Weekend wipeout.

dYdX lost 40% of its v3's insurance fund ($9M) in a ‘targeted attack’ involving manipulation of Yearn’s YFI token.

One exploit, two losers…

…not to mention YFI’s holders.

Alarm bells began to ring when YFI tanked by ~40% (after having pumped 2x in a week), wiping $200M off the token’s market cap and leaving the chart looking like a PnD memecoin.

But, despite engagement-baiting chain-checkers jumping to conclusions, this wasn’t a case of insiders dumping.

The brutal price action was, in fact, caused by liquidations of YFI longs looking to ride the pump on dYdX, who fell victim to what looks suspiciously like another ‘highly profitable trading strategy’.

That didn’t end well last time, did it?

Credit: Antonio Juliano

As it started to become clear what had happened, dYdX officially acknowledged the damage:

Last night about $9m from the dYdX v3 insurance fund were used to fill gaps on liquidations processed in the YFI market. The v3 insurance fund remains well funded with $13.5m in funds remaining

No user funds were affected and our team is working to investigate the event

The incident was characterised as an attack by founder Antonio Juliano shortly after. A follow-up tweet elaborated on what had gone on behind the scenes:

in the part few days $YFI open interest on dYdX spiked from $0.8m -> $67m

basically all of this was driven one actor (traceable through on chain fund movements)

this same actor attempted unsuccessfully to attack the dYdX $SUSHI market 2 weeks ago in a similar way

$YFI OI was higher on dYdX than any other perp venue


the $YFI price crash in the spot market seems like an intentional effort by a single actor (unsure whether the same or different one) to target the large OI on dYdX. We are still in communication with CEXs to confirm their understanding of this

This information strongly makes me think this was an intentional market manipulation attempt by a well capitalized actor(s) designed to drain funds from the dYdX insurance pool

The team appears to be confident that they’ll track down whoever is responsible, though, offering bounties to anyone who can provide info, but refusing to negotiate with the exploiter themself.

Maybe the way things worked out for Avi has given dYdX a confidence boost?

In response to the attack, dYdX have added extra margin requirements for lower liquidity tokens.

However, the responses have provoked criticism for perceived hypocrisy and skirting decentralised decision-making.

Not to worry, though, negative feedback “doesn’t matter”.

While DEX code may be a case of set-and-forget, margin and lending protocols need constant tweaking in response to market conditions, and dYdX’s coming pivot to a standalone chain is set to feature full decentralisation.

Governance may have its own flaws (and weaknesses), but decisions made behind closed doors usually don’t sit well with the community.

However, when everyone gets their own say on risk management…

…who’s to blame when things go wrong?

share this article

REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.

donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C


REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.