Enso Discloses Malicious Liquidity Pool Attack, Curve Pool Caused Approximately $225,000 in Inflated Quotes
2026-07-17 06:33
Odaily Planet Daily News DeFi infrastructure company Enso disclosed in a report on July 16 a type of malicious liquidity pool called "toxic pools," which manipulates transaction simulations to return false optimal quotes to wallets and DEX aggregators, and changes the logic upon actual on-chain execution.
Enso stated that the relevant malicious contracts can identify read-only simulation environments and return optimized prices, but after the transaction is broadcast on-chain, it is executed at a worse price or results in transaction failure. One manipulated Curve pool processed over 129,000 swaps, causing approximately $225,000 in inflated quotes, while more than 37,000 transactions were reverted, consuming nearly $30,000 in gas fees.
On Polygon, a malicious Uniswap v4 hook attracted routing systems with false exchange rates, subsequently triggering a 99.1% transaction failure rate. Enso said it has updated its execution protection product, Enso Shield, to detect false quotes in Ethereum and Polygon environments.
Enso stated that the relevant malicious contracts can identify read-only simulation environments and return optimized prices, but after the transaction is broadcast on-chain, it is executed at a worse price or results in transaction failure. One manipulated Curve pool processed over 129,000 swaps, causing approximately $225,000 in inflated quotes, while more than 37,000 transactions were reverted, consuming nearly $30,000 in gas fees.
On Polygon, a malicious Uniswap v4 hook attracted routing systems with false exchange rates, subsequently triggering a 99.1% transaction failure rate. Enso said it has updated its execution protection product, Enso Shield, to detect false quotes in Ethereum and Polygon environments.
