dYdX identifies attacker, considers legal action over $9M loss


Decentralized exchange dYdX says it has uncovered the identity of the attacker responsible for the exchange’s v3 platform attack on Nov. 17, 2023, which resulted in a loss of $9 million from its insurance fund.

In a post-mortem on the “targeted attack” on the exchange, dYdX confirmed that it is now looking into legal action against the person responsible.

To avoid future coordinated attacks with similar tactics, dYdX said it had improved its v3 trading platform to enhance open-interest monitoring and alerts.

The exchange added that the enhanced v4 chain is specifically built to mitigate risks like this. It includes a new feature that automatically adjusts the initial margin fraction in response to abnormal price changes.

In examining the attack method, dYdX observed that the attacker initiated many 5x leveraged long positions using the YFI/USD trading pair across over 100 wallets. Using various addresses, the attacker bought spot Yearn.finance tokens, leading to a 215% increase in its price.

YFI is the native token of the Yearn.finance decentralized finance protocol.

According to the exchange, the attacker multiplied their unrealized profits by entering additional YFI/USD positions, reaching a maximum of around $50 million. On Nov. 17, the platform raised the initial margin requirement and lowered the base and incremental position sizes in the YFI/USD market to limit the attacker’s activities.

The next day, the price of YFI dropped almost 30% within an hour, and the attacker couldn’t close their positions. The insurance fund automatically covered their losses when the attacker’s holdings turned negative, according to dYdX.

The platform also mentioned that a week before the YFI incident, the attacker used the same strategy on SUSHI/USD, making around $5 million in profits. However, this did not affect the v3 insurance fund because dYdX had increased the initial margin requirement to 100%, preventing the attacker from gaining further.

The company clarified that the attacks did not affect customer funds and indicated that the attacker did not benefit from manipulating its YFI market.

Source : Cointelegraph / Jan 04, 2024

rayn.finance logo


240 rue Evariste Galois,

06410 Biot,

Sophia Antipolis

Automata Pay

65-66 Warwick House 4th

Floor, Queen Street, London

England, EC4R 1EB

Automata Pay Europe Ltd

3rd Floor Ormond Building,

31-36 Ormond Quay Upper,

Dublin 7, D07 Ee37

Automata ICO Ltd

Italian Branch

Via Archimede, 161,

00197 Roma


The purchase of digital assets is subject to a high market risk and price volatility. Changes in value can be significant and occur rapidly and without warning. Past performance is not a reliable indicator of future performance. The value of an investment and returns can fluctuate both up and down, and you may not recover the amount you invested. RISK WARNING

Automata ICO Limited has a branch in Italy with its registered office at Via Archimede, 161, Roma, Italy, and registered in Italy under number 96550860587 with the Organismo Agenti e Mediatori (OAM) as a Virtual Asset Service Provider (VASP).

Automata France SAS is a company registered in France with the company number 902 498 617. Automata FRANCE SAS is registered with the french Financial Market Authority, l’Autorité des marchés financiers (“AMF”), as a provider of Virtual Asset Service Provider under number E2023-087.

Automata Pay Europe Limited is a partner of Modulr Finance B.V., a company registered in the Netherlands with company number 81852401, which is authorised and regulated by the Dutch Central Bank (DNB) as an Electronic Money Institution (Firm Reference Number: R182870) for the issuance of electronic money and payment services. Your account and related payment services are provided by Modulr Finance B.V. Your funds will be held in one or more segregated accounts and safeguarded in line with the Financial Supervision Act. How we keep your money safe.