Reviewing Hyperliquid's Black Wednesday: Demand Is the Starting Point, Correctness Is the End Goal
TechFlow Selected TechFlow Selected
Reviewing Hyperliquid's Black Wednesday: Demand Is the Starting Point, Correctness Is the End Goal
The market is always right.
Navigating Web3 tides with focused insights1. Feast of the Crows
On March 26, the highly anticipated Dex project Hyperliquid was attacked again. This marks the fourth major security incident since its Token Generation Event (TGE) in November last year and represents the most severe crisis the project has faced since inception. Tracing back the entire attack vector, the method closely resembles that of the previous whale who went 50x long on ETH—only this time, the assault was more precise and intense, resembling a coordinated feast of crows targeting the Dex itself.
JELLY, a low-liquidity meme token once popular on Solana and now largely forgotten, stood at the epicenter alongside Hyperliquid. Prior to the attack, JELLY’s market cap was merely $10 million. With shallow depth and the platform having offered up to 50x leverage during its peak, JELLY became the perfect "explosive" to breach Hyperliquid’s treasury. At around 9 PM, the attacker deposited 3.5 million USDC as margin and opened a short position worth $4.08 million in JELLY (entry price: $0.0095), hitting the maximum allowed leverage. Simultaneously, a whale holding 126 million JELLY tokens began coordinated selling in the spot market, causing the token price to plummet and pushing the short into profit.
The critical turning point came with margin withdrawal: the attacker swiftly withdrew 2.76 million USDC, leaving the remaining short undercollateralized and triggering Hyperliquid’s automatic liquidation mechanism. The platform’s insurance fund, HLP (composed of user-staked funds), was forced to take over the massive short position of 398 million JELLY tokens. At this juncture, the attacker reversed course, aggressively buying JELLY over the next hour. The price surged several-fold to $0.034, inflicting over $10.5 million in unrealized losses on HLP. Had the price climbed further past $0.16, HLP would have faced a potential $240 million wipeout.
As Hyperliquid faltered, vultures caught the scent. Centralized exchanges Binance and OKX swiftly stepped in. Within an hour of the attack, both platforms announced the listing of JELLY perpetual contracts, seemingly leveraging their deep liquidity and market influence to further inflate the token’s price and amplify HLP’s losses. Accusations flew toward these two CEXs, but what happened next was even more telling.
Just 26 minutes before Binance officially launched its perpetual contract, Hyperliquid’s validator committee passed a vote to delist JELLY perpetuals. Ultimately, the final settlement price was set near the attacker’s original entry price (less than one-third of the prevailing market rate), allowing HLP to net a $700,000 gain. Caught between a rock and a hard place, Hyperliquid chose retreat—effectively tearing off its own decentralized “fig leaf” by intervening directly.
2. On-Chain Binance?
As a leading protocol in the on-chain perpetual futures space, Hyperliquid accounts for 9% of global crypto derivatives trading volume—a dominant share among DEXs. In contrast, other Dex platforms like Jupiter and dYdX combined account for only about 5% of Binance’s futures volume. Hence, Hyperliquid has earned the nickname “on-chain Binance.”
Yet this Dex, born in the aftermath of FTX’s collapse, hasn’t enjoyed the same fortune as Binance—and its journey has been far more turbulent. Since TGE, it has suffered nearly monthly major attacks, perpetually teetering on the brink. Let’s revisit these incidents:
1. December 2024: Potential North Korean Hacker Threat (Unsuccessful Attack)
Incident: Security researchers identified multiple flagged North Korean hacker addresses conducting transaction tests on Hyperliquid, collectively losing over $700,000. These accounts repeatedly probed the system, possibly preparing for future exploitation.
Risk: Closed-source code, opaque multi-sig mechanisms, lack of public audit.
2. January 2025: ETH Whale High-Leverage Attack
Incident: A user opened a $300 million long position on ETH using 50x leverage. After accumulating $8 million in unrealized gains, they withdrew most of their margin, pushing up the liquidation price. HLP was forced to absorb the position, resulting in ~$4 million loss.
Risk: Flawed margin mechanism, vulnerabilities in HLP design.
3. March 12, 2025: Second ETH Whale Attack
Incident: An attacker exploited high-leverage ETH contracts again, further draining HLP reserves.
Response: Emergency network upgrade on March 15 adjusting margin transfer rules (minimum 20% margin ratio).
4. March 26, 2025: JELLY Incident
Incident: As detailed above.
Risk: Centralization due to limited validators; HLP vulnerability magnified under coordinated CEX pressure.
In a prior article, I outlined some shortcomings of UNI. It's unlikely humanity will ever achieve a fully decentralized Dex, for several reasons:
1. Successful Dex projects inevitably rely on core teams who effectively control strategic direction—not the community (e.g., UNI front-end fees, UniChain launch bypassed community votes).
2. Governance voting cannot be truly decentralized. Funded projects are swayed by lead investors; unfunded successful ones become even more centralized in decision-making and revenue distribution (e.g., Pump.fun). The solution lies in solving Sybil attacks—but doing so often undermines decentralization principles.
3. No one willingly gives up power or profit. Even the most laid-back leaders in blockchain, such as Vitalik, can never replicate Satoshi’s anonymity and detachment.
4. Dex projects must pursue capital efficiency. Take AMM: growth demands complexity and increased centralization risks. As discussed previously regarding UNI, complexity is inevitable. UniChain moves toward a more centralized “American alliance” model (akin to Optimism Superchain)—more efficient, yet more fragile.
Revisiting Hyperliquid through the lens of these security events—an angle not covered in last year’s analysis—it’s clear that given blockchain’s current focus on value transfer and vast underutilized infrastructure, Perp Dex should be best positioned to absorb idle blockspace. Yet Hyperliquid reveals many unresolved issues:
1. For such projects, user priorities clearly favor capital efficiency and team credibility over decentralization. (Given CEX dominance, this is an inevitable phase.)
2. Perp Dex isn’t a black box—it’s a casino where everyone has X-ray vision. When users can go 50x leveraged, how can algorithms and mechanisms beat gamblers with full transparency?
3. No funding is a compelling narrative; high performance is another. But both traits also imply greater centralization in decision-making. In AMM models, losses are accepted as part of the game. Hyperliquid, however, operates more like a centralized exchange run by a small group—the only advantages being transparency and no KYC.
4. Without dynamic risk controls, should high-risk assets be strictly separated from mainstream ones? Should massive withdrawals of unrealized profits trigger safeguards?
5. Will Hyperliquid eventually become the “FTX 2.0” that Bitget’s CEO warned about?
3. Hyperliquid’s Internal Flaws
Expanding on the fifth question above: From a liquidity perspective, despite being a top-tier Dex, whales may hold up to 20% of Hyperliquid’s typical TVL. This implies that another similar large-scale event could trigger mass whale withdrawals, plunging the platform into a death spiral of liquidity drought. The only recourse would be pulling the plug again—highlighting how crucial both the depth and composition of liquidity are for Perp Dex. Though Hyperliquid currently competes directly with second-tier CEXs, its on-chain liquidity remains insufficient to support fixed ultra-high leverage without dynamic risk management.
Architecturally, Hyperliquid is a Dex with its own Layer 1. The chain structure is innovative yet straightforward: EVM + matching engine. Official documentation refers to this as HyperEVM + HyperCore. Hyperliquid L1 isn't a standalone chain but rather secured by the same HyperBFT consensus layer shared across components. This allows direct interaction between EVM and HyperCore—for instance, spot and perpetual (Perp) trading.
A deeper look at HyperCore:
As mentioned, HyperCore functions like a centralized exchange’s matching engine. It shares the same consensus layer (HyperBFT) with HyperEVM, meaning they’re not separate chains but different execution environments within one network. The Chinese-originated public chain Artela follows a similar philosophy. HyperCore handles core exchange logic—order book matching, derivatives clearing, asset custody—running on RustVM (a virtual machine optimized for high-frequency trading). Designed as permissioned, it supports only approved features (e.g., USDC and tokens generated via HIP-1). Interoperability with HyperEVM occurs via precompiled contracts. Example workflow: user initiates a perp close on HyperEVM → action written to HyperCore order book via precompiled contract → HyperCore executes settlement.
This dual-environment architecture under a single consensus layer carries inherent risks: 1. Inconsistent trade states. 2. Synchronization delays. 3. Cross-environment settlement lags. 4. Lack of permissionless access. While decentralization takes time for any L1, the design still harbors numerous latent threats.
HLP (HyperliquidPool) is central to Hyperliquid’s ecosystem. Designed to aggregate user assets (like USDC) into a decentralized market-making pool, it resembles AMM LPs but offers higher efficiency. Its foundation uses a dual-track system:
- Order Book Mode: HLP actively places bids/asks to provide depth, supporting limit orders, stop-losses, and professional trading tools;
- Strategy Pool Mechanism: Allows ordinary users to create custom liquidity strategies (e.g., dynamic spread adjustment), executed automatically via smart contracts, maintaining a 0.3% spread every 3 seconds to maximize flexibility and returns.
Users receive HLP tokens upon depositing assets, earning income from:
- Trading fee sharing: 0.02%-0.05% platform fees distributed proportionally to liquidity providers;
- Funding rate arbitrage: In perpetual trading, HLP acts as the counterparty pool settling funding payments, capturing spread gains;
- Liquidation profits: When positions are forcibly closed, HLP absorbs leftover collateral as additional revenue.
In short, HLP provides yield (similar to CEX copy-trading plus arbitrage strategies) while supplying liquidity for perpetual contracts on Hyperliquid. When users go long, HLP sells contracts to meet demand; when users short, HLP buys. As previously noted, when positions get liquidated, HLP becomes the ultimate counterparty, taking over the position. If attackers then drive up the token price, HLP must buy back at inflated prices to close the position. Based on the trajectory of the JELLY incident, had Hyperliquid not intervened, the treasury might have collapsed by March 27.
In simple terms, the whale attacker was gambling against a transparent dealer with predictable behavior—whose capital came from the community and all partners.
4. Long Road Ahead
Perp Dex is not new—it predates even AMM. Its rise began with dYdX’s hybrid model and gained momentum through Hyperliquid’s comprehensive simulation of CEXs. Whether in yield or capital efficiency, Hyperliquid leads on-chain performance. But while centralized governance may sustain this success short-term, how can it withstand the inefficiencies and fragility introduced by decentralization in the long run?
The discussion above isn’t mere criticism of Hyperliquid, but also a reflection on decentralized systems: fragmented liquidity, on-chain transparency enabling exploitation, inefficient and centralized voting governance, and structural fragility under fixed logic. The path forward for order-book DEXs remains thorny. After years of battling CEXs, Hyperliquid has captured the most ground. But where does it go from here?
5. The Market Is Always Right
If correctness alone mattered, I could casually claim that FHE + Layer X with chain abstraction is the ultimate answer for Perp Dex—but clearly, that’s meaningless. Much like ZK + on-chain gaming years ago, technically sound but lacking real demand, such ideas quietly fade beneath the wheels of progress.
DeFi succeeded not because it was perfectly decentralized, but because through the prism of decentralization, it fulfilled financial needs impossible in CeFi.
At this moment in time, Hyperliquid exemplifies a successful Perp Dex paradigm. Viewing this emerging product as either a Dex built on a monolithic chain or a CEX with a transparent ledger is equally valid. From my perspective, it resembles a mirror version of BNB Chain: BNB succeeded by leveraging the world’s largest CEX’s resources; Hyperliquid gains worship from natives and refugees by wearing the “chain” robe. If it truly seeks enlightenment, the pilgrimage indeed requires enduring eighty-one tribulations.
As a product that maximally simulates CEX on-chain, it inevitably inherits some anti-efficiency traits from the chain. Reducing leverage and strengthening various safeguards to avoid unplanned shutdowns may help it survive near-term crises.
Extending the timeline slightly, emerging innovations shouldn’t be bound by old paradigms. Shouldn’t exploration in governance and mechanisms follow the same mindset that built Hyperliquid—prioritizing demand and efficiency first?
References:
1. Hyperliquid Under Siege Again: A Multi-Sided Game of “The Mantis Stalks the Cicada, Unaware of the Oriole Behind”
https://www.techflowpost.com/article/detail_24591.html
2. Hyperliquid Liquidation Incident: Cold Reflections After the Leverage Storm
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@YBBCapital
