The decentralized perpetual futures exchange Hyperliquid suffered massive losses of up to $12 million after a trader manipulated the price of Solana-based token Jelly-My-Jelly, exposing fundamental flaws in cryptocurrency's claims of decentralization and trustlessness, according to industry experts.
What to Know:
- Hyperliquid's $12 million crisis resulted from price manipulation of a low-liquidity token
- Experts say most crypto platforms operate on "implicit trust" rather than true decentralization
- Cryptocurrency faces increasing regulatory pressure as governments respond to mainstream adoption
"Hyperliquid showed the same flaw: when pressure hit, trades could be halted and settlements changed. If you need to trust a platform, it's not trustless no matter how 'DeFi' it looks," says Alexis Sirkia, chairman of Yellow Network, a decentralized clearing layer that aims to remove trust dependencies in DeFi.
The crisis began on March 26 when a trader shorted Jelly-My-Jelly on the exchange, marking Hyperliquid's second whale manipulation event in two weeks. Shortly after, the exchange delisted the token's perpetual futures and promised to refund affected users. According to Kaiko Research, the "price manipulation exposed cracks in Hyperliquid's liquidation engine."
Sirkia argues that the fundamental issue isn't whether platforms are centralized or decentralized, but rather the reliance on trust. "Most centralized crypto exchanges and DeFi protocols operate on models relying on 'implicit trust,' such as custodians, dark order books, and admin keys with override capability," he told Cryptonews.
Cryptocurrency's foundation rests on its ability to operate without central authorities like governments, central banks, or third-party intermediaries. This principle is especially central to DeFi, or decentralized finance – at least theoretically.
The Anatomy of an Attack
The attack on Hyperliquid followed a familiar pattern seen in previous incidents like Mango Markets: exploiting thin liquidity in both spot and perpetual markets to manipulate a low-liquidity token's price.
According to Kaiko Research, the trader attacked Hyperliquid's Liquidity Provider vault by opening large positions in JellyJelly's perpetual futures market: one short worth $4 million and two longs totaling $3 million.
At the time of the attack, the meme coin had a total market capitalization of just $15 million, with an average daily liquidity of only $72,000. The trader executed a coordinated two-pronged strategy. First, they opened a short position on Jelly-My-Jelly, then removed the margin supporting it, triggering forced liquidation and transferring the short to Hyperliquid's HLP vault.
The trader then aggressively purchased JELLY on spot markets, causing the price to spike by 500% within a single hour. This strategy resulted in approximately $12 million in losses for the HLP vault, according to Lookonchain data. Speculation emerged that if JellyJelly's price fell too low, the Hyperliquid Liquidity Provider vault could be completely depleted.
"As open interest exceeded key thresholds, new positions were blocked, preventing liquidators from effectively closing the liquidation of the attacker's short position," Kaiko noted in a March 31 report. "The delay amplified losses, further worsening the situation for the HLP vault."
Kaiko described the attack as "calculated," citing on-chain data showing that the user had been running test transactions on Hyperliquid as early as 10 days before the attack, "likely to refine their strategy."
Ultimately, Hyperliquid announced that its validators had voted to delist Jelly perpetual futures contracts "after evidence of suspicious market activity." The team stated, "All users apart from flagged addresses will be made whole from the Hyper Foundation. Technical improvements will be made, and the network will grow stronger as a result of lessons learned."
Trust Remains the Central Problem
Alexis Sirkia, chairman of Yellow Network, asserts that the cryptocurrency industry needs to build a native peer-to-peer framework that "removes trust from the equation." He suggests that a decentralized communication layer for market makers and traders would improve efficiency and eliminate manipulation.
"What we are seeing is an industry built on the principles of decentralization, yet with centralized choke points," Sirkia explained. "These fail points are everywhere, and all it takes is market pressure or malicious players to expose them."
Other industry figures offered more severe criticisms.
Bitget CEO Gracy Chen described Hyperliquid as potentially "the next FTX 2.0," referring to the Sam Bankman-Fried-led exchange that collapsed in 2022 with an estimated $9.7 billion in customer and investor funds.
"The way it handled the JELLY incident was immature, unethical, and unprofessional, triggering user losses and casting serious doubts over its integrity," Chen wrote on X. "Despite presenting itself as an innovative decentralized exchange with a bold vision, Hyperliquid operates more like an offshore CEX with no KYC/AML, enabling illicit flows and bad actors."
Eric Chen, CEO of layer-one DeFi protocol Injective, offered a similar assessment: "Hyperliquid is a strong non-KYC perp exchange, but it's not decentralized by most metrics." He added that "The Jelly situation revealed some parallels to FTX—where HLP plays the similar role for Hyperliquid that Alameda did for FTX with regards to backstopping liquidations."
Todd Ruoff, CEO of decentralized AI infrastructure network Autonomys, pointed to "opaque, centralized intermediaries that lack robust oversight" as one of the biggest counterparty risks in crypto today.
"Many platforms still operate without full transparency regarding their balance sheets, liquidity buffers, or risk management practices," Ruoff told Cryptonews.
This creates vulnerabilities where a single entity's failure—or worse, mismanagement—can trigger a domino effect across the ecosystem, Ruoff explained. "To tackle these issues, the industry must push for greater transparency and stricter auditing standards."
Regulation: The Price of Mainstream Adoption
Crypto's short but eventful history has been characterized by a tension between idealism and practicality. However, there appears to have been a significant departure from the principles of decentralization and privacy that originally defined the cryptocurrency movement.
In 2022, Ethereum-based crypto mixer Tornado Cash announced it had begun blocking addresses sanctioned by the U.S. Office of Foreign Assets Control, signaling the direction the industry was taking regarding regulation. As cryptocurrency becomes increasingly mainstream, governments worldwide are stepping up regulatory efforts.
Former U.S. President Joe Biden issued an executive order three years ago justifying government intervention in cryptocurrency in the interest of "national security."
Government agencies globally are targeting crypto investors not only with taxes but with mandatory registration and full disclosure requirements. Regions implementing stricter controls include China, India, Australia, Japan, and the EU.
According to industry experts, increased regulation appears to be the inevitable cost of cryptocurrency's assimilation into the mainstream economy. This raises questions about whether the ideal of decentralization as a tool for resisting censorship remains viable or has become largely mythical.
"While Bitcoin's core technology remains decentralized, the crypto industry as a whole has grown more centralized than Satoshi originally envisioned," noted Ruoff. "Today, key infrastructure—like centralized exchanges, mining pools, and even some governance mechanisms—concentrate power in ways that stray from Bitcoin's ideal of a fully permissionless system."
Closing Thoughts
The Hyperliquid crisis serves as a stark reminder that despite cryptocurrency's revolutionary promise, the ecosystem remains vulnerable to many of the same trust issues that plague traditional financial systems. As Alexis Sirkia emphasizes, until the industry builds truly trustless infrastructure, incidents like this will continue to occur, undermining confidence in the sector as a whole.