Disclaimer: Arrington Capital and/or its affiliates (collectively “Arrington Capital”) has a financial interest in the success of the Hyperliquid, including the HYPE token and ecosystem project Hyperdrive
A couple days ago, Hyperliquid was again embroiled in controversy The decentralized perpetual exchange has been a focal point of debate following two major market manipulation incidents involving ETH and the memecoin Jelly.
The incidents resulted in losses for Hyperliquid traders and liquidity providers. Most concerning was Hyperliquid’s controversial response: retroactively altering price oracles to favor the platform and forcibly closing positions in ways that many users viewed as arbitrary and centralized. Many crypto veterans understandably have a knee jerk reaction every time they see a reason to fear exchange insolvency, especially when derivatives are involved. This latest crisis has sparked intense debate within the crypto community about whether Hyperliquid is following the same dangerous path that led to FTX’s collapse—prioritizing growth over transparency and proper risk management. However, we don’t believe this comparison is quite accurate. Hyperliquid does have transparent on-chain records of all transactions, there was no fraud, and the losses have been small relative to the profits the exchange has generated and liquidity providers have earned over time. This post gives an overview of what happened, the response, and what’s necessary for Hyperliquid to make a comeback.
So, what happened?
ETH Incident
The ETH incident marked the first major blow to Hyperliquid’s reputation in this recent controversy. On March 12, 2025, a sophisticated trader or group of traders identified a vulnerability in Hyperliquid’s perpetual futures market for Ethereum. The attack began during a period of relatively low market liquidity, with the perpetrators opening massive leveraged long positions on ETH using $4.3 million USDC as collateral, and leveraging their position 50x (at the time, this was the maximum leverage available… Hyperliquid has since reduced this limit to 20x). They established a notional position worth $200 million, and drove Hyperliquid’s ETH price price up over 3% higher compared to other exchanges. Normally, these deviations are corrected over time with the use of a funding rate. When the price on Hyperliquid is higher than the rest of the market as determined by an oracle, longs are charged a higher interest rate to maintain their positions. However, because this occurred over such a short period of time, the rising funding rate wasn’t able to stabilize the market quickly enough.
Then, the trader withdrew collateral and forced a liquidation of their remaining ETH position, which Hyperliquid’s HLP vault was forced to assume. HLP is Hyperliquid’s market maker, which takes permissionless deposits from users and market makes on their behalf. The vault does not publicize the inner workings of the strategy, but one of its responsibilities is performing liquidations. HLP lost $4 million in PNL as a result of the incident, but there were over $80 million in HLP withdraws afterwards due to the lack of confidence in Hyperliquid’s risk management.
What made this attack particularly effective was the exploitation of Hyperliquid’s withdrawal mechanics. The platform allows traders to withdraw unrealized profits, which is common in traditional finance when trading futures. However, in crypto this feature is not offered by more exchanges such as Binance for precisely this reason. The attackers opened large ETH long positions, causing other traders to stop out and the price to spike artificially on Hyperliquid’s platform. They then immediately withdrew substantial amounts of unrealized profits before the market could correct.
Jelly Incident
Just as the community was processing the ETH manipulation, a second and more severe attack occurred on March 26, 2025, this time targeting Jelly, a low-market-cap memecoin listed on Hyperliquid’s perpetual futures market. This incident exposed even more fundamental vulnerabilities in Hyperliquid’s risk management framework.
The Jelly attack employed a more complex strategy that exploited the thin liquidity characteristic of the Jelly memecoin. The attackers coordinated substantial short positions on Hyperliquid while simultaneously executing sell orders on Raydium where Jelly traded. The attackers sold nearly This created a cascading effect, driving down Jelly’s price by 47% on external markets within just 30 minutes. They then withdrew collateral from Hyperliquid and forced their position to be liquidated and absorbed by HLP – leaving the vault with a $15.3 million short position. They then bought back the JELLY they had sold, causing the HLP vault to incur a paper loss. There’s another wallet that’s speculated to be controlled by the attacker as well, which bought the perp at the bottom and profited by longing the coin as the price increased again. On-chain analysis revealed that HLP had an unrealized loss of approximately $12 million through this coordinated attack. The trading volume during this period also exceeded the total market capitalization of Jelly itself—a red flag that should have triggered risk controls.
Hyperliquid’s response to the Jelly incident proved even more controversial than their handling of the ETH situation. They announced three major actions: (1) retroactively setting a settlement price by manually fixing the oracle, that effectively nullified most of the attackers’ profits, (2) refunding users except for the suspected attacker’s address to compensate them for the oracle price change, and (3) delisting Jelly from the platform. Taking the action to manipulate the price oracle damaged trust that many people had for the exchange, no longer perceiving it as a decentralized alternative to CEXs.
Please note, however: Those calling this course of action unprecedented are forgetting that Hyperliquid’s largest competitor has taken similar actions in the past. When BNB Chain was hacked in 2022 for over half a billion dollars, its 21 validators voted to pause the chain, and then rollback the state to before when the hack took place. This is awfully close to rolling back an oracle price after it was manipulated. Since the attack on BNB Chain took place, the price has more than doubled.
Best Next Steps for HYPE to Recover
When an exchange can retroactively change trade outcomes, it fundamentally undermines the principles of market fairness and transparency that are foundational to crypto.
The JELLY situation in particular could have been handled better. Fixing the price oracle to close positions at prices favorable to liquidity providers is concerning to some market participants, reminiscent of the kind of centralized intervention that crypto was designed to prevent.
Recommendations for Improvement
The next steps Hyperliquid takes are critical. We believe the best courses of action are:
First, Hyperliquid must delist coins with low spot liquidity on third party exchanges, and establish transparent standards for market cap and liquidity necessary to be included in their perpetual markets. The incidents clearly demonstrated that listing tokens with insufficient market depth creates systemic risks that can threaten the entire platform.
If Hyperliquid doesn’t want to delist these low liquidity coins, they should implement isolated vaults and collateral for every individual coin. The HLP market makers should not be exposed to this risk, and there should be a separate high-risk MM vault that people opt into. This segregation would allow risk-seeking liquidity providers to capture the higher premiums associated with volatile assets while protecting the general liquidity pool from catastrophic events. Binance and FTX (before its collapse) both utilized isolated margin systems for riskier assets—Hyperliquid should take note of these established risk management practices.
Second, Hyperliquid must eliminate the ability to withdraw collateral from unrealized PnL. Binance does this for a reason, and it’s because crypto is volatile and there are anonymous bad actors who will attempt attacks like these. Forcing traders to realize their PnL ensures that their books are marked appropriately when they get paid out. This simple change would have prevented much of the damage from the ETH attack and represents a straightforward risk management improvement.
Third, implementing strict open interest limits for markets is essential. This may cause some price distortion by limiting markets to a “first come first serve” basis, but it’s important to manage the total risk the exchange and market makers carry on all assets. Aggressive funding rates can be used to manage imbalances that occur. When the open interest on Jelly exceeded its market cap, that should have triggered automatic circuit breakers. You can’t limit individual position size with a permissionless exchange because it’s easy to spin up many wallets and max out the available leverage, but platform-wide limits are both feasible and necessary.
Notably, we are not recommending increased decentralization. There have been many calls for more decentralization on Twitter, but that is unlikely to solve the problem. In fact, Hyperliquid probably would not have gotten this big if they were fully decentralized. Responding when incidents like these happen becomes more challenging as the number of votes needed to take action increases. What’s important is good decision making and a team that swiftly course-corrects when they make mistakes. The challenge for Hyperliquid isn’t choosing between centralization and decentralization, but rather finding the optimal balance between operational efficiency and adherence to crypto’s core values.
The main area for governance improvement is transparency. Markets thrive on certainty, and the current situation where major decisions appear to be made unilaterally by a small group without transparent risk assessment processes is probably unsustainable. Public criteria for new asset listings and risk parameters would help rebuild trust.
Hyperliquid did come out with some public next steps, including some of the recommendations above: https://x.com/HyperliquidX/status/1905319339991204263
The next steps include holding validator votes for delisting tokens and lowering open interest caps on illiquid coins. However, delegating this responsibility to validators without guardrails leaves the protocol vulnerable to further mishaps in the future and continued lack of transparency. We don’t know who these validators are and what process they’re using to arrive at their risk limits. It would be best if this was made publicly available, so the community could hold them accountable for following their own recommendations.
Ultimately, what got Hyperliquid into this situation was their push to offer as much leverage as possible and as many popular coins as possible. While this approach is good for growth, it can’t last forever at scale. If Hyperliquid fails to implement these changes quickly, we predict a continued exodus of liquidity providers and traders back to centralized exchanges. We hope Hyperliquid succeeds, and believe there is a path to recovery. Hyperliquid has already achieved an incredible amount of success as a permissionless exchange, and can do a lot of good for crypto markets if their growth continues.