How did XPL attackers use Hyperliquid's rules to teach all DEXs a lesson worth tens of millions of dollars?

Written by: Carrot

This is not a hacker, this is a conspiracy

Two days ago, a textbook-level "precision sniping" was staged in Hyperliquid, and the protagonist was a token called $XPL. In the end, the attackers leveraged a massive short liquidation at a cost of less than $200,000, making a profit of over $10 million.

The most important thing is: this is not a hack and the attacker did not exploit any code vulnerabilities.

Instead, he taps into what DEXs are most proud of – complete transparency. It was a hunt in the sun that fully complied with the rules of the protocol. This incident serves as a mirror to reflect the structural weaknesses beneath the glamorous exterior of all current on-chain exchanges (DEXs).

Part I: Attack Trilogy: How Does the Hunt Happen?

To understand this attack, you need to know a core mechanism of perpetual contract...

8.95K

The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.