Bunni DEX Hack: When Custom Liquidity Logic Pays Out Fantasy Money

‍“If your math can be gamed by a well-timed trade, it’s not alpha, it’s a payout script for adversaries.”

Who (and what) is Bunni DEX?

Bunni is a DEX built on Uniswap v4 hooks. Its pitch: “shapeshifting” liquidity that maximizes LP returns using a Liquidity Distribution Function (LDF): a custom curve that reallocates liquidity and rebalances positions automatically. Translation: Bunni writes extra logic that sits between swaps and pool accounting to “optimize” LP placement and yields (including re-hypothecating idle capital into lenders like Aave). The core contracts are organized around BunniHub (their main entry system).

TL;DR of the Bunni DEX Hack

• Date: September 02, 2025
• Impact: ~$2.3 - ~$2.4M drained, mostly USDC/USDT, after the attacker abused Bunni’s custom LDF rebalancing logic. Funds were then moved and parked in Aave as aEthUSDC and aEthUSDT.
• Wider impact: Separate reporting says there was additional loss on Unichain, pushing combined damage up to ~$8.4M across chains. This is still settling; treat totals as evolving.
• Immediate response: Bunni paused all smart contracts on all networks and told users to pull funds while they investigate.

‍

The Exploit: How it Actually Bled Money

The Vulnerable Idea: Liquidity Distribution Function (LDF)

Instead of Uniswap’s default mechanics, Bunni’s LDF recalculates how liquidity should be spread across ticks/ranges and rebalances positions based on trade flow. That’s power and attack surface. Early analyses (and dev commentary) point to manipulable LDF math during rebalancing: specific trade sizes could mislead the curve and over-credit value to the attacker’s side of the book. Think “business-logic bug,” not a classic reentrancy or price-oracle fail.

Likely Attack Path (simplified)

1. Prime the pool: Execute swaps with carefully chosen sizes that hit edge-cases in Bunni’s LDF math.
2. Trigger rebalancing: The hook’s internal accounting reallocates liquidity or rewards using incorrect results (precision/rounding/curve-math defects).
3. Extract value repeatedly: Rinse-and-repeat across transactions to accumulate mispriced withdrawals in stablecoins.
4. Launder to safety: Convert and park proceeds in Aave, visible on the exploit wallet holding ~$1.23M aEthUSDC + ~$1.04M aEthUSDT (plus ETH) shortly after.

Why Is This Believable?

• Multiple outlets independently point to LDF/rebalancing logic as the root cause; this is the exact failure class we’ve seen before in advanced AMMs when precision, rounding, or double-counting collide with clever order sizing (cf. Kyber’s 2023 precision/rounding fiasco). 
• On-chain wallet now sitting in Aave receipts backs the stablecoin drain claim on ETH. (Criminals love yield too.)

‍

Non-Technical Context That Actually Matters

• Hooks ≠ free lunch. Uniswap v4 lets you bolt on “custom logic.” It also lets attackers bolt into your assumptions. Every bespoke curve, rebate, or rebalance is fresh invariant debt you must pay down with testing, fuzzing, and formal proofs. 
• Math bugs scale cross-chain. Reports suggest a separate loss on Unichain in addition to Ethereum. If your logic is wrong, the same trick works anywhere that logic ships. Copy-paste = copy-pwn. 
• Re-hypothecation compounds blast radius. If your LP capital auto-routes into lenders, exploit fallout routes there too. That’s not Aave’s fault; it’s your risk coupling. (Bunni’s own materials have touted this “make idle capital work” design.)

‍

What Bunni Did To Contain It

• Hard pause: “Paused all smart contract functions on all networks.” (Correct first move; hard stop beats slow bleed.) 
• User advisory: Core contributors urged users to withdraw funds ASAP while triage proceeds. 
• Traceability: On-chain address with funds in Aave makes clawback negotiations or law-enforcement referral at least a non-zero chance, but don’t bank on miracles. 

‍

Could This Have Been Avoided?

Short answer: Yes. Long answer: Here’s the bill of materials you skipped.

1. Prove your math
   
   • Unit tests don’t catch adversarial sequences.
   • You needed property-based fuzzing (differential against a reference AMM), symbolic execution on the LDF state machine, and formal invariants:
     
     • No rebalancing step increases claimable value beyond bounded fees
     • Tick/shape transforms preserve total value to within precision tolerances
   • If that sounds heavy, that’s the cost of inventing “smarter” AMM math.
2. Precision & rounding audits
   
   • Kyber’s $48M mess was rounding/precision and double-counted liquidity. If your hook does math on discrete ticks with variable precision, you audit directional rounding and boundary conditions like a maniac. 
3. Circuit-breakers based on your curve, not price
   
   • Don’t just “pause on price.” Pause on impossible LDF deltas (e.g., shape/weight shifts that exceed expected bounds per unit liquidity). That kills these carefully sized trade attacks mid-sequence.
4. Kill-switches wired to post-swap checks
   
   • If post-swap accounting detects a value surplus vs. expected LP accounting, revert future rebalances, freeze withdrawals, or halt the hook until a guardian review. Hooks let you do this. Use it.
5. Staged rollouts & canaries
   
   • New shapes/logic gate-deployed behind TVL caps and feature flags. If a new LDF path survives adversarial chaos for N days, then, and only then, scale it.

‍

Lessons Your DEX Should Actually Adopt (steal this checklist)

Design & Code

• Treat any custom AMM math as security-critical cryptography: prove invariants, don’t vibe them. 
• Bounded rebalancing: cap shape change per block and require multi-block confirmation to prevent single-tx whipsaws.
• Dual accounting: maintain an off-path reference model (shadow accounting) to detect drift beyond ε-tolerance and auto-halt.

Testing

• Adversarial fuzz with goal-seeking “profit” oracles (not just random input), specifically searching trade sizes that maximize accounting error.
• Cross-chain replay: if logic is shared, replay the same fuzz set across every deployment.

Operations

• TVL caps on new hooks; dynamic fee spikes during anomaly; withdraw throttles when invariants wobble.
• Live invariants on dashboards; alerts trigger automatic pausing.
• Segregate re-hypothecated capital: lender integrations (Aave/Yearn) should be opt-in with hard limits and instant off-ramps.

Response

• Known-bad wallets published early; coordinate with CEXs/bridges.
• Public, code-level post-mortem (not vibes) with a patch diff and unit tests showing the failing case now succeeds.

‍

“But wasn’t the loss $8.4M?”: Reconciling The Numbers

You’ll see ~$2.3–$2.4M quoted for Ethereum and ~$8.4M when Unichain losses are added in. Both can be true: same exploit class, multi-deployment surface. Reporters traced the Ethereum side (with the Aave receipts), while others aggregated across chains. Expect totals to shift as teams and firms de-duplicate/exclude noise.

‍

The Uncomfortable Truth

Bunni didn’t get owned by reentrancy or an external oracle rug. It got owned by its own differentiation: custom math baked into a hook that mints value where none exists if you hit it just right. That’s not “innovation.” That’s subsidizing attackers with LP money.

“Complexity without proof is just confidence theater.”

If you’re building on v4 hooks, the bar isn’t “We passed an audit.” The bar is provable invariants, production kill-switches, and ops that assume your first idea is wrong.

Ship that, or don’t ship at all.

If you’re building a DEX and already worrying about hackers… Congratulations! You’re already ahead of the many projects that don’t even think about security until it’s too late.

The next step? Book a FREE consultation with us. We’ll show you how to stay secure and out of the headlines.