Bunni DEX Exploit Post-Mortem: Custom LDF Logic Leads to $8.3M Drain
Bunni, a DEX using custom liquidity logic, was exploited—draining approximately $8.3M in crypto across Ethereum and Unichain due to a flawed rebalancing formula and unguarded edge-case trades.
Bunni DEX Exploit Post-Mortem: Liquidity Distribution Function Gone Wrong
Summary of the Incident
Bunni, a DEX leveraging custom liquidity logic, suffered a major exploit in early September 2025, resulting in total losses of approximately $8.3M across Ethereum and Unichain. On Ethereum alone attackers drained around $2.3M–$2.4M in USDC and USDT. By manipulating Bunni's Liquidity Distribution Function (LDF), the exploiter caused faulty liquidity rebalancing and disproportionately high payouts, before draining multiple pools. All contracts were paused and users were urged to withdraw assets immediately. The team offered a 10% bounty for returning stolen funds.
Attack Mechanics
- The exploit leveraged edge-case trades of specific sizes to break Bunni’s LDF rebalancing logic, causing miscalculated LP share values.
- On Ethereum, stolen assets included roughly $1.33M in USDC and $1.04M in USDT, later funneled through DeFi rails to obfuscate the trail.
- When including mirrored pools on Unichain, the attacker’s total profit reached about $8.3M.
Immediate Response & Damage Control
- Bunni immediately paused all smart contract functions across Ethereum, Unichain, and other connected networks.
- Users were urged to withdraw funds immediately to avoid further impact.
- The team extended a 10% bounty to incentivize partial fund return by the attacker.
Lessons Learned & Takeaways
- Edge-case protection: Custom algorithms like LDF must be rigorously stress-tested across all trade sizes and extremes.
- Defensive coding: Sanity checks and caps on liquidity recalculations could have prevented misallocation.
- Monitoring & rapid response: Real-time anomaly detection and automated pausing mechanisms can significantly reduce losses.
- Incentive risks: Bounty offers can recover funds but may normalize negotiating with attackers—protocols should weigh trade-offs carefully.
Analytical Summary
The Bunni exploit highlights how powerful but experimental features like Liquidity Distribution Functions expand both yield opportunities and risk surfaces. The $8.3M loss underscores the importance of combining innovation with layered defense, from rigorous audits to real-time monitoring.
.png&w=3840&q=75)
