1. Home
  2. AMM Vulnerabilities and Exploits: How DeFi Liquidity Pools Get Ripped Off

AMM Vulnerabilities and Exploits: How DeFi Liquidity Pools Get Ripped Off

Ellen Stenberg Jan 27 2026 Blockchain & Cryptocurrency
AMM Vulnerabilities and Exploits: How DeFi Liquidity Pools Get Ripped Off

Automated Market Makers (AMMs) power most of today’s decentralized exchanges. Uniswap, SushiSwap, Curve, and dozens of others run on them. They let you trade tokens without order books, without intermediaries, and without a single person in charge. But here’s the problem: AMM vulnerabilities are the #1 reason DeFi users lose money. Not because of hacks on exchanges. Not because of scams. But because of how the math itself can be twisted.

How AMMs Work (The Simple Version)

AMMs use a formula-usually x * y = k-to set prices. If you have a pool with 100 ETH and 100,000 USDC, the price of ETH is 1,000 USDC. When you buy 10 ETH, the pool adjusts. The price goes up because now there’s less ETH left in the pool. It’s automatic. No one sets the price. The code does.

This works great… until someone finds a way to game the formula.

Flash Loan Attacks: Borrowing Millions to Steal Thousands

Flash loans let you borrow any amount of crypto-as long as you pay it back in the same transaction. No collateral. No credit check. Just code.

Here’s how attackers use it:

  1. Borrow $10 million in USDC via a flash loan.
  2. Use it to buy up all the ETH in a small AMM pool-say, a new token pair with only $50,000 in liquidity.
  3. The price of ETH in that pool skyrockets-maybe to $5,000 instead of $1,000.
  4. Go to another exchange (like Uniswap) and sell ETH at $1,000, making a $4,000 profit per ETH.
  5. Pay back the flash loan. Walk away with $40 million in profit.

This isn’t theoretical. In 2024, a single flash loan attack drained $60 million from a DeFi protocol using this exact method. The code didn’t break. It did exactly what it was told. The flaw was in the design: small pools are easy to manipulate.

Sandwich Attacks: The Crypto Version of Front-Running

On traditional markets, traders watch big orders and jump in front of them. In DeFi, it’s even easier.

A sandwich attack works like this:

  • You see a user trying to swap 1,000 DAI for ETH on Uniswap.
  • You front-run them by buying ETH right before their trade-pushing the price up.
  • Your bot executes the user’s trade-now they get less ETH because the price moved.
  • You immediately sell your ETH at the new, inflated price.

You profit. The user loses. The AMM doesn’t care. It just follows the math.

These attacks happen thousands of times a day. A 2025 report from Trail of Bits found that over 12% of all Ethereum transactions on major AMMs were sandwich attacks. The average loss per victim? $180. Multiply that by 50,000 daily attacks, and you’re looking at $9 million stolen every day-just from this one trick.

A monstrous sandwich made of front-run and back-run slices devouring a crypto user, with a robot hand collecting profit.

Impermanent Loss: The Silent Killer of Liquidity Providers

People think providing liquidity to AMMs is like earning interest. It’s not. It’s gambling.

Impermanent loss happens when the price of two tokens in a pool moves apart. Say you deposit 1 ETH and 1,000 USDC into a pool. The price is 1:1,000. A week later, ETH hits $2,000. The AMM rebalances the pool to keep x*y=k. Now you have less ETH and more USDC than you started with.

If you’d just held the tokens, you’d have $2,000 worth of ETH. But because of the AMM’s math, you only have $1,900. You lost $100.

It’s called “impermanent” because if the price goes back, you get it back. But in crypto, prices rarely return. They keep moving. And most liquidity providers don’t realize they’re underperforming compared to just HODLing.

A study by Nansen in late 2025 showed that 68% of liquidity providers in volatile token pairs lost money over 90 days-even with fees. The fees didn’t cover the loss.

Liquidity Pool Draining: When the Pool Runs Dry

Some AMMs let users withdraw liquidity at any time. Attackers watch for pools with low volume and high rewards. They deposit a small amount, wait for the rewards to accrue, then drain the entire pool.

One example: a new token called $BANANA launched with a 500% APY incentive. Over $15 million flowed in. Within 72 hours, attackers deposited $500,000, collected $1.2 million in rewards, then pulled out all liquidity. The pool collapsed. The token price crashed to zero. The project vanished.

The flaw? No withdrawal cooldown. No minimum lock-up. No cap on rewards. The code trusted users. Bad idea.

MEV Manipulation: The Hidden Tax on Every Trade

Maximal Extractable Value (MEV) is the profit miners or validators can make by reordering, inserting, or censoring transactions.

On AMMs, MEV bots constantly scan the mempool for large trades. They front-run, back-run, or arbitrage them. The result? You pay more. You get less. And you never know it happened.

MEV isn’t illegal. It’s built into the system. But it’s a hidden tax. A 2025 analysis by Flashbots found that MEV extraction on Ethereum-based AMMs cost users over $1.2 billion in 2024. That’s more than all DeFi hacks combined.

A garden of liquidity tokens being eaten by rats, while a farmer watches a plant wither under the label 'Impermanent Loss'.

Smart Contract Bugs: The Code Isn’t Perfect

Even if the math is right, the code can be wrong.

In 2023, a bug in a popular AMM’s price oracle allowed attackers to manipulate the price feed by calling a function that wasn’t supposed to be public. They inflated the value of a token, borrowed against it, and stole $42 million.

Another case: a token contract allowed minting new tokens after a certain block. Attackers triggered it during a liquidity event, flooding the pool with fake tokens. The AMM priced the token based on supply-and collapsed.

These aren’t edge cases. They’re common. Over 70% of new AMM deployments have at least one critical vulnerability, according to CertiK’s 2025 audit report.

What You Can Do

If you’re trading:

  • Avoid small pools. Stick to ones with over $50 million in liquidity.
  • Use MEV-resistant routers like 1inch or Paraswap-they bundle trades to reduce sandwich risk.
  • Check if the token has a lock-up or vesting schedule. If not, it’s a red flag.

If you’re providing liquidity:

  • Only pair stablecoins (like USDC/DAI). They rarely diverge in price.
  • Avoid new tokens with high APYs. They’re bait.
  • Use protocols with impermanent loss protection-like Yearn or Beefy Finance.

If you’re building:

  • Test your AMM with simulated flash loans. Use tools like Tenderly or Foundry.
  • Require minimum liquidity locks. At least 30 days.
  • Use external oracles (Chainlink) instead of internal price feeds.
  • Get audited by at least two firms-CertiK and Quantstamp.

Bottom Line

AMMs are brilliant. They’re also dangerous. The system isn’t broken-it’s being exploited. Every vulnerability comes from the same root: trusting code that doesn’t account for human greed.

There’s no magic fix. But there are smart moves. Know the risks. Avoid the traps. And never assume the math is safe just because it’s automated.

What is the most common AMM exploit today?

The most common exploit is the sandwich attack. It happens thousands of times daily on major AMMs like Uniswap and SushiSwap. Attackers use bots to detect large trades, buy the asset before the trade executes, then sell after the price moves. It’s cheap, automated, and legal within the system’s rules.

Can you make money from AMM vulnerabilities?

Yes-but it’s not ethical or sustainable. Some traders and bots profit from MEV and sandwich attacks. But these are zero-sum games: your gain is someone else’s loss. Most users lose money over time. And protocols that rely on these exploits get blacklisted, frozen, or shut down by regulators.

Are all AMMs vulnerable?

All AMMs are vulnerable to certain exploits, but not equally. Large, well-audited AMMs like Uniswap V3 and Curve Finance have layers of protection: fee tiers, concentrated liquidity, and external oracles. New or low-liquidity AMMs are easy targets. The bigger the pool and the older the code, the safer it is.

Is impermanent loss avoidable?

Not entirely, but you can minimize it. Stick to stablecoin pairs (USDC/DAI, ETH/FRAX) where price volatility is low. Avoid volatile token pairs like ETH/SHIB or new memecoins. Use protocols that offer impermanent loss insurance, like Yearn’s yVaults. And never provide liquidity to tokens with no trading history.

How do I know if an AMM is safe to use?

Check three things: 1) Liquidity-over $50 million is a good baseline. 2) Audit reports-look for CertiK, Trail of Bits, or Quantstamp. 3) Tokenomics-avoid projects with no lock-up period or unlimited token supply. If the team is anonymous or the contract hasn’t been verified on Etherscan, walk away.

Tags:

Similar Post You May Like

8 Comments

  • Image placeholder

    Joseph Pietrasik

    January 27, 2026 AT 17:30
    sandwich attacks are wild bro like why do people even trade on uniswap anymore
  • Image placeholder

    Rachel Stone

    January 28, 2026 AT 04:23
    so basically every trade you make is just funding some bot millionaire
  • Image placeholder

    laurence watson

    January 28, 2026 AT 15:21
    i just started providing liquidity last month and honestly i had no idea how much i was getting screwed over. thanks for breaking this down in a way that actually made sense. i’m switching to stable pairs now.
  • Image placeholder

    Elizabeth Jones

    January 30, 2026 AT 10:10
    The structural incentives within AMMs are fundamentally misaligned with user welfare. The protocol’s mathematical integrity is preserved, yet its economic architecture enables systemic extraction. This isn’t a bug-it’s a feature designed by optimizers who view human participants as variables to be exploited. The tragedy lies in the normalization of this exploitation as ‘market efficiency.’
  • Image placeholder

    Andrea Demontis

    January 30, 2026 AT 12:13
    It’s fascinating how we’ve built this entire financial ecosystem on the assumption that code is neutral, when in reality, code is just the canvas for human greed. The AMM doesn’t care if you lose money-it doesn’t even know you exist. It just executes the formula. The real vulnerability isn’t in the smart contract-it’s in the belief that automation removes human bias. We built a machine that mirrors our worst impulses and then act surprised when it does exactly what we programmed it to do. We’re not victims of hackers. We’re victims of our own arrogance. We thought decentralization meant fairness. It just meant anonymity. And anonymity, as history keeps proving, is the perfect breeding ground for predation.
  • Image placeholder

    Nickole Fennell

    January 30, 2026 AT 20:50
    I just lost $8k in a flash loan attack and now i’m crying in my car and my dog is licking my face and i just want to die
  • Image placeholder

    Richard Kemp

    February 1, 2026 AT 03:00
    i tried using a mev resistant router once but my tx kept failing idk if i did it right or if the app was broken
  • Image placeholder

    Raju Bhagat

    February 2, 2026 AT 20:33
    OMG SAME I DEPOSITED INTO THIS NEW POOL WITH 300% APY AND NOW ITS GONE POOF LIKE A BALLOON AT A KID'S BIRTHDAY AND I JUST WANT TO SCREAM

Write a comment

Recent Post

Categories

Archives