The Drain Transaction Is the Last Step of a DeFi Hack
Most teams still talk about DeFi exploits as if the hack begins when funds leave the protocol. By then, the attacker has usually already won.
Establish the problem with technical depth
On October 11, 2022, Mango Markets was drained of more than $110 million. The SEC later described the theft as approximately $116 million; the CFTC and DOJ used "over $110 million." The exact accounting differs slightly across filings. The mechanism does not. Regulators say the attacker opened large long and short MNGO perpetual positions against himself, bought up the thinly traded MNGO token across the exchanges feeding Mango's oracle, drove the oracle-reported price sharply higher, and then borrowed against the inflated value until the protocol was empty.
For investors and founders, the important point is not that this was clever. It is that the protocol lent against a balance sheet the attacker could rewrite in real time. Capital was not stolen at the moment of withdrawal. It was stolen when the system accepted manipulated mark-to-market gains as spendable collateral.
Engineers should read that more harshly. A DeFi exploit is rarely a single bug with a cinematic ending. It is usually a sequence: find the assumption, isolate the leverage point, create fake solvency or fake authority, and only then move the assets. The drain transaction is just the settlement layer for a failure that happened earlier in the protocol's logic.
Euler made the same point in a different way. In March 2023, Euler says it was exploited for about $197 million after a patch introduced donateToReserves without a health check. That exploit did not depend on oracle manipulation. It depended on a broken invariant: a user could move themselves into an unhealthy state and then profit from liquidation. Different surface, same anatomy. The protocol accepted a state transition that should never have been economically valid, and the withdrawal came after the model had already broken.
This matters commercially because risk gets mispriced when teams think the attack starts at exfiltration. Diligence turns into an audit-logo check. Monitoring turns into a Telegram channel. Governance risk, oracle design, collateral policy, upgrade review, and operational response get treated as secondary details when they are exactly where the loss is usually born.
The mechanism, the mistake, the misunderstanding
Most DeFi hacks follow the same underlying sequence even when the transaction traces look different.
First, the attacker finds a place where the protocol believes an input it does not truly control. In Mango, that belief sat between a thin governance token, an oracle reading market prices, and a lending engine willing to treat those prices as collateral truth. In Euler, it sat in a post-audit code path that allowed a user to damage their own health factor and convert that broken state into profit.
Second, the attacker creates a position that makes the false input matter. In the Mango case, DOJ and CFTC filings say the attacker used two accounts to establish offsetting long and short MNGO perpetual positions, then pushed up the underlying token price on the exchanges used by the oracle. The reported price of MNGO Perpetuals rose about 1300% in roughly 20 minutes, according to the DOJ filing. That price move was not market discovery. It was attack preparation.
Third, the protocol converts false information into real borrowing power. This is the step teams underestimate because nothing looks obviously stolen yet. The math often looks clean:
borrow_limit = collateral_value(oracle_price) * collateral_factor
If the attacker can move oracle_price, or can create a state where collateral_value is economically fake, the protocol starts lending against fiction. In Mango, the inflated perpetual position became collateral. In Euler, the protocol's health checks failed to stop an invalid internal state from becoming liquidatable in the attacker's favor. Either way, the accounting breaks before the treasury does.
Fourth, the attacker turns the accounting mistake into an asset exit. The SEC says Mango's manipulated collateral let the attacker borrow and withdraw approximately $116 million in various crypto assets, effectively draining all available assets from the platform. Euler describes the same final stage more bluntly: once the unhealthy state existed, the attacker self-liquidated and withdrew real assets from multiple pools. That is the moment everyone screenshots. It is not the beginning of the hack. It is the bill coming due.
The industry's common misunderstanding is treating this final step as the exploit itself. That framing hides the real failure mode. If the protocol could be made to believe a lie about collateral, solvency, authority, or message validity, then the drain was already latent. The final transfer was just the cleanest visible symptom.
There is one more uncomfortable detail here. The attack window is often wider than teams assume. Forta's retrospective on Euler says three critical alerts fired before exploitation, with the first arriving about 10 minutes before the attack and another detector triggering three minutes before the drain. That is not enough time for a sleepy multisig and a Slack thread. But it is more than zero. The myth that DeFi hacks are always instantaneous becomes a convenient excuse for not building automated response.
What good looks like
Good security starts by designing away self-referential collateral. If a protocol lets users borrow hard assets against a thin token whose price they can materially influence, the system is underwriting manipulation, not just volatility. Collateral eligibility should be tied to market depth, oracle quality, concentration risk, and liquidation realism, not brand familiarity.
Good oracle design also means modeling adversarial price formation instead of only nominal data integrity. A price feed can be technically correct and still be unsafe if the market underneath it is easy to move. Builders should test how much capital it takes to distort the inputs, how quickly the protocol reprices collateral, and what caps or isolation rules kick in before fake equity becomes withdrawable.
Good upgrade discipline means treating every new code path as a new trust surface. Euler's own postmortem is a reminder that a patch can introduce the exploit it was supposed to prevent. Diff audits matter. Invariant testing matters more. If a protocol cannot automatically prove that no user action sequence can create profitable insolvency, the protocol is carrying risk it does not understand.
Good runtime defense means accepting that prevention will be imperfect. The response stack should include invariant monitors, outlier detection on borrow-capacity jumps, oracle deviation thresholds, fast pause mechanisms, and pre-authorized circuit breakers for narrow high-value scenarios. Tools like Foundry invariants, Echidna, Slither, Medusa, and Forta are useful here, but only when connected to concrete properties and operational playbooks. "We monitor the contracts" is not a control. It is a sentence.
The founder version of this is simpler. Ask the team three questions before launch or before a major upgrade:
- Which assets can users borrow against assumptions they can influence?
- Which code paths can change solvency, liquidation eligibility, or message validity?
- What happens automatically if those assumptions break at 3 a.m.?
If the answers are vague, the protocol is not ready, no matter how polished the frontend or how clean the audit PDF looks.
ChainShield's angle
ChainShield's view is that teams keep spending security budgets too late in the kill chain.
Most postmortems describe the transfer of funds because that is the visible damage. Serious security work has to begin earlier, at the moment the protocol can be tricked into believing false balances, false prices, false permissions, or false messages. That means mapping where economic truth enters the system, where it can be distorted, and what control fires before the attacker can turn paper gains into real exits.
That is also why one more audit, by itself, is not the answer. Audits are snapshots. Exploits are sequences. The job is to close the gap between the two with diff-aware review, invariant-driven testing, and live monitoring that is allowed to act, not just observe.
The protocols that survive the next cycle will not be the ones with the prettiest security badge. They will be the ones that understand a DeFi hack is usually won before the drain transaction ever lands on-chain.
ChainShield Discovery Runs are designed to identify high-risk issues quickly, validate what matters, and give engineering teams a faster path to remediation.
Request Security Quote