Liquidity Issues in DeFi Platforms

Liquidity issues have impacted users on two decentralized finance (DeFi) platforms today, though the reasons and consequences differ significantly.

In an apparent case of user error, three large swaps involving 220,000, 131,000, and 91,000 of Circle’s USDC stablecoin collectively resulted in over 10,000 tethers (USDT) after being targeted by an MEV (maximum extractable volume) bot.

These swaps, executed via the Uniswap V3 decentralized exchange, were highlighted by blockchain security firm Peckshield, known for alerting the DeFi community about hacks, phishing attacks, and unusual transactions.

User Transactions and Potential Links

All three affected transactions originated from different addresses, but their transaction histories suggest that they might be from the same user. Notably, the tokens used in these swaps were withdrawn approximately seven hours earlier from the DeFi lending platform Aave’s $1.2 billion USDC pool. While USDT was also withdrawn, it was not swapped.

The Role of MEV Bots

MEV bots actively monitor Ethereum’s mempool, which contains pending transactions, searching for profit-making opportunities from other users’ actions. This often involves submitting their transaction before the victim’s to manipulate asset prices in the liquidity pool used for swaps on decentralized exchanges like Uniswap.

In this instance, the bot’s front-run transaction swapped 18 million USDC, increasing the USDT price within the pool by a factor of 44. Consequently, the victim’s transaction was processed, followed by the bot clearing a profit of about $200,000 through back-running.

Generally, trades are safeguarded by “slippage” settings, which stipulate a minimum token receipt to prevent losses during transactions. However, in these cases, the amountOutMinimum parameter was set to zero.

Hyperliquid’s Incident

In another part of the DeFi ecosystem, the on-chain leverage trading exchange Hyperliquid took to X to reassure users that it had not been hacked, following a surprising profit made by a trader.

The Hyperliquid “whale” placed a 50x leverage long on ether (ETH), generating a realized profit of $1.8 million. However, this action drained a $4 million amount from the Hyperliquidity Provider (HLP) vault when the collateral was withdrawn and the position liquidated. Hyperliquid subsequently halved the maximum leverage on ETH.

The HLP vault permits users to engage in market making on the platform, enabling shared profits and losses. Currently, it has accrued deposits totalling $436 million, and today’s $4 million loss represents roughly 30 days of vault growth.

As one X user humorously noted, there was speculation of exploits due to the unusually profitable ETH trading activity.