For Hyperliquid, this is both a crisis of capital security and a test of trust.
Written by: Shenchao TechFlow
The drama in the crypto market often unfolds in the dead of night.
Late on March 26, the decentralized trading platform Hyperliquid faced a liquidation risk of up to $240 million due to price manipulation of the memecoin $JELLYJELLY.
Previously, a whale on Hyperliquid with 50x leverage had actively liquidated its long position using similar tactics, putting Hyperliquid's treasury at risk of loss.
The attack last night not only exposed the vulnerabilities of DeFi/DEX platforms in high-leverage trading but also became more complicated due to the "active assistance" from centralized exchanges (CEX) — it resembled a mantis stalking a cicada, with a yellow sparrow behind:
The attacker aimed to profit from price manipulation, while CEX sought to attract users and traffic by listing popular tokens, indirectly undermining the capital security and reputation of their competitor DEX.
If you are not familiar with Hyperliquid and this attack incident, we have gathered summaries and analyses from various parties to attempt to review the entire event, explain the attack principles in simple terms, and discuss the motivations of all parties involved.
Event Timeline: From Short Position to Treasury Crisis
First, you need to know what Hyperliquid is.
Hyperliquid is a decentralized trading platform based on its own Layer 1 blockchain, offering perpetual contract trading, aiming to combine the advantages of centralized and decentralized exchanges.
Its treasury, HLP, is a community-owned protocol treasury responsible for market making and liquidation, allowing users to deposit to share profits and losses. According to Vaults | Hyperliquid Docs, HLP deposits have a 4-day lock-up period to support platform liquidity.
So, what were the steps of the attack on the HLP treasury?
(Image source: Ai Yi Twitter post)
Open a Short Position: According to monitoring by Ai Yi, the attacker opened a $4.08 million short position on $JELLYJELLY on Hyperliquid at a price of $0.0095, with a margin of $3.5 million USDC.
Lower Price to Trigger Liquidation: Another address (e.g., Hc8gN…WRcwq) sold $JELLYJELLY in the spot market to lower the spot price, showing a floating profit on the short position. The attacker then withdrew $2.76 million USDC in margin, triggering liquidation, and the treasury took over the position.
Raise Price to Expand Losses: After liquidation, the attacker bought $JELLYJELLY in two waves at 21:01 and 21:45, raising the price. According to CoinGecko, the price surged by 230% in a short time, exacerbating the floating loss of the treasury's short position.
CEX Actively Intervenes: As long as $JELLYJELLY continued to rise, the short position losses would further increase; at this point, Binance and OKX listed $JELLYJELLY perpetual contracts, attracting significant trading volume, further driving up the price and worsening the treasury's losses.
Treasury Faces Run Risk: As of March 27, 2025, the treasury's floating loss had reached $10.63 million, with TVL dropping by about $20 million, bringing the latest TVL to $231 million (Hyperliquid Dashboard). If the price of $JELLYJELLY rises to $0.17, the treasury could face liquidation, resulting in a loss of $240 million.
Hyperliquid Delists JELLYJELLY, No Losses Incurred: Subsequently, Hyperliquid's treasury liquidated 392 million JELLY tokens at a price of $0.0095 (approximately $3.72 million), making a profit of $703,000 without incurring any losses. At the same time, after discovering evidence of suspicious market activity, the validators convened a meeting and voted to delist the JELLY perpetual contract, with all users to be fully compensated by the Hyper Foundation.
Price Manipulation and the "Assistance" Effect of CEX
If you're feeling a bit confused, it might help to understand the combination of short positions and spot trading, as well as the principle of CEX assistance.
A short position (short selling) is when an investor borrows an asset to sell, expecting to buy it back at a lower price after it drops to profit.
For example: Suppose the price of $JELLYJELLY is $0.10, the attacker borrows 1 million tokens to sell, receiving $100,000. If the price drops to $0.05, they buy back for $50,000 to repay, making a profit of $50,000. But if the price rises to $0.15, they need to buy back for $150,000, incurring a loss of $50,000.
- Hyperliquid's Liquidation Mechanism
In Hyperliquid, when a trader's margin is insufficient to cover potential losses, the position will be liquidated. According to Liquidations | Hyperliquid Docs, liquidation uses the marked price (combining external CEX prices and Hyperliquid order book status) to ensure more robust liquidations. After liquidation, the HLP treasury takes over the position and bears the subsequent risks.
Now let's revisit the short selling and spot buying from the previous sections:
- Attackers' Logic: Lower Price -- Trigger Liquidation -- Create Losses
The attacker opened a short position on $JELLYJELLY at $0.0095 while simultaneously selling in the spot market to lower the price, making the short position show a profit.
The ease of achieving this is due to the attacker targeting the memecoin $Jellyjelly, which has a deep liquidity gap, making price manipulation much easier.
The attacker withdrew most of the margin (e.g., $2.76 million USDC), making it impossible to maintain the short position, triggering the liquidation mechanism, and Hyperliquid's treasury had to take over this short position.
The key is that the attacker then bought $JELLYJELLY, raising the price to $0.16, forcing the treasury to buy back $JELLYJELLY at a higher price to close the short position, thereby expanding the losses.
- Principle of CEX Assistance
The listing of $JELLYJELLY perpetual contracts on CEX had a clear "assistance" effect.
CEX has a large user base and trading volume; after listing $JELLYJELLY perpetual contracts, it attracted many speculators. This significantly pushed up the price of $JELLYJELLY, further exacerbating the treasury's short position losses.
You can also see from the reply post below that the intention of CEX to intervene actively is very obvious.
Subsequent Impact
Although Hyperliquid quickly took action to delist the $JELLYJELLY perpetual contract and did not incur actual losses for the treasury, this incident exposed the vulnerabilities of DeFi platforms when facing high-leverage trading and price manipulation.
More importantly, this event sparked widespread questioning within the community regarding Hyperliquid's liquidation mechanism and decision-making transparency. Users are concerned about whether the platform can maintain capital security in similar future events, and they also question whether the platform truly achieves decentralized governance.
Some posts mentioned that the top 10 deposit addresses provide 15.9% of the funds, and if whales withdraw their investments, it could accelerate a vicious cycle, leading to a "bank run."
Although no financial losses occurred, reputational damage may have already begun to manifest.
Is Hyperliquid really a DEX? If so, why can it so easily delist tokens? Is governance power concentrated in the hands of a few?
These community concerns reflect DeFi users' worries about platform governance transparency and community participation, while also presenting Hyperliquid with new challenges: how to balance capital security with the contradiction between decentralization and efficiency.
As a DeFi platform, Hyperliquid relies on community treasury and liquidation mechanisms, but it appears vulnerable in the face of CEX's massive trading volume and market influence. CEX can quickly attract capital by listing popular tokens, affecting prices, while DeFi platforms may fall into crisis due to insufficient liquidity and price manipulation.
Mantis Stalking Cicada, Yellow Sparrow Behind
This is a complex game, with each participant harboring different motivations, trying to take the initiative in this price manipulation game.
- Attacker: Profit-Seeking Price Manipulator
The attacker's goal is to profit from price manipulation. Ai Yi's post shows that the manipulation address holds 124 million $JELLYJELLY (worth $4.86 million), possibly aiming to sell at a high price after raising the price. They may be mimicking the previous 50x leverage whale operations, taking advantage of the price volatility of low liquidity memecoins.
- Hyperliquid: Protecting Users and the Platform
Hyperliquid strives to protect user funds and platform stability. Community posts have mentioned that the platform may adjust BTC and ETH leverage ratios to reduce similar risks. In the future, it needs to raise margin requirements or improve liquidation mechanisms to protect the community funds of HLP.
- CEX: Precision Strikes in Competition
The rapid response and listing actions of CEX are not just a business decision; they may also hide competitive considerations.
By quickly listing the $JELLYJELLY perpetual contract, CEX attracted a large number of speculators into the market, driving up the token price while also indirectly exacerbating the loss risk for Hyperliquid's treasury.
This precise market intervention appears to be profit-driven on the surface, but it may actually be a "precision strike" — amplifying Hyperliquid's liquidation crisis and weakening its market competitiveness as a DeFi platform.
From the motivations outlined above, it can be seen that the attacker does not hold all the advantages; CEX's market strategy has, to some extent, leveraged the attacker's actions, further amplifying its market influence. The identities of hunter and prey continuously alternate in this multi-layered game, ultimately forming a complex network of interests.
For Hyperliquid, this is both a crisis of capital security and a test of trust.
After all, this is not the first time; previously, a whale with 50x leverage also utilized Hyperliquid's mechanism to "actively liquidate 160,000 ETH long positions" and withdrew a profit of $1.857 million…
We cannot predict whether such attacks will happen again, but what is clearly visible in this incident is:
There remains a gap between the ideals of decentralization and reality, and behind more efficient trading lies a more brutal game.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
