The Mango Markets Exploit: An Order Book Analysis

Summary

On October 11th, a cryptocurrency trader named Avraham Eisenberg executed a series of trades that were designed to:

1. Pump the price of the Mango (MNGO) token
2. Profit from this pump,
3. Borrow $116 million against these (unrealized) profits, then
4. Withdraw those funds from Mango Markets.

The exploit was a textbook example of cross-market manipulation. Within ten minutes of opening a massive Mango perpetual futures position, Eisenberg bought $4 million worth of MNGO on three separate exchanges, pumping its oracle-reported price by 2,300 percent. 

The exploit was also entirely preventable. Trade surveillance systems, which are commonplace in traditional finance, can automatically flag unusual price and volume movements, alerting exchange operators to manipulations in progress before substantial losses occur.

Contents

• ‍The entities involved‍
• The Mango hack, minute-by-minute‍
• ‍How exchanges can prevent similar attacks‍
• FAQ

• One or more individuals: Avraham Eisenberg, team (undisclosed)
• Three wallets connected to Mango Markets: Wallet A, Wallet B, Wallet C
• Two or more accounts on other exchanges: Account D on AscendEX, Account E on FTX

The Mango exploit unfolded in 40 minutes. The key trades are visualized in chronological order below.

18:07 - 18:19 EST: Wallets A and B are funded with $5 million USDC each.

18:25 EST: Wallet A places an offer to sell 483 million Mango perpetual futures (MNGO-PERPs) at a price of 3.8 cents each.

18:25 EST: Wallet B buys all 483 million MNGO-PERPs.

18:26 EST: Wallet C buys $1.44 million MNGO on Mango Markets.

18:27 EST: Account D buys  ~$1 million MNGO on AscendEX.

18:25 - 18:30 EST: Account E buys ~$1.6 million MNGO on FTX.

18:26 - 18:45 EST: MNGO prices on Mango Markets fluctuate between 10x and 30x their previous-day price, reaching a peak of 91 cents.

18:29 - 18:45 EST: Wallet B leverages the unrealized profits from its 483 million MNGO-PERP positions to withdraw $116M from Mango Markets.

In order to stamp out market manipulation, centralized and decentralized crypto exchanges need to implement trade surveillance systems that automatically alert their operators to abnormal price and volume movements. Without these risk monitoring measures in place, exchanges are unlikely to detect or deter the most common manipulative activities, like pump-and-dumps and wash trades, and the exchanges on which these manipulations take place may be exposed to considerable legal, reputational, and financial risk.

Learn more about Solidus’ Trade Surveillance:

‍