On December 20, 2025, a technical article titled "Reverse Engineering Hyperliquid," published on blog.can.ac, directly deconstructed Hyperliquid's binary files through reverse engineering, accusing it of nine serious issues ranging from "insolvency" to a "God Mode backdoor." The article bluntly stated:

"Hyperliquid is a centralized trading platform disguised as a blockchain."

In response to the FUD, the official Hyperliquid team issued a lengthy reply. Perhaps this was not merely a simple refutation of rumors but also a declaration of war regarding "who truly possesses decentralized trading infrastructure." While the official response successfully clarified the fund security issues, it left intriguing "gaps" in some sensitive areas of decentralization.

Where Did the $362 Million Go? The Audit Blind Spot Under the "Dual Ledger" System

The most damaging accusation was that user assets within the Hyperliquid system were $362 million short compared to the on-chain reserves. If true, this would mean it was a "chain-based FTX" operating on fractional reserves.

However, upon verification, this was a misinterpretation due to information asymmetry caused by an "architecture upgrade." The auditor's logic was: Hyperliquid reserves = USDC balance on the Arbitrum cross-chain bridge. Based on this logic, they checked the cross-chain bridge address and found the balance was indeed less than the total user deposits.

Hyperliquid responded that it is undergoing a complete evolution from an "L2 AppChain" to an "independent L1." During this process, asset reserves have become a two-track system:

The accuser completely ignored the native USDC on HyperEVM. According to on-chain data (as of the time of writing):

· Arbitrum cross-chain balance: 3.989 billion USDC (verifiable on Arbiscan)

· HyperEVM native balance: 362 million USDC (verifiable on Hyperevmscan)

· HyperEVM contract balance: 59 million USDC

Total solvency = 3.989B + 0.362B + 0.059B ≈ 4.351B USDC

This figure completely matches the Total User Balances on HyperCore. The alleged "$362 million gap" is precisely the native assets that have already migrated to HyperEVM. This is not a disappearance of funds but a transfer of funds between different ledgers.

Checklist of 9 Accusations: What Was Clarified? What Was Avoided?

Clarified Accusations

Accusation: "CoreWriter" God Mode: Accused of being able to print money out of thin air and misappropriate funds.

Response: Officially explained that this is an interface for L1 to interact with HyperEVM (e.g., staking), with restricted permissions and no ability to misappropriate funds.

Accusation: $362 million funding gap.

Response: As described above, it was due to not accounting for Native USDC.

Accusation: Undisclosed lending protocol.

Response: Official pointed out that the spot/lending function (HIP-1) documentation is publicly available and in a pre-release stage, not secretly operating.

Acknowledged Accusations with Reasonable Explanations

Accusation: Binary file contains code to "modify trading volume" (TestnetSetYesterdayUserVlm).

Response: Acknowledged existence. Explained as testnet (Testnet) residual code used to simulate fee logic; the mainnet nodes have physically isolated this path, making execution impossible.

Accusation: Only 8 broadcast addresses can submit transactions.

Response: Acknowledged. Explained as an anti-MEV (Maximal Extractable Value) measure to prevent user transactions from being front-run. Committed to implementing a "multi-proposer" mechanism in the future.

Accusation: The chain can be "plannedly frozen" with no revocation function.

Response: Acknowledged. Explained as a standard process for network upgrades (Upgrade), requiring a full network pause to switch versions.

Accusation: Oracle price can be instantly overwritten.

Response: Explained as a system security design. To liquidate bad debt promptly during extreme volatility (like 10x), the validator oracle indeed does not have a time lock.

Missing / Vague Responses

In our review, two accusations were not directly addressed or fully resolved in the official response:

Accusation: Governance proposals are unqueryable. Users can only see that voting occurred, but the on-chain data does not contain the specific text content of the proposals.

Response: The official did not address this point in the long post. This means Hyperliquid's governance remains a "black box" for ordinary users—you can only see the results, not the process.

Accusation: Cross-chain bridge has no "escape hatch." Withdrawals could be censored indefinitely, and users cannot force withdrawals back to L1.

Response: Although the official explained that locking the bridge during the POPCAT incident was for safety, it did not refute the architectural fact of "no escape hatch." This indicates that at the current stage, the inflow and outflow of user assets highly depend on the permission of the validator set, lacking the anti-censorship forced withdrawal capability of L2 Rollups.

"Throwing Shade" at Competitors

The most interesting aspect of this incident is that it forced Hyperliquid to show its cards, giving us an opportunity to re-examine the landscape of the Perp (Perpetuals)赛道. The official response unusually "threw shade" at competitors, targeting Lighter, Aster, and even industry giant Binance.

It stated, "Lighter uses a single centralized sequencer, and its execution logic and zero-knowledge (ZK) circuits are not public. Aster uses centralized matching and even offers dark pool trading, which can only be achieved with a single centralized sequencer and an unverifiable execution process. Other protocols that include open-source contracts lack a verifiable sequencer."

Hyperliquid unabashedly categorized these competitors as relying on a "Centralized Sequencer." The official emphasized: on these platforms, no one except the sequencer operator can see the complete state snapshot (including order book history, position details). In contrast, Hyperliquid attempts to eliminate this "privilege" by having all validators execute the same state machine.

This wave of "throwing shade" might also stem from Hyperliquid's concerns about its current market share. According to DefiLlama's trading volume data for the past 30 days, the market has shown a tripartite balance of power:

· Lighter: Trading volume $232.3 billion, temporarily leading,约占 26.6%.

· Aster: Trading volume $195.5 billion,位居第二,约占 22.3%.

· Hyperliquid: Trading volume $182.0 billion,位居第三,约占 20.8%.

Facing the trading volume of latercomers Lighter and Aster surpassing its own, Hyperliquid attempts to play the "transparency" card—meaning "although I have 8 centralized broadcast addresses, my entire state is on-chain and verifiable; while you can't even check yours." However, it is worth noting that although Hyperliquid's trading volume is slightly lower than the top two, it呈现碾压态势 in terms of Open Interest (OI).

Public Sentiment Response: Who is Shorting HYPE?

Beyond technical and fund issues, the community is also highly concerned about recent rumors that HYPE tokens were allegedly shorted and dumped by "insiders." In response, a Hyperliquid team member gave a定性回应 on Discord for the first time: "The shorting address starting with 0x7ae4 belongs to a former employee." This individual was once a team member but was fired in early 2024. The personal trading behavior of this former employee is unrelated to the current Hyperliquid team. The platform emphasized that it currently implements extremely strict HYPE trading restrictions and compliance reviews for all在职 employees and contractors, strictly prohibiting insider trading using their positions.

This response attempts to downgrade the accusation of "team misconduct" to "personal behavior of a former employee." However, regarding the transparency of token distribution and unlocking mechanisms, the community might still expect more detailed disclosure.

Don't Trust, Verify

Hyperliquid's clarification tweet can be considered a textbook example of crisis PR—relying not on emotional output but on data, code links, and architectural logic. It did not stop at proving its innocence but instead went on the offensive, strengthening its brand and advantage of "full state on-chain" by comparing competitor architectures.

Although the FUD was disproven, the profound thought left for the industry by this incident is far-reaching. As DeFi protocols evolve towards independent application chains (AppChain), architectures become increasingly complex, and asset distribution becomes more fragmented (Bridge + Native). The traditional method of checking balances by "looking at the contract balance" has become ineffective.

For Hyperliquid, proving "the money is there" is only the first step. How to gradually transfer the permissions of those 8 submission addresses while maintaining the advantages of high performance and anti-MEV, truly achieving the transition from "transparent centralization" to "transparent decentralization," is the necessary path to becoming the "ultimate DEX."

For users, this incident once again confirms the iron law of the crypto world: don't trust any narrative, verify every byte.