lost "only" $4M, roughly one month’s profit, but it wasn’t system-breaking. The vault remains net positive. Image
Image
6/ Why HLP Took a $4M Loss

HLP isn’t one vault, it’s three:

1️⃣ HLP Liquidator — buys liquidated positions

2️⃣ HLP Strategy A — $145M ETH short

3️⃣ HLP Strategy B — $145M ETH short

On the UI, you only see the net position.

When the whale was liquidated:

✅ HLP Liquidator went long $290M ETH

✅ Strategy A & B shorted to hedge

❌ They couldn’t match the exact entry price → $4M slippage loss

It wasn’t socialized losses, it was execution slippage.
7/ Not the First Time Hyperliquid Got Targeted

In June 2023, an attacker manipulated SNX prices on CEXs to exploit HLP, walking away with $37K USDC.

HLP had to quickly adjust its pricing models to prevent future attacks. Image
8/ Could This Happen Again?

Hyperliquid has already reacted:

🔹 Max leverage lowered to 40x (BTC) and 25x (ETH)

🔹 Higher margin requirements for large positions

🔹 Likely more HLP risk adjustments coming

But here’s the real question ⬇️

Should protocols rely on liquidations when the smartest traders can front-run them?
9/ Final Takeaway: The Edge Is in the Rules

This wasn’t a code exploit, if anything, it was a mechanism exploit.

Traders don’t break smart contracts but they can still break protocols.
10/ What do you think?

Just smart trading, or should @HyperliquidX change its system to prevent this?

Reply below. 👇 Image
At Three Sigma, We Secure Web3 Projects — Discover How Our Smart Contract Audits Protect Your Code and Your Future, Today. threesigma.xyz/smart-contract…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Three Sigma

Three Sigma Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @threesigmaxyz

Feb 19
🚨 Monad Testnet is LIVE. A new high-speed EVM chain just dropped.

8.8M wallets preloaded. 5,000 TPS. Transactions flying.

But can it actually handle real DeFi? Is it secure? What happens when you push it to the limit? Let’s find out. 🧵👇
1/ What is Monad?

Monad is a new EVM-compatible chain aiming for insane speed & efficiency.

✅ High-speed execution (5,000 TPS)

✅ MEV-resistant architecture

✅ Optimized for DeFi trading

But it's a testnet. Things will break. And that’s the point. Time to stress test. Image
2/ How to get started?

🛠️ Add Monad Testnet →

🔗 Connect your wallet (MetaMask, etc.)

You’re in.

Expect delays, failures, bugs. Testnets aren’t for smooth sailing. They’re for finding cracks.testnet.monad.xyz
Read 10 tweets
Feb 19
🚨 Something wild is happening at MakerDAO & no one is talking about it.

• Emergency governance vote out of nowhere.
• MKR borrowing limits 2x overnight.
• Critics banned mid-vote.
• No clear reason why.

Is this a governance attack? A power grab? Or something worse? 🧵👇
1/ Yesterday, an "out-of-schedule" proposal hit the MakerDAO forum.

• It passed in record time.

• It dramatically increased the amount of USDS that can be borrowed against MKR.

• It lowered collateral requirements from 200% to 125%.

What is happening? 🤔 Image
2/ The official reason? "To protect against a governance attack."

But here’s the catch:

• No actual attack was identified.
• The proposal bypassed standard governance procedures.
• Some of the loudest critics were mysteriously banned mid-vote.

Something isn’t adding up. 👀
Read 10 tweets
Feb 18
🚨 HyperEVM is here. A new era of on-chain trading, perps, & DeFi infra begins.

But what is HyperEVM? Is it safe? How does it work? Where’s the risk?

Here’s the full breakdown (No shilling, no FOMO—just facts). 🧵👇
1/ What is HyperEVM?

HyperEVM is Hyperliquid’s new Layer 1 blockchain designed for:

✅ On-chain trading (Perps, Spot, Options)
✅ DeFi protocols (Lending, AMMs, Staking)
✅ High-speed execution with MEV resistance

Think Solana speed + Ethereum dev compatibility + Hyperliquid perps—but it’s new, and new means risk.Image
2/ How is it different from other chains?

1️⃣ Centralized order execution → Trading is off-chain, settlements are on-chain.

2️⃣ No pre-mined tokens → $HYPE is gas, but no VC unlocks or insider allocations.

3️⃣ EVM-compatible → Existing Solidity-based protocols can deploy easily.

4️⃣ Built for DeFi & perps → High-frequency trading with near-zero slippage.

🚨 Risk Factor: As a new chain, security models & economic incentives are untested at scale.Image
Read 11 tweets
Oct 22, 2024
🚨 Discover everything about DeFi AMMs! 🚨

Our latest blog covers how AMMs have transformed DeFi—exploring the models, innovations, and challenges shaping the space today.

👉 Read the full article here:

Let’s dive in 🧵👇threesigma.xyz/blog/automated…
1/ In this series, we explore AMM protocols, anchoring our analysis around fundamental variables that dictate their performance and adoption. 🧑‍🏫

Our goal is to provide a comprehensive understanding of the differences and operational efficiencies across AMM protocols and models. Image
1.1/ What Are AMMs?

AMMs let users trade tokens directly from liquidity pools, offering continuous liquidity and simplified market access compared to traditional order books. Image
Read 18 tweets
Aug 6, 2024
Our Points Aggregation Series is now live! A deep dive into 70+ #DeFi protocols and how they implement their incentive programs.

Points have been responsible for the new era of liquidity mining rewards.

Discover everything here: threesigma.xyz/blog/points-one
The article filters protocols across most of the core areas of #DeFi, including money markets, DEXs, Perp-DEXs, infrastructure, and chains, all analyzed together in a unified framework.

1/15
We classified the protocols based on two key criteria:

• A bilateral standard in the X axis for the programs' capital requirements.
• A bilateral standard in the Y axis for the effort required from users to farm points. Image
Read 16 tweets
May 13, 2024
Restaking has been one of the strongest narratives of 2024.

How has the Restaking ecosystem evolved and what has changed since @eigenlayer introduced this concept to the blockchain?

Let's dive deeper into the state of this new industry 🧵 Image
1/ #Restaking is one of the newest blockchain sectors.

The practice of restaking LSTs and native assets introduces a way to share security from one blockchain to support other less developed chains/protocols.
2/ This technology enables protocols with a robust community of network validators to share this resource with other protocols that would otherwise need to allocate significant resources to incentivize their validator bases.
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(