Hyperliquid Exploit: Systemic Risk Exposed by Economic Manipulation
Recently, the Hyperliquid exchange found itself thrust into the spotlight again following a large-scale exploit involving the $JELLY token on 26 March 2025. A significant and sophisticated market participant engineered a strategy that resulted in significant losses for Hyperliquid’s Hyperliquidity Provider (HLP) vault. Unlike traditional hacks, where malicious actors exploit code vulnerabilities, this incident was an economic attack harnessing the mechanics of decentralised liquidation systems and the illiquidity of a memecoin market.
The attack commenced when the exploiter opened a short position on $JELLY (a small altcoin for a project that mimics BeReal and TikTok) perpetual futures, depositing substantial collateral to back the trade. Subsequently, the same party accumulated $JELLY tokens through decentralised exchanges, pumping its price more than 200 per cent within a condensed timeframe. By then withdrawing a large portion of collateral from Hyperliquid, they triggered a self-inflicted liquidation, offloading the underwater short position onto the HLP vault. This manoeuvre effectively shifted the resulting losses to the platform’s liquidity backstop (HLP), leaving the exploiter to profit from their artificially inflated $JELLY holdings.
The price of $JELLY on Hyperliquid before and during the exploit
Despite bearing superficial resemblance to a conventional hack, the $JELLY exploit underscores that no direct fault lay in Hyperliquid’s code. Instead, the platform’s liquidation mechanism was forced to absorb a market manipulation event on a highly illiquid token. The HLP vault, designed to facilitate liquidations when markets cannot handle large positions, ended up almost incurring multimillion-dollar losses. Although Hyperliquid’s prompt response, delisting JELLY, force-settling positions, and pledging reimbursement to affected users, contained the immediate damage, it also raised questions about the platform’s decentralisation ethos and risk controls.
Notably, this incident mirrors the events of 12 March 2025, when another trader employed an analogous strategy on ETH perpetuals. Then, the attacker opened a vast long position on ETH, subsequently withdrew most of the posted collateral, and effectively coerced HLP to inherit their enormous yet vulnerable trade. Although the ETH manipulation was smaller in scale, costing HLP around $4 million, it exposed a structural weakness: Hyperliquid’s capacity to facilitate large trades can be turned against it if a market participant strategically reduces collateral at a critical juncture.
Reports of both exploits on Hyperliquid for March 12th and March 26th respectively
Hyperliquid’s stance has consistently been that these incidents are not traditional security breaches, stressing instead that HLP’s design carries inherent market risk. Following the ETH exploit, the decentralized perpetual exchange introduced stricter margin requirements, lowered maximum leverage on major assets, and enforced a higher margin coefficient for transfers. These adjustments were intended to reduce the likelihood of similar “collateral withdrawal” scenarios destabilising the system. However, the $JELLY incident suggests that raising collateral standards alone may not suffice when an attacker orchestrates dramatic price swings, particularly on tokens with thin liquidity profiles.
Hyperliquid’s response to the March 12th exploit
Indeed, the $JELLY exploit’s scale far surpassed the earlier ETH case, in part due to the altcoin’s susceptibility to large price movements, due to its small market cap. Traders can more easily engineer a massive price spike on an illiquid asset, forcing the exchange’s liquidation engine into a defensive stance, especially after a recent listing on Binance. Critics argue that as long as whales can open oversized positions and then manipulate on-chain prices, any incremental tightening of collateral requirements might only offer partial relief.
Hyperliquid’s swift delisting of $JELLY has prompted both applause and criticism. Some supporters claim that intervening to protect HLP staker was vital, preventing a worst-case scenario that could have inflicted losses of over $200 million Opponents, however, view such emergency measures as contradictory to Hyperliquid’s decentralised aspirations, equating validator-driven settlement changes to the interventions of centralised exchanges. The promise of compensation for most non-malicious parties tempered immediate outrage but simultaneously highlighted a lingering question: if an economic exploit of this nature arises again, would Hyperliquid need to impose the same level of centralised control?
Ultimately, what emerges from these twin exploits is not a problem that can be patched in a few lines of code. Rather, it is a systemic challenge faced by high-leverage decentralised platforms offering deep liquidity. Any exchange that aspires to rival the trade volumes of centralised competitors must also develop liquidation mechanisms robust enough to handle calculated attacks. Tweaking margin parameters can mitigate some risk, but it does little to neutralise an attacker’s capacity to orchestrate dramatic price manipulation on illiquid tokens. Hyperliquid’s case emphasises the delicate balance between providing user-friendly liquidity and safeguarding against malicious, large-scale trades.
A flowchart demonstrating the economic attack vector for both exploits
In conclusion, although Hyperliquid’s incremental policy adjustments following the March ETH exploit and its emergency actions during the $JELLY crisis demonstrate a sincere effort to adapt, the fundamental risks remain deeply entrenched. The challenge lies not in patching code but in addressing an inherent vulnerability stemming from high-leverage trading and decentralised liquidation mechanics. Effective solutions will require more than incremental parameter changes; rather, they call for aggressive, proactive risk management. Yet, in the absence of traditional, centralised counterparties, such safeguards inevitably come at the cost of convenience and generous leverage, a trade-off that may lessen the platform’s appeal for certain traders. Until these systemic concerns are tackled comprehensively, Hyperliquid’s experiences will continue to highlight how decentralised exchanges can be undermined by strategic market manipulation, despite their underlying smart contracts remaining intact.
This article may contain material that is not directed to, or intended for distribution to or use by, any person or entity who is a citizen or resident of or located in any locality, state, country or other jurisdiction where such distribution, publication, availability or use would be contrary to law or regulation or which would subject 512m AG or its affiliates to any registration or licensing requirement within such jurisdiction. The information, tools and material presented in this article are provided to you for information purposes only and are not to be used or considered as an offer or the solicitation of an offer to sell or to buy or subscribe for securities or other financial instruments.