The attackers in the Jelly-My-Jelly incident didn’t rely on complex contract exploits or cryptographic tricks. Instead, they identified and weaponized a mathematical flaw in the mark price mechanism—small data sources, median aggregation, fragmented liquidity—and combined it with the platform’s liquidation logic. This wasn’t a hack; it was a "compliant attack" on systemic rules, turning Hyperliquid’s core safety feature into a tool for mass liquidation. In March 2025, JELLY, a low-cap token w...

The attackers in the Jelly-My-Jelly incident didn’t rely on complex contract exploits or cryptographic tricks. Instead, they identified and weaponized a mathematical flaw in the mark price mechanism—small data sources, median aggregation, fragmented liquidity—and combined it with the platform’s liquidation logic. This wasn’t a hack; it was a "compliant attack" on systemic rules, turning Hyperliquid’s core safety feature into a tool for mass liquidation. In March 2025, JELLY, a low-cap token w...