The covert war escalates: Hyperliquid faces a "kamikaze" attack, but the real battle may have just begun

The attacker’s “suicidal” attack, costing themselves $3 million, may in fact have achieved breakeven through external hedging—this looks more like a low-cost “stress test” targeting the protocol’s defensive capabilities.

Written by: The Smart Ape

Translated by: AididiaoJP, Foresight News

The crypto industry is always abuzz with phrases like “code is law,” “trust math, not people,” and “open source + decentralization,” etc...

These are all valid, but the past few weeks have once again shown just how fragile our current model still is.

Even the most advanced perpetual decentralized exchange at present, @HyperliquidX, has just experienced a major attack.

An attacker blew up their own $3 million just to make the protocol’s HLP vault lose $5 million—almost double their own liquidation amount.

On the surface, this looks like a “suicidal” attack—no profit, only destruction.

But in a world where Hyperliquid has hurt many competitors (including large institutional platforms), the idea that someone could pay $3 million to make HL lose $5 million is truly terrifying.

If this attack vector remains open, there will be nothing to stop bigger players from escalating it.

How the Attack Was Carried Out

First, the attacker withdrew $3 million USDC from @okx, split it across 19 new wallets, and then sent all the funds to Hyperliquid.

Next, he opened a massive leveraged long position in the HYPE/POPCAT perpetual market. He used the $3 million as margin, with 5x leverage. Ultimately, he controlled a position size of $26 million.

Up to this point, everything looked routine, but what changed everything was that the attacker placed a $20 million buy order near $0.21 when the price was around $0.22. This created the illusion of strong support—“Look, there’s a huge buyer here, the price probably won’t fall below this.” Seeing this, other traders believed there was massive capital supporting the price, so they also went long. As a result, more people started to leverage long or failed to hedge risk adequately, feeling protected by that “wall.”

However, this was not real support—it was a trap.

Once enough traders were on the long side, the attacker removed the fake buy wall, liquidity instantly became extremely thin, and there was no real support below.

Then the price began to fall, leveraged traders started getting liquidated, liquidations triggered more selling, and that selling triggered even more liquidations. This was a classic liquidation cascade, but it was deliberately engineered.

At the end of this cascade, many traders were liquidated, but according to the system’s operation, the protocol’s vault ultimately bore a $4.9 million loss.

On-chain, the attacker’s own $3 million margin position appeared to be completely wiped out.

On paper:

• Attacker: -$3 million
• HLP Vault: -$5 million

This looks like a “suicidal” attack.

What is HLP and Why Did It Bear the Loss?

You can think of HLP as a large shared vault, mainly funded with USDC, serving as the ultimate counterparty for all traders on Hyperliquid.

Users deposit USDC into HLP. In exchange, they:

• Provide liquidity for the system
• Take on risk
• Earn fees/yield when traders lose or pay funding rates

Simply put:

• If traders lose money, HLP profits (the vault grows).
• If traders make money, HLP pays out (the vault shrinks).

It’s like a giant combination of an automated market maker and an insurance fund.

Therefore, if a market (like POPCAT/HYPE) collapses, the global HLP takes the hit. Overall, HLP has been very profitable and has made money in the long run. In total, they have generated $118 million in net profit. Compared to the profits accumulated since inception, this $5 million attack is insignificant.

The main question is, why did HLP take a $5 million hit here?

In a smooth, normal market, traders are liquidated before being completely wiped out, and their losses cover the payouts to winners, keeping the system roughly balanced.

But in a crash like this:

• Price moves too quickly
• Liquidity disappears when it’s needed most
• Some positions are hard or impossible to close at fair prices
• Slippage can become huge
• Liquidation proceeds may not fully cover the amounts owed

The difference between what the losing side should pay and what the system actually collects on-chain is ultimately borne by the HLP vault.

And this is the truly frightening part from a protocol risk perspective.

Did the Attacker Really Burn $3 Million?

I don’t think the attacker was liquidated for $3 million. The attacker almost certainly hedged elsewhere (centralized exchanges, options, other perps, or even OTC).

For example, he might have:

Opened an opposite position (short POPCAT/related risk) on another exchange

Constructed a neutral trade to profit when Hyperliquid’s market became unbalanced

Used OTC agreements with counterparties who benefit from Hyperliquid’s loss

We have no public evidence of such hedging.

But from a game theory and capital efficiency perspective, this explanation makes much more sense.

In that case, the attacker’s actual P&L ≈ 0 or even positive, while Hyperliquid’s HLP vault alone bears a clear $5 million loss.

Testing the Theory

This may have been an attack test. For well-funded players, this is a “small-scale” attack—just large enough to observe the system’s response, HLP’s changes, team reaction speed, the real depth of the vault, and whether emergency controls like bridge locks are truly effective.

When you think like a professional attacker or a well-funded competitor, $3 million is not necessarily a loss—it can be an R&D budget. A way to prepare for a larger, more coordinated, better-hedged operation aimed not only at draining funds but also at damaging core trust.

How Can Hyperliquid Defend Against Such Attacks?

First, they can limit the risk exposure a single entity can build up, even across multiple wallets (using heuristics: funding patterns, timing, IP, behavior). When one side of the order book is heavily skewed, they can also enforce stricter margin requirements. Globally, this would make it much more expensive to build a huge directional position that could destroy HLP in one go.

To enhance market safety, they could implement per-market circuit breakers and volatility protection measures to slow down the market when prices move too quickly in thin liquidity and high open interest conditions.

Low-liquidity assets could also be subject to stricter rules, making it much harder for a single participant to manipulate the market so easily. The idea is that when someone attempts a suicidal attack, the system switches to defense mode before HLP absorbs the damage.

HLP itself could also evolve from a mostly passive counterparty to a smarter, partially hedged book. This might include automatically hedging extreme risk exposures externally, limiting risk per asset, or even splitting the vault into a conservative core and a smaller, optional high-volatility segment. This would make HLP a much harder target to attack.

Finally, better detection of spoofing and fake order walls would help prevent the system from relying on misleading liquidity signals. By integrating this into mark pricing and the risk engine, a single spoofed order wall would no longer distort risk assessment.