What Happened

Mango Markets (Backtest 2022-09-01)

$114M|Smart Contract Exploit|October 11, 2022

Oracle price manipulation — Avraham Eisenberg manipulated the price of MNGO token on thin-liquidity markets, then used the inflated collateral to drain Mango's treasury via massive borrows

What Hindenrank Would Have Said

As of September 1, 2022

D+
Risk Score
61/100

High risk — the combination of thin-liquidity native token, oracle dependence, and cross-margin collateral design creates a well-known attack vector for oracle price manipulation. The vulnerability was publicly flagged in March 2022 but not fully addressed. Proceed with extreme caution and limit deposit exposure.

Mechanism Novelty10/15
Interaction Severity16/20
Oracle Surface9/10
Documentation Quality4/10
Track Record7/15
Scale Exposure5/10
Regulatory Risk4/10
Protocol Vitality6/10

Grade Predicted This Failure

Flagged by dimensions: Mechanism Novelty, Interaction Severity, Oracle Surface, Scale Exposure, Protocol Vitality

One or more collapse scenarios directly matched the actual failure mode.

Top Risks Identified

  1. 1.Oracle price manipulation via thin-liquidity MNGO token used as collateral reference
  2. 2.Cross-margin system allows unrealized PnL from manipulated perps to collateralize massive borrows
  3. 3.Insurance fund ($70M) insufficient to cover full treasury drain from coordinated attack
  4. 4.Native governance token (MNGO) with extremely thin order books across limited venues (FTX, AscendEX, Serum)
  5. 5.Known oracle manipulation vulnerability publicly disclosed in Discord (March 2022) but not fully mitigated

Collapse Scenarios

Oracle price manipulation via thin-liquidity MNGO markets

Elevated
Trigger

Attacker accumulates $5-10M USDC and simultaneously takes large long MNGO-PERP position while buying spot MNGO across thin venues (FTX, AscendEX, Serum) to pump the oracle price

Cascade
1.
Attacker buys massive spot MNGO on thin order books, pumping price 10-30xOracle reports inflated MNGO price as legitimate market activity
2.
Cross-margin engine revalues attacker's MNGO perp position at inflated priceAttacker's account shows hundreds of millions in unrealized profit, treated as valid collateral
3.
Attacker borrows maximum available assets (SOL, USDC, BTC, ETH, etc.) against inflated collateralLending pool is drained; all depositor funds extracted
4.
Attacker withdraws borrowed assets; MNGO price collapses back to pre-manipulation levelsProtocol left with massive bad debt; insurance fund insufficient to cover losses; depositors face socialized losses or total wipeout
Historical Precedent

Cream Finance oracle manipulation (Oct 2021, $130M loss). Compound oracle manipulation via DAI (Nov 2020). Venus Protocol BSC oracle attack (May 2021, $100M+).

Governance capture via low-quorum DAO exploitation

Moderate
Trigger

Attacker acquires sufficient MNGO tokens (>100M, 2% of total supply) through market purchase or via exploit proceeds to pass governance proposals

Cascade
1.
Attacker submits governance proposal to modify risk parameters or direct treasury fundsWith 90% of tokens in DAO treasury (not voting), even small absolute holdings can control outcomes
2.
Proposal passes due to low participation and attacker's voting weightRisk limits loosened or treasury funds redirected to attacker-controlled addresses
3.
Community discovers malicious governance action after timelock expiresFunds already extracted; governance defense comes too late
Historical Precedent

Beanstalk Farms governance attack via flash loan (April 2022, $182M). Build Finance DAO hostile takeover (Feb 2022).

Serum DEX / FTX infrastructure dependency failure

Moderate
Trigger

Serum DEX experiences prolonged downtime, liquidity crisis, or FTX-related counterparty failure affecting order book infrastructure

Cascade
1.
Serum DEX goes offline or loses significant liquidityMango's spot margin trading halts; existing positions cannot be managed
2.
Liquidation engine cannot execute spot liquidations efficientlyBad debt accumulates as underwater positions cannot be closed
3.
Depositors rush to withdraw remaining assetsBank run dynamics; utilization spikes; borrowing rates explode but cannot incentivize returns fast enough
Historical Precedent

Solana network outages in 2021-2022 causing DeFi protocol disruptions. FTX counterparty risk concerns in Solana ecosystem.

See how today's protocols score

The same 8-dimension rubric applied to 672+ live protocols.

View LeaderboardAll Backtests