Author: YBB Capital Researcher Zeke

1. A Banquet for the Crows

On March 26, the high-profile DEX project Hyperliquid was attacked once again. This marked the fourth major security incident since its TGE last November, and it was by far the most severe crisis the project has faced since inception. Tracing the entire attack path, the method used was structurally identical to that of the whale who previously went 50x long on ETH — only this time, the strike was more precise, more ferocious, like a banquet of crows targeting a vulnerable DEX.

At the center of the storm alongside Hyperliquid was JELLY, a low-liquidity, faded meme token on Solana. With a market cap of merely $10 million prior to the attack, it became the perfect “dynamite” to blast open Hyperliquid’s vault. That evening at 9 p.m., the attacker deposited $3.5 million USDC as margin and opened a $4.08 million short position on JELLY (entry price $0.0095), hitting the platform’s leverage ceiling. Simultaneously, a whale holding 126 million JELLY began dumping the tokens on the spot market, triggering a price crash and rendering the short position profitable.

The critical turning point came with the margin withdrawal: the attacker quickly pulled $2.76 million USDC out, leaving the short undercollateralized and triggering Hyperliquid’s automatic liquidation mechanism. The platform’s insurance fund, HLP (composed of user-staked assets), was forced to take over the now-massive 398 million JELLY short position. At this point, the attacker flipped direction, aggressively buying JELLY within an hour, driving its price up several times to $0.034, resulting in HLP’s unrealized loss exceeding $10.5 million. Had JELLY surged to over $0.16, HLP faced a $240 million wipeout.

As Hyperliquid stumbled into crisis, the crows smelled blood. Centralized exchanges like Binance and OKX swooped in. Within an hour of the attack, both platforms rushed to list JELLY perpetual contracts — seemingly leveraging their deeper liquidity and influence to further pump JELLY’s price and widen HLP’s losses. The community voiced intense suspicion toward the two exchanges, but the most curious twist was still to come.

Twenty-six minutes before Binance officially launched its JELLY perps, the Hyperliquid Validator Committee passed a vote to delist JELLY perpetual contracts. The final closing price happened to align with the attacker’s short entry price (less than one-third of the market peak), resulting in a $700,000 profit for HLP. Caught between a rock and a hard place, Hyperliquid effectively tore off its own “decentralization” fig leaf.

2. Binance on the Blockchain?

As a leading protocol in the on-chain perpetuals space, Hyperliquid accounts for 9% of Binance’s global perpetual trading volume — a figure that puts it well ahead of all other DEXs. For comparison, platforms like Jupiter and dYdX combined represent only about 5% of Binance’s perpetual volume. This has earned Hyperliquid the nickname “Binance on-chain.”

But unlike Binance, Hyperliquid — a project born in the aftermath of the FTX collapse — hasn’t been nearly as lucky. In fact, its path has arguably been even more turbulent than SBF’s downfall. Since its TGE, Hyperliquid has suffered a major attack almost every month, constantly hovering on the brink. Let’s briefly review these incidents:

1. December 2024 — North Korean Hacker Threat (Attempted Attack)

   Incident: Security researchers identified multiple blacklisted North Korean hacker wallets conducting test trades on Hyperliquid, accumulating over $700,000 in losses. These repetitive transactions were suspected to be probing for system vulnerabilities.

   Risks: Closed-source code, opaque multisig mechanisms, lack of transparency and public auditing.

2. January 2025 — ETH Whale Leverage Attack

   Incident: A user opened a $300M ETH long position with 50x leverage. After reaching an $8M unrealized gain, they withdrew most of the margin, inflating the liquidation price. HLP was forced to take over the position and lost ~$4M.

   Risks: Issues with margin and HLP mechanisms.

3. March 12, 2025 — Second ETH Whale Attack

   Incident: Another leveraged ETH attack targeting the same systemic vulnerabilities, further draining the HLP vault.

   Response: On March 15, an emergency network upgrade modified margin withdrawal rules (setting a 20% margin ratio requirement).

4. March 26, 2025 — JELLY Incident

   Incident: As described in the previous section.

   Risks: Centralization concerns due to limited validator count; HLP vulnerabilities further exposed under coordinated pressure from CEXs.

In past articles, I’ve critiqued some of UNI’s fundamental issues. It’s unlikely humanity will ever achieve a truly decentralized DEX. There are several reasons:

1. Any successful DEX ultimately depends on a centralized team. Despite the talk of “community governance,” most major decisions — like Uniswap’s frontend fee or UniChain launch — were made without community voting.

2. Governance voting is rarely truly decentralized. Funded projects are swayed by lead investors; unfunded but successful projects become even more centralized in decision-making and profit distribution (e.g., Pump.fun).

3. The sybil problem remains unsolved, and any solution to it often contradicts decentralization ideals. No one willingly relinquishes power. Even Ethereum’s most passive figurehead, Vitalik, can’t become the next Satoshi.

4. Capital efficiency is a non-negotiable for any DEX. For AMMs, progress demands embracing complexity — and that complexity often brings centralization risk. We’ve already discussed this in the UNI article. UniChain, for instance, is rapidly becoming a centralized “American Alliance” (Optimism Superchain), optimizing for speed but sacrificing resilience.

Now, revisiting Hyperliquid from a fresh angle: In an environment where blockchain infra is largely idle and flow-based value dominates, Perp DEXs should ideally become the main occupiers of unused blockspace. But Hyperliquid’s repeated failures highlight core problems facing fully on-chain perpetual DEXs:

1. From a user perspective, capital efficiency and team pedigree > decentralization. (This reflects a transitional phase where CEX-like models remain preferred.)

2. A Perp DEX is not a black box — it’s a casino with transparent mirrors. When users can take on 50x leverage, how can algorithms compete with players holding those mirrors?

3. “No VC funding” and “high performance” are great narratives — but they also often signal more centralized control. After a security incident, an AMM must “play by the rules.” Hyperliquid, however, resembles a CEX controlled by a few hands, albeit one that’s transparent and KYC-free.

4. In the absence of dynamic risk controls, should high-risk and blue-chip assets be treated equally? Should massive unrealized profits trigger risk mitigation?

5. Will Hyperliquid ultimately become the “FTX 2.0” that Bitget’s CEO warned us about?

3. Hyperliquid’s Internal Crisis

Building on the fifth issue mentioned earlier, we dig deeper into Hyperliquid’s internal vulnerabilities. From a liquidity perspective, Hyperliquid, while leading among DEXs, often sees whale deposits accounting for nearly 20% of its TVL under normal conditions. This means that if similar large-scale attacks were to occur again, the platform could face a mass exodus of whales, triggering a liquidity death spiral. In such a scenario, the only response might be to pull the plug. This highlights how the depth and composition of liquidity are vital for any Perp DEX. While Hyperliquid can currently go head-to-head with second-tier CEXs, its on-chain liquidity — especially without dynamic leverage limits — is clearly insufficient to sustain such consistently high leverage levels.

Architecturally, Hyperliquid operates as a DEX with its own Layer 1 chain. Though innovative, the overall design is not overly complex. Simply put, it runs an EVM plus a matching engine. As per the official technical documentation, it uses a system called HyperEVM + HyperCore. The Hyperliquid L1 is not an independent blockchain but is protected by the same HyperBFT consensus that secures HyperCore. This allows the EVM to directly interact with HyperCore, enabling spot and perpetual contract functionality.

Let’s further explain HyperCore:

As described earlier, HyperCore functions as a matching engine — akin to the core of a centralized exchange. It shares the same consensus layer (HyperBFT) with HyperEVM, meaning the two are not separate blockchains but different execution environments on the same chain. A similar architectural approach can be seen in Artela, a public chain originating from the Alibaba ecosystem. HyperCore is designed to execute the core business logic of exchanges (e.g., order book matching, derivatives liquidation, asset custody). It is built on a RustVM, a virtual machine optimized for high-frequency trading, and is permissioned, supporting only officially approved features (like USDC assets and tokens generated via the HIP-1 protocol). Interactions with HyperEVM are handled through precompiled contracts. For example:

A user initiates a perpetual close position operation via a contract on HyperEVM → the operation is passed to HyperCore’s order book via a precompiled contract → HyperCore executes the clearing and settlement.

This dual-execution model under a single consensus layer introduces certain systemic risks:

1. Inconsistent transaction states

2. Synchronization delays

3. Delayed cross-environment liquidation

4. Lack of permissionless infrastructure

Although a Layer 1 network takes time to decentralize, it’s clear that this architecture carries significant potential vulnerabilities.

The HLP (Hyperliquid Pool) is the economic core of the Hyperliquid ecosystem. It aggregates assets like USDC from community users to create a decentralized market-making pool — similar to an LP in an AMM, but more efficient. HLP operates on a dual system:

• Order Book Model: HLP actively provides order depth via limit orders, stop-loss orders, etc.

• Strategy Pool Mechanism: Allows users to deploy custom liquidity strategies (e.g., dynamic spread adjustment) through smart contracts. These maintain a 0.3% spread every 3 seconds, ensuring liquidity flexibility and yield optimization.

Once assets are deposited, users receive HLP tokens as proof of stake. Returns come from:

• Trading fee revenue sharing: 0.02%–0.05% of platform fees are distributed to liquidity providers.

• Funding rate arbitrage: HLP acts as the funding rate settlement pool between long and short positions, capturing yield from rate differentials.

• Liquidation proceeds: When positions are liquidated, HLP assumes the counterparty’s remaining margin as profit.

In essence, HLP aims to deliver yield to users (similar to CEX copy-trading with arbitrage strategies) while also providing liquidity for perpetual trades. When users go long, HLP sells contracts to meet demand. When they go short, HLP buys contracts. As noted earlier, when a position is liquidated, HLP absorbs the remaining margin as the final counterparty — essentially inheriting the position. If an attacker manipulates a token’s price upwards, HLP must repurchase the token at inflated prices to close the position. Judging by the trajectory of the JELLY incident, had the platform not pulled the plug, the vault might have been completely wiped out by March 27.

To put it in simple terms: whale attackers are playing a game against a dealer whose cards are face-up and whose actions are predetermined — except the chips come from the community and its partners.

4. A Long and Winding Road

Perpetual DEXs have existed for quite some time, even predating the rise of AMMs. Their emergence began with dYdX’s hybrid model and reached new heights with Hyperliquid’s full-stack emulation of CEXs. Whether in terms of returns or capital efficiency, Hyperliquid has arguably achieved the best results on-chain. However, while such success can be temporarily sustained through centralized governance, long-term viability raises fundamental questions: How can it resist the inefficiencies and fragility introduced by decentralization?

Our earlier discussion was not merely a critique of Hyperliquid — it also offered broader reflections on decentralized systems themselves: fragmented liquidity, on-chain transparency that enables malicious activity, inefficient and centralized governance via token voting, and the inherent vulnerabilities of rigid protocol logic. The road ahead for order book-based DEXs remains fraught with challenges. Yet among those who’ve waged a years-long war against centralized exchanges, Hyperliquid has arguably conquered the most territory. The question now is: where to go from here?

5. The Market Is Always Right

If the only metric were correctness, it would be easy to declare that FHE + LayerX combined with chain abstraction is the ultimate answer to Perp DEXs. But such statements are meaningless — akin to the hype that surrounded “ZK + On-Chain Games” years ago. These ideas were technically correct but lacked demand, and so quietly faded away under the wheels of time.

DeFi didn’t succeed purely because it was decentralized. Its success came from using decentralization as a prism to meet financial demands that centralized systems simply couldn’t.

Hyperliquid stands today as the successful archetype of a Perp DEX. You can call it a DEX built on a single-machine chain, or a CEX with a transparent ledger — it’s both. From my perspective, it resembles a mirrored version of the BNB Chain. BNB succeeded by leveraging the power of the world’s largest centralized exchange, while Hyperliquid wraps itself in the robe of “on-chain” legitimacy, attracting both native crypto users and refugees from CEXs. If it truly aims for transcendence, then like the monk in Journey to the West, it must endure its own 81 tribulations.

As a product that simulates CEX functionality through a blockchain lens, it inevitably inherits some of the inefficiencies that come with the chain. By tightening leverage and introducing layered insurance mechanisms, Hyperliquid can at least avoid the immediate fate of being forced to pull the plug. These stopgaps may carry it through short-term volatility.

But if we zoom out along the timeline, perhaps a novel protocol shouldn’t be constrained by conventional thinking. In governance and system design, should it not follow the same founding logic that birthed Hyperliquid — putting demand and efficiency first?

About YBB

YBB is a web3 fund dedicating itself to identify Web3-defining projects with a vision to create a better online habitat for all internet residents. Founded by a group of blockchain believers who have been actively participated in this industry since 2013, YBB is always willing to help early-stage projects to evolve from 0 to 1.We value innovation, self-driven passion, and user-oriented products while recognizing the potential of cryptos and blockchain applications.

Website | Twi: @YBBCapital

References:

1. Hyperliquid Under Siege Again: A Multi-Party Game of Cat and Mousehttps://www.techflowpost.com/article/detail_24591.html

2. Hyperliquid Liquidation Incident: Cold Reflections After the Leverage Stormhttps://mp.weixin.qq.com/s/z9WHrHV5x32s6jMNkS2YsQ