In March 2025, Hyperliquid was nearly the victim of a $12 million hack. The attack exploited a vulnerability in how the protocol handled liquidations, pumping the JellyJelly token by 429% in the process. Facing the risk of losing everything, the protocol revealed centralized control over market pricing.
Inside the Attack
The Hyperliquid hack began with an attacker opening up two long positions and a short position on the JellyJelly token, a little-known token with a roughly $25 million market cap. The short position was worth $4.1 million, a significant portion of that market cap, while the two longs canceled it out.
Then, the attacker started pumping up the price of $JELLY across multiple different exchanges. As a result, the token’s value increased by over 400% within the space of a single hour, leaving their own short position far underwater.
Due to Hyperliquid’s inheritance policies, the Hyperliquid Liquidity Pool (HLP) inherited this short position. As a result, the rising value of the $JELLY token placed the $230 million stored within the HLP at risk of potential liquidation.
When losses reached $12 million, the protocol’s validators rapidly took action to delist the $JELLY token. To eliminate potential losses due to the hack, they settled all positions while valuing $JELLY at $0.0095 (the attacker’s short position) rather than the $0.50 that it was listed at at the time. However, the two-minute time to achieve consensus among a quorum of validators revealed a high level of centralization.
In the end, the attacker was able to withdraw $6.26 million of the $7.17 million deposited into the exchange before the protocol froze their withdrawals. As a result, they faced potential losses of $4k to nearly $1 million, depending on whether the protocol permits withdrawals of the $900,000 remaining in their account. However, these freezes revealed that Hyperliquid was far less decentralized than it claimed, causing serious damage to its image.
Lessons Learned from the Attack
The Hyperliquid hack was made possible by multiple issues with its protocols, including allowing massive positions on illiquid assets, permitting price oracle manipulation, and automatically inheriting positions too large to be liquidated normally. If the exchange didn’t retain and exercise centralized control (while claiming otherwise), then it could have faced substantial losses from the hack.
Avoiding this type of attack — without centralized control — requires extensive threat modeling and adversarial testing throughout the design and implementation process. To learn more about protecting your project against attacks that go beyond smart contract vulnerability exploitation, reach out to Halborn.