Oak Security的一位专家解释了果冻代币漏洞的出了什么问题，这使超流利交易所耗资1,063万美元。

反应仍来自于造成超流动性（HYPE）用户的损失1,063万美元的利用。

An expert from Oak Security has explained what went wrong with the JELLY token exploit, which cost the Hyperliquid (HYPE) exchange’s users $10.63 million.

Oak Security的一位专家解释了果冻代币漏洞利用出了什么问题，这使超流利（HYPE）交换用户的用户耗资1,063万美元。

The reactions seem to have one thing in common, which is calling out Hyperliquid for its practices.

这些反应似乎有一个共同点，这呼吁其实践过度液体。

Dr. Jan Philipp Fritsche, managing director at Oak Security, shared his analysis with crypto.news. According to Fritsche, the exploit wasn’t caused by a bug, but rather was a predictable failure, one that could pose a risk to other DeFi protocols as well.

Oak Security的董事总经理Jan Philipp Fritsche博士与Crypto.news分享了他的分析。根据Fritsche的说法，利用不是由错误引起的，而是可预测的故障，它也可能对其他Defi协议构成风险。

The JELLY exploit appears to be the result of a coordinated market manipulation by several users. Specifically, one trader opened a $5 million short position on JELLY, only to remove their margin. Hyperliquid was left holding the position, after which other traders coordinated a short squeeze.

果冻漏洞似乎是几个用户协调市场操纵的结果。具体来说，一位交易员在果冻上开了500万美元的短职位，只是为了删除其利润。杂乱无章的位置留下了这个职位，然后其他交易者协调了短暂的挤压。

“The attacker opened massive opposing positions in JELLY, knowing that one side would collapse and the other would cash out. Because payouts weren’t capped and risk wasn’t isolated, the protocol ate the loss—and the attacker walked away with millions,“ Dr. Jan Philipp Fritsche, Oak Security

“攻击者在果冻中开设了大规模的对立立场，知道一方会崩溃，另一方将兑现。由于支出没有被封盖，风险没有孤立，协议就吃掉了损失 - 攻击者与数百万人走开了，” Jan Philipp Fritsche博士，Oak Security，Oak Security，Oak Security。

Fritsche described the exploit as a “textbook example of unpriced vega risk”, a concept from traditional finance that refers to the implied volatility of an asset. He emphasized that many DeFi protocols still fail to account for this crucial risk metric.

弗里切（Fritsche）将漏洞描述为“无价Vega风险的教科书示例”，这一概念是指资产的隐含波动性。他强调，许多DEFI协议仍然无法说明这一关键风险度量标准。

Hyperliquid under fire for JELLY exploit

在果冻漏洞的火力下刺激性

This isn’t the first time industry figures have criticized Hyperliquid over the Jelly incident. Following the exploit, Bitget CEO Gracy Chen called the exchange’s practices “immature, unethical, and unprofessional,” warning that it could become FTX 2.0.

这并不是第一次对果冻事件批评超流动性的人。在漏洞利用之后，Bitget首席执行官Gracy Chen称交易所的做法“不成熟，不道德和不专业”，警告说，它可能成为FTX 2.0。

Although Hyperliquid has pledged to compensate users affected by the exploit, the damage to its reputation may already be done. More importantly, the exploit has drawn attention to broader vulnerabilities in the decentralized finance sector.

尽管Hyperliquid已承诺补偿受漏洞影响影响的用户，但可能已经对其声誉的损害造成了损害。更重要的是，利用引起了分散财务部门的更广泛脆弱性的关注。

In 2024, DeFi exploits cost users $308.7 million in losses. That was more than rug pulls, which accounted for $192.9 million. Just days after the Jelly exploit, another DeFi protocol SIR.trading fell victim to another exploit, losing all of its total value locked of $355,000.

2024年，Defi利用用户损失了3.87亿美元。那不仅仅是地毯拉力，占1.929亿美元。在果冻漏洞利用后的几天后，另一项defi协议先生。交易成为另一个漏洞的受害者，失去了其所有总价值锁定为355,000美元。