Can rumors about North Korean hackers tarnish Hyperliquid's success?
Hyperliquid surged by 818.42% after its airdrop but faces challenges, including centralization and security concerns tied to only four validators.
Despite recent market panic and fund outflows, Hyperliquid remains a top-performing L1 coin, with a 9.66% weekly gain as of Dec. 25.
A collaborative response to potential security risks could set a groundbreaking precedent for DeFi’s resilience.
Hyperliquid (HYPE) started trading on Nov. 29 at $3.80 and rose to $34.90 on Dec. 22, earning the crypto community the title of one of the most successful projects, but dark times have arrived.
HYPE’s price reached its all-time high (ATH) on Dec. 22, when it rose to $34.90, according to CoinGecko. Almost a month after the airdrop, the gain was 818.42%.
However, on Dec. 23, rumors emerged that North Korean hackers had been using the platform for several months. MetaMask security researcher Taylor Monahan brought this to the attention of the market, causing panic. The hackers have allegedly been using Hyperliquid since October.
On Dec. 23, the data showed a large outflow of funds from the platform, which turned out to be greater than the inflow: $502.71 million against $253.5 million.
The outflow on Hyperliquid continued the next day. On Dec. 24, Dune data shows that the outflow was $171.25 million, and the inflow was $160.93 million.
Hyperliquid has already stated in its Discord channelthat there was no exploit and user funds are not at risk. However, will the project be able to survive this crisis?
Hyperliquid: Fast-Growing DeFi Project, but There Are Challenges
Hyperliquid is a Layer 1 (L1) protocol functioning as a trading platform for derivatives, partly hosted on the Arbitrum Chain.
According to DeFiLlama, Hyperliquid became the fastest-growing protocol among the top 20 in decentralized finance (DeFi).
The total value locked (TVL) increased by 655% in a month, placing the protocol 8th in the rankings with $1.9 billion.
Despite its airdrop and rapid price growth, Taylor Monahan identified another vulnerability in the protocol: centralization.
Monahan reported that the network operates with only four validators, likely running the same code. This makes Hyperliquid more susceptible to attacks from North Korean hackers and others. For example, it could involve rival software:
‘That will silently deliver a rat. Malware will be variation of the same, something we’ve seen before. If they really want to move fast they’ll use a chrome 0day to land the malware but is not necessary here so they won’t.‘
With fewer validators, compromising the network becomes easier. Three validators are needed to withdraw funds, following the two-thirds quorum rule.
In theory, Hyperliquid is a decentralized protocolinitially built on Arbitrum with plans to transition to its own Tendermint-based chain in March 2024.
However, Arbitrum remains the only bridge to Hyperliquid, meaning the protocol’s liquidity is tied to this chain.
Crypto researcher cygaar suggested two scenarios to prevent an attack. The first involves collaborating with Circle, whose stablecoin USDC is used by Hyperliquid. Circle could block token transactions and freeze assets.
The second, more drastic approach involves changing the Arbitrum chain to enforce its security protocols. In theory, this could trace all malicious activity and restore the network.
Both approaches, however, require swift and substantial resources.