How Does GMX Work?

Derivatives|Risk C|8 mechanisms|6 interactions

A perpetual futures exchange where liquidity providers act as the house against all trades, earning fees but absorbing trader profits. It holds $600M in its liquidity pool across Arbitrum and Avalanche. Its C- grade reflects a $42M hack in July 2025 and persistent oracle exploitation risk.

TVL

$240M

Sector

Derivatives

Risk Grade

C

Value Grade

B-

Core Mechanisms

Derivatives/Perpetual-Futures

Oracle-priced perpetual futures with zero slippage

Perpetual futures priced directly from Chainlink oracles rather than AMM curves, enabling zero-slippage execution up to 100x leverage.

AMM/Multi-Asset-Pool

Novel

GLP/GM multi-asset liquidity pool as trade counterparty

GLP (V1) and GM (V2) pools hold a basket of assets and serve as counterparty to all trades. LPs earn 70% of platform fees but absorb trader PnL. Novel risk-sharing model.

Oracle/Price-Feed

Chainlink oracle-based execution pricing with keeper network

All trade execution uses Chainlink price feeds rather than on-chain AMM pricing. Keeper network executes orders when oracle prices match trigger conditions.

Yield/Fee-Distribution

GM/GLV token staking with 35% yield from trading fees

Staked GM/GLV tokens earn yield from trading fees (~35% APY in Q3 2025). Fee distribution split: 70% to LPs, 30% to GMX stakers.

Risk/Liquidation-Engine

Keeper-based liquidation with oracle price triggers

Liquidations triggered when oracle-reported prices breach maintenance margin; executed by keeper network. V1 had reentrancy vulnerability in executeDecreaseOrder().

Derivatives/Spot-Trading

Oracle-priced spot swaps through liquidity pool

Spot swaps executed at Chainlink oracle prices through the GLP/GM pool, with dynamic fees based on pool asset weighting targets.

Bridge/Cross-Chain

GMX Multichain via LayerZero for cross-chain trading

LayerZero-powered cross-chain trading across Arbitrum, Avalanche, Solana, and Ethereum mainnet (launched late 2025). Novel multi-chain derivatives DEX expansion.

Governance/Token-Buyback

GMX token buyback program funded by protocol fees

600,000 USDC allocated for GMX token buybacks (Dec 2025-Mar 2026) to fund fee-rebate campaign. Governance-approved spending.

How the Pieces Interact

Oracle-based pricingGLP/GM pool counterparty riskHigh

Oracle manipulation or latency exploits enable traders to extract value from the pool at LPs' expense, as oracle prices may diverge from true market prices during volatile periods.

V1 legacy contractsV2 migration statusHigh

Coexistence of V1 and V2 contracts with user funds in both creates reentrancy and logic-level vulnerabilities in deprecated code, as demonstrated by the $42M July 2025 exploit.

Multi-asset pool compositionTrader directional exposureHigh

During strongly trending markets, pool LPs absorb concentrated directional losses from profitable traders, potentially triggering LP withdrawal cascades that reduce available liquidity.

Cross-chain LayerZero bridgeUnified liquidity poolsHigh

Cross-chain message manipulation via LayerZero could enable synthetic position creation or liquidity extraction across chains without proper collateral backing.

Keeper networkOrder execution timingMedium

Keeper latency creates windows where oracle prices update but orders execute at stale prices, enabling MEV extraction from the protocol and LPs.

See all 6 interactions in the full risk report →

What Could Go Wrong

  1. $42M reentrancy exploit in July 2025 on V1 contracts demonstrates persistent legacy code risk despite V2 migration
  2. Heavy oracle dependency for zero-slippage pricing creates systemic exposure to Chainlink feed manipulation or downtime
  3. GLP/GM pool liquidity providers act as counterparty to all trades, concentrating directional risk during trending markets

Oracle Exploitation and LP Pool Drain

Elevated

Trigger: Chainlink oracle feed for a major asset (ETH, BTC) experiences >1% deviation from true market price for 30+ seconds during a volatile period

  1. 1.Oracle price deviates from true market price by >1% during high volatility Traders open positions at oracle price that diverges from reality; guaranteed profit at LPs' expense
  2. 2.Sophisticated traders exploit the oracle lag with high-leverage positions GLP/GM pool absorbs outsized losses from oracle-mediated trades
  3. 3.LP losses become visible in declining GM/GLP token value LPs begin withdrawing, reducing pool depth and increasing slippage
  4. 4.Reduced pool depth makes oracle exploitation more profitable per trade Exploitation accelerates as fixed oracle lag represents a larger percentage of thinner pools
  5. 5.GM/GLP pool value drops to the point where remaining LPs face significant losses Mass LP exodus; platform liquidity collapses
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty3/15
Interaction Severity10/20
Oracle Surface7/10
Documentation Gaps3/10
Track Record10/15
Scale Exposure5/10
Regulatory Risk3/10
Vitality Risk6/10
C

Overall: C (47/100)

Lower score = safer

More on GMX

Is GMX Safe?

Safety analysis

Is GMX a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related Derivatives Explainers

How Does KiloEx Work?D+How Does Symm.io Work?C-How Does Thetanuts Finance Work?C-How Does Hyperliquid Work?C-How Does Aevo Work?C