Reviewing the Hyperliquid Attack Incident: Demand is the Starting Point, Correctness is the Endpoint

I. Feast of Crows

On March 26, the Dex project Hyperliquid was attacked again. This is the fourth major security incident the project has faced since November last year, and it is the most serious crisis it has encountered. The method of this attack is similar to the previous whale incident that involved a 50x long position on ETH, but it was more precise and fierce, as if it were a feast of crows targeting the Dex.

The attacker chose the illiquid Meme token JELLY on Solana as a breakthrough point. At nine o'clock that night, the attacker deposited 3.5 million USDC as margin and opened a short position worth 4.08 million dollars in JELLY, reaching the maximum leverage allowed on the platform. At the same time, an address holding a large amount of JELLY cooperated with the spot market sell-off, causing the token price to plummet and resulting in profits from the short position.

The key turning point occurred during the margin withdrawal phase: the attacker quickly withdrew 2.76 million USDC, leading to insufficient margin for the remaining short positions, triggering Hyperliquid's automatic liquidation mechanism. The platform's insurance fund HLP was forced to take over this massive JELLY short position. Subsequently, the attacker began to operate in reverse, buying a large amount of JELLY in a short period, causing its price to surge several times, resulting in HLP incurring a floating loss of over 10.5 million dollars.

When Hyperliquid fell into trouble, certain centralized exchanges quickly intervened. Two large platforms rapidly launched JELLY's perpetual contracts within an hour after the attack incident, suspected of leveraging their liquidity depth and influence to continue driving up the token price, further exacerbating HLP's losses.

In a critical moment, the Hyperliquid Validator Committee voted to delist the JELLY perpetual contract, with the final closing price set at the attacker's opening price, resulting in a profit of $700,000 for HLP. In a dilemma, Hyperliquid chose to take a step back and personally removed the "fig leaf" of decentralization.

2. On-chain trading platforms?

Hyperliquid, as the leading protocol in the on-chain perpetual contract space, accounts for 9% of the global contract trading volume on a major trading platform, far ahead in the Dex market. In contrast, other Dex platforms combined account for only about 5%, which is why Hyperliquid is referred to as the "on-chain trading platform."

However, this Dex project established after the collapse of a certain cryptocurrency exchange seems to be struggling, suffering a major attack almost every month, putting its existence on the line. Here is a review of several major security incidents:

1. December 2024: Potential Threat (Attempted Attack) Security researchers have discovered multiple suspicious addresses conducting trading tests on Hyperliquid, accumulating losses of over $700,000. These addresses are repeatedly trading to probe system vulnerabilities, potentially preparing for subsequent attacks.

2. January 2025: ETH Whale High-Leverage Attack A user opened a long position on ETH worth $300 million using 50x leverage, and after floating profits reached $8 million, suddenly withdrew most of the margin, causing the liquidation price to rise. Ultimately, HLP was forced to take over the position, incurring a loss of about $4 million.

3. March 12, 2025: ETH Whale Second Attack The attacker once again exploited high leverage operations on the ETH contract, leading to further losses in the HLP treasury.

4. March 26, 2025: JELLY Event As mentioned above.

These events expose issues with Hyperliquid in terms of margin mechanisms, HLP mechanisms, and limitations on the number of validators.

Decentralized exchange (Dex) projects aiming for complete decentralization face numerous challenges: project development is often led by a core team, governance voting is difficult to fully decentralize, prominent individuals find it hard to relinquish their influence and interests, and Dex projects inevitably confront the trade-off between complexity and centralization risks in pursuit of capital efficiency.

There are still the following issues with the full-chain perpetual contract Dex:

1. Users are more concerned about capital efficiency and project background rather than the degree of decentralization.
2. The transparency of on-chain transactions allows market participants to easily gain insight into transaction conditions, increasing the risk of being attacked in a high-leverage environment.
3. Lack of financing and high performance may lead to more centralized decision-making and projects.
4. Lack of dynamic risk control mechanisms makes it difficult to cope with the risks posed by high-risk assets and large withdrawals.

3. Internal Challenges of Hyperliquid

From a liquidity perspective, Hyperliquid performs excellently in the Dex, but its whale deposits under normal circumstances may account for nearly 20% of the platform's TVL. This means that if a larger-scale similar event occurs, it could trigger a mass exodus of whales, leading the platform into a vicious cycle of liquidity depletion. Therefore, the thickness and composition of liquidity are crucial for perpetual contract DEX.

In terms of architecture, Hyperliquid is a decentralized exchange (Dex) with its own Layer 1, composed of HyperEVM and HyperCore. HyperCore acts as the matching engine of a centralized exchange and shares the same consensus layer (HyperBFT) with HyperEVM. This design, while innovative, also carries potential risks, such as transaction state inconsistencies, synchronization delays, and cross-chain settlement delays.

The HLP (Hyperliquid Pool) vault is the core of the Hyperliquid ecosystem, adopting a "on-chain order book + strategy pool" dual-track system. After users deposit assets, they receive HLP token certificates, with earnings coming from transaction fee sharing, funding rate arbitrage, and liquidation profits. HLP provides liquidity for perpetual contract trading but also appears vulnerable when facing whale attacks.

4. The Road is Long

The history of Perp Dex can be traced back to its early days, originating from certain hybrid mechanisms and reaching its peak in the comprehensive simulation of centralized exchanges by Hyperliquid. Hyperliquid performs excellently in terms of yield and capital efficiency, but how to address the efficiency losses and vulnerabilities brought by decentralization while maintaining these advantages remains a significant challenge.

The road ahead for order book Dex is still fraught with difficulties. In this years-long war against centralized exchanges, Hyperliquid is undoubtedly the participant that has made the most progress. However, the direction for future development still requires careful consideration.

5. The market is always right

The success of DeFi does not solely stem from its decentralized nature, but rather from its ability to meet the needs of users that cannot be fulfilled by traditional finance through decentralization.

Hyperliquid represents a successful paradigm for the current stage of Perp Dex, which can be seen as a Dex built on a single-chain or a centralized exchange with a transparent ledger. It attracts native users and investors seeking a safe haven through the concept of the chain, but to truly realize the ideal of decentralization, many challenges still need to be overcome.

As a blockchain product that simulates a centralized exchange to the greatest extent, Hyperliquid inevitably comes with some efficiency losses. In the short term, tightening leverage limits and increasing various insurance mechanisms may help to weather the storm.

In the long run, such emerging products should not be limited by fixed thinking. In exploring governance and various mechanisms, the philosophy of creating Hyperliquid should also be upheld, prioritizing demand and efficiency.