Weekly Top Stories - 11/07/25

In this week's newsletter, Alex Thorn considers the uncertain state of crypto markets; Will Owens unpacks how a hedging strategy went awry for investors ahead of Monad's mainnet launch; and Zack Pokorny analyzes the $125 million hack of Balancer v2 and its forks.

Bull Market in Limbo

Bitcoin dropped below $100k for the first time since June. Crypto markets tumbled this week as stocks pulled back and macro pressures mounted. Galaxy Research lowered its $185k EOY target for BTC to $120k, arguing that BTC had entered a new phase – “the maturity era” – that would be characterized by institutional absorption, passive flows, and lower volatility.

Global risk appetite has also wavered this week. US stocks slid (S&P 500 -1.1%, Nasdaq -1.9%) as reports of layoffs and hiring freezes amplified slowdown fears.

OUR TAKE:

The crypto markets looked materially dented this week, with BTC struggling to maintain the key psychological level of $100k and altcoins faring far worse. Of the top 100 coins, 70+ are more than 50% below prior all-time highs. Whale distribution has presented BTC with headwinds throughout the year, but the 10/10 leverage wipeout was probably the straw that broke the camel’s back. That event blew up several market makers and funds and resulted in a material thinning of the global order book.

Bullish catalysts for Bitcoin include the broadening of ETF distribution andthe entrance of traditional wealth channels. Morgan Stanley advisors can finally recommend an initial allocation to BTC, and 3 of the top 4 custody banks have announced plans to add bitcoin offerings. And whale distribution must always end – there is a finite amount of coins that early adopters can sell, while the amount of demand is theoretically unlimited.

We remain bullish on bitcoin because, frankly, this is what growing up looks like. The “maturity era” may have killed the 100x-in-a-month fantasies, but it also killed fragility. ETFs now soak up old-guard supply, long-term whales are running out of coins, and every major bank that once sneered at BTC is quietly building a crypto desk on the weekends. The hype tourists have moved on to AI stocks; the adults are accumulating the only digitally scarce asset left. Call it boring if you want – but boring, institutional, policy-sensitive bitcoin is the version that ends up in global reserve portfolios. – Alex Thorn

Balancer v2, Forks Exploited for More Than $125 Million

Balancer v2, an onchain spot decentralized exchange (DEX), and some of its forks were exploited for more than $125 million on Monday. The exploit was the second largest in DeFi this year, trailing only the Cetus exploit from April, and the third largest in crypto overall, including the Bybit attack. For all time, the Balancer exploit ranks as crypto’s twenty-third largest known exploit. The exploit came as a shock to many in the space, given the age of the Balancer v2 contracts (they were released in April 2021) and the widespread forking of them.

So, how was the exploit executed? Balancer v2’s vault and pool design (single vault holding all tokens while pool contracts implement pricing math) was the attack surface. The attacker targeted stable-type pools (i.e., pools whose assets maintain relatively constant values against each other) that use per-token scaling and down-rounding (mulDown/divDown) in their invariant math (i.e., the mathematical rule that defines how token balances in a pool must relate to each other), then executed carefully crafted batchSwap/flash-style transactions that exploited rounding/precision behavior to make the pool report an incorrect invariant and withdraw value. Essentially, Balancer keeps all liquidity providers’ (LPs') tokens in one big safe (the vault) but lets lots of little price-calculating machines (the pool contracts) decide who gets what when trades happen. The attacker found a weakness in the math used by certain stable pools: they normalize tokens with tiny rounding steps that lose a sliver of value each time the math runs. By stringing many of those math steps together inside a single, atomic batchSwap transaction (so everything happens at once), the attacker folded those tiny rounding losses into a sequence that the pool’s checks missed. As a result, the pool’s math reported it was still solvent even though it allowed extra tokens out. In short, the attackers exploited small rounding/precision quirks in stable-pool pricing math, executed tightly crafted multi-step swaps that all ran in one transaction, and walked away with the difference.

The attack was carried out across seven networks, including Ethereum, Polygon, Base, Arbitrum, Sonic, OP Mainnet, and Berachain. Some made efforts to stop or impede the attacker from running off with the exploited funds. Polygon censored the attacker’s transactions, effectively freezing them in place with no ability to move the funds; Sonic implemented functionality (see here and here) allowing the protocol’s foundation to freeze and zero out native S token holdings of specific accounts; and Berachain halted the network entirely and forked it to prevent the attackers from keeping the funds they stole. The exploiters' addresses still hold more than $61 million in assets (see here, here, and here).

OUR TAKE:

The age and ubiquity of Balancer v2 contracts made this exploit particularly troubling. Over the past four or so years, Balancer’s v2 architecture has become deeply embedded in DeFi, with countless developers reviewing, integrating, and forking its code. Notably among those doing so is Berachain, whose native DEX was built on Balancer’s v2 codebase. Balancer’s v2 vault contract on Ethereum mainnet alone, excluding the estimated 25 forks (per DeFiLlama’s LlamaAI) and use on other chains, has seen nearly $100 billion in lifetime swap volume across almost four million swaps since it was deployed on Ethereum in April 2021.

While major applications have been exploited in the past, the combination of Balancer’s maturity, usage depth, and widespread code reuse makes this incident exceptionally uncommon. Among the 429 known exploits across 386 applications throughout crypto’s history, only a few (e.g., Curve and Compound v2) are comparable in scale and pedigree. The rarity of this kind of exploit raises an unsettling question: how many long-standing contracts that remain widely used in DeFi still conceal undiscovered bugs? The vulnerability in Balancer v2’s contracts had existed since deployment, yet remained unnoticed until now. The episode also raises the question of how the attacker discovered the bug in the first place. Some have speculated, on the basis of the structure of the attack and the exploiter being the first party to uncover the bug, that artificial intelligence (AI) played a role. However, there is no conclusive evidence that AI was used.

As is the case with most large exploits, the responses by chains raised questions around decentralization and violations of the blockchain community’s core ethos of immutability. Berachain halted the network, which affected all users, and the Sonic security team implemented a feature that allowed them to zero out the attackers’ S balance so they couldn’t pay gas to transact. Less aggressively, Polygon validators censored the attacker. Purists viewed these actions as concerning, arguing that even in the face of catastrophic losses, selectively halting networks or censoring addresses undermines the credibility of “code is law.” Others countered that such emergency measures reflect the maturing pragmatism of modern blockchain governance, whereby protecting users and preserving ecosystem integrity sometimes outweighs rigid adherence to immutability.

All in all, this event reinforces the importance of underwriting smart contract risk and shows how difficult doing so can be. In August, Galaxy Research open-sourced a smart contract risk framework and wrote in detail about how it works. - Zack Pokorny

Monad Shorts Obliterated

Monad mainnet is almost upon us. In what has probably been crypto's most hyped airdrop of the year, Monad, a layer-1 blockchain touted as Ethereum Virtual Machine (EVM)-compatible with Solana-grade performance, is set to go live on Nov. 24, at 9 a.m. ET. Ahead of the event, some investors got a hard lesson in risk.

The team has conducted an impressive marketing campaign, pushing aesthetic “Monad Cards” for prominent figures on Crypto Twitter to maximize engagement and hype. The airdrop itself seems to have been perfectly crafted for social media shares. It was a three-day event in which users opened “mystery boxes” that rewarded them with (apparently) random allocations of MON tokens. Participants were sorted into tiers according to trading volume, Monad Card ownership, and NFT holdings. At the end, users got “golden tickets” showing their final MON claim amounts for mainnet.

A Monad mystery box mid-opening animation.

Monad distributed MON to over 230,000 wallets across various community and ecosystem tracks. However, the drop apparently sidelined many long-term testnet contributors who had spent over an entire year completing weekly tasks. Some complained that key opinion leaders (KOLs) got massive airdrop allocations without engaging in the ecosystem whatsoever, while many users who spent significant time and resources to farm the Monad testnet got nothing. This sparked accusations of “community farming” (essentially using early supporters for growth and visibility without rewarding their effort).

But that wasn’t the only bone of contention in MON-land.

Hyperliquid, the popular decentralized exchange for perpetual futures, listed MON “hyperps” in early October, allowing traders to speculate on the token’s price before its official launch. In the first few days of trading, MON traded between $0.075 and $0.13.

Hyperps are similar to normal perpetual futures, but they don’t require an underlying spot market or external price oracle. The funding rate is calculated relative to a moving-average mark price derived from the contract’s recent trading activity. This design lets Hyperliquid list pre-launch perp markets on assets that don’t exist yet. Eventually, once the underlying token is live and liquid, a hyperp like MON-USDC automatically converts to a standard “vanilla” perpetual contract tied to that real spot market.

Naturally, many airdrop recipients decided to “hedge” their expected allocations by shorting MON perps. This strategy made sense in theory. If the token’s price falls sharply after launch, shorting the perp would offset the loss in airdrop spot value. However, reality is more complicated than that. This hedge became a crowded short, with everyone betting the same way on a market with thin liquidity and no underlying token in circulation.

MON Hyperliquid chart. Note the wick above $0.10.

On Nov. 4, one of the bloodiest days in crypto this year, with BTC plunging below $100,000, MON saw a violent short squeeze. Within an hour, the token “god-candled” from $0.045 to $0.11, liquidating traders on their short positions.

Some speculated that Binance or even the Monad team orchestrated the move, calling the alleged machinations a “crime.” Whatever the merit of those claims, the deeper issue is structural. It’s foolish to short a token that doesn’t exist yet and expect there to be no risk.

OUR TAKE:

This episode underscores the hazards of pre-launch perpetual markets and the illusion of “risk-free” hedging in illiquid environments. Hyperps amplify volatility by design. With no circulating supply and no fundamental anchor for the price, a single motivated and well-capitalized actor can move the market dramatically.

We’ve seen this happen before. In August, the Plasma (XPL) hyperp similarly appeared to be manipulated when a whale (known as technorevenant) pushed millions into the order book, triggering mass liquidations before prices quickly reverted. Traders and funds describe their exposure as “delta-neutral,” but delta neutrality only works when liquidity can absorb crowded positioning. When everyone hedges the same way, the hedge becomes the trade.

XPL Hyperliquid chart. Note the short squeeze wick.

Hyperps create a mirage of depth where none exists. Until that changes, these markets will continue to reward manipulation over information.

With Monad mainnet now less than three weeks away, it will be interesting to see how the team executes. Once the token goes live, real liquidity and market depth should finally establish a fair price. Until then, this episode was a masterclass in what happens when retail meta-consensus trades collide with illiquid market structure. –Will Owens

Chart of the Week

The market capitalization of the top 100 cryptocurrencies is down across the board from their 2024 all-time highs. Excluding stablecoins, 34 of the top 85 projects (40%) have fallen 75% or more, and 65 of 85 (76%) are down at least 50%.

After a flurry of 2024 highs, the market has broadly given back some ground. The long tail of tokens sits deep in drawdown, while leadership has narrowed to a handful of large caps. Bitcoin has been comparatively resilient, while Ether and SOL have surrendered a larger slice of its rally. One notable outlier: Zcash (ZEC), which is among the few names hovering close to its 2024 peak. To gain some insights driving ZEC’s resilience, read Galaxy’s recent report. The picture is one of weak breadth, gains concentrated at the top, and fatigue everywhere else.

The Oct. 10 liquidation cascade stripped out market liquidity that had been supporting crypto prices. Excluding stablecoins, market cap fell $818M (~20%) following a 38-point drop in CoinMarketCap’s [MH1] Fear and Greed Index just days earlier. Fear also bled into ETF channels, a key access point for retail, with roughly $797 million withdrawn from U.S. spot bitcoin and ether ETFs in a single day, extending a five-day outflow streak. Galaxy subsequently trimmed its BTC YE-2025 target to $120k (from $185k), citing ongoing whale distribution absorbed by ETFs, rotation into AI/gold/mega-caps, and subdued retail. The new mark still implies ~20% upside into year-end, with Galaxy’s long-term view remaining positive. Views remain dispersed as Fundstrat’s Tom Lee continues to project $200,000 by year-end, underscoring the wide range of outcomes investors are considering after the recent reset.

As “Uptober” fades, this cycle is behaving differently; breadth is weaker, and passive ETH flows are more influential. If a market-structure bill advances in the U.S. Congress, expect a bifurcation: higher-quality, commodity-like assets could see cleaner listings and deeper institutional access, while long-tail tokens that screen as securities may face tighter venues and pressure on market cap.

“The times they are a-changin.’” Position for quality, not hype. –Christopher Rosa

Other News

🚨Stream Finance Halts Withdrawals, Deposits After $93m Loss Disclosed

🤦‍♀️Moonwell Loses $1m in Flash Loan Exploit Due to Bad Price Feed on Chainlink

🤯Charles Schwab CEO Says It Will Offer BTC Trading in First Half of 2026

🔮Google Finance Adding Polymarket, Kalshi Prediction Market Data to Search Results

⚔️Coinbase Faces Flak from Trad Bankers on Push for OCC Trust Charter

⚖️Samourai Wallet's Rodriguez Sentenced to Maximum Five-Year Term Over Mixing

♊Winklevii’s Gemini Moves to Enter Prediction Markets

🇭🇰Franklin Templeton Debuts Hong Kong’s First Tokenized Fund

💳Mastercard, Ripple, Gemini Explore Settling Card Transactions With XRPL

🪙Polymarket’s U.S. Return Comes With Tiny (0.01%, Taker-Only) Fees