Enso reveals malicious liquidity pool attack, Curve pool causes approximately $225,000 in inflated quotes
2026-07-17 06:33
Odaily Odaily reports that DeFi infrastructure company Enso disclosed a type of malicious liquidity pool called "toxic pools" in a report on July 16th. These pools manipulate transaction simulations to return false optimal quotes to wallets and DEX aggregators, subsequently altering the logic during actual on-chain execution.
Enso stated that the relevant malicious contracts can identify read-only simulation environments and return optimized prices, but when the transaction is broadcast on-chain, it is executed at a worse price or causes the transaction to fail. One manipulated Curve pool processed over 129,000 swaps, resulting in approximately $225,000 in inflated quotes. Additionally, over 37,000 transactions were reverted, consuming nearly $30,000 in gas fees.
On Polygon, a malicious Uniswap v4 hook attracted routing systems with fake exchange rates, subsequently triggering a 99.1% transaction failure rate. Enso stated that it has updated its execution protection product, Enso Shield, to detect fake quotes in Ethereum and Polygon environments.
Enso stated that the relevant malicious contracts can identify read-only simulation environments and return optimized prices, but when the transaction is broadcast on-chain, it is executed at a worse price or causes the transaction to fail. One manipulated Curve pool processed over 129,000 swaps, resulting in approximately $225,000 in inflated quotes. Additionally, over 37,000 transactions were reverted, consuming nearly $30,000 in gas fees.
On Polygon, a malicious Uniswap v4 hook attracted routing systems with fake exchange rates, subsequently triggering a 99.1% transaction failure rate. Enso stated that it has updated its execution protection product, Enso Shield, to detect fake quotes in Ethereum and Polygon environments.
