Wintermute Trading is one of the leading crypto native market makers, which means they are one of the firms offering liquidity that makes seamless trading across exchanges and tokens possible. This week, Wintermute disclosed a $160M hack that is believed to come from a “profanity vulnerability.” Essentially, this is a way of getting a specific address, which can be thought of like getting a vanity license plate on your car. In this case, the address did provide a small decrease in blockchain fees for transactions.
It seems like the hacking was possible because a developer blacklisted the wrong address after a vulnerability was discovered.
Who is Affected by the Wintermute Hack?
Luckily this time, the answer is essentially only Wintermute. The hack hit Wintermute’s core holdings directly, entirely missing its over the counter offerings that it operates for their high net worth customers, and their CeFi market maker functions. Wintermute appears to be solvent after this event, the CEO tweeted out that they have double that amount in equity left over.
Even though there doesn’t seem to be any downstream effects, this event seems to have spooked some people. Many are pointing out the possible disaster that could happen if a market maker is hacked and liquidity to a major exchange suddenly goes away, spreads could massively widen. Market makers keep liquidity high by offering tight ranged buy and sell orders, if that function goes away, you could see only individual investors stop losses, hopeful buy orders, and moment-of market buys. Prices could get extremely volatile in an instant.
Wintermute’s Optimism Fumble
This isn’t Wintermute’s first tangle with a high publicity, high dollar loss. They were hired by the Optimism (OP) team to provide liquidity for the token launch, and that resulted in 20 million OP tokens being lost. The Wintermute team did make the community whole by offering up $50m in USDC as collateral.
The takeaway here is that the market may be even more vulnerable to a small mistake than we thought.