Skip to main content

This site is for educational purposes only. Nothing here constitutes financial advice.

Back to all case studies
Smart Contract Exploit
2022-10-11~$117M

Mango Markets Exploit

October 2022 — Avraham Eisenberg manipulates MNGO oracle via flash-loan-funded price moves; ~$117M drained; later convicted of commodities fraud.

Mango Markets was a Solana-based decentralised perpetual exchange. On October 11, 2022, Avraham Eisenberg (a US-based trader) executed an oracle-manipulation attack that drained approximately $117M from the protocol's collateral pools. Eisenberg's method exploited Mango's price-feed design, which used spot-market prices from low-liquidity Solana DEXes (Serum and AMM-based venues) to mark the value of the MNGO governance token used as collateral.

Eisenberg's attack worked as follows: he funded two separate accounts (Account A and Account B) with USDC. Account A deposited USDC and used it to buy massive amounts of MNGO perp futures (long position). Account B simultaneously sold the same MNGO perp futures (short position) — the two positions canceled, but the trading activity on the spot markets used by Mango's oracle pushed MNGO's spot price up by approximately 1,300%. With MNGO's spot price now inflated, Mango's collateral system valued Account A's long position at a substantially-inflated mark-to-market profit. Eisenberg used the inflated paper profit as collateral to borrow $117M of other assets from Mango's lending pools, then exited the platform.

The case became a foundational legal precedent for crypto market manipulation. Eisenberg initially claimed the attack was a 'highly profitable trading strategy' that exploited legitimate market mechanics. He returned approximately $67M as part of a negotiated settlement with Mango's DAO. The DOJ and CFTC subsequently brought criminal and civil charges; Eisenberg was convicted on commodities fraud and market manipulation charges in 2024.

Timeline

  1. 2021-Q4
    Mango Markets launches on Solana as DeFi perpetual exchange.
  2. 2022-Q3
    Mango reaches ~$200M+ in collateral assets across various tokens.
  3. 2022-10-11 (~22:00 UTC)
    Eisenberg begins executing the attack from two prepared accounts.
  4. 2022-10-11 (~22:15 UTC)
    MNGO spot price moves from ~$0.03 to ~$0.42 (1,300% increase) on Serum + AMM DEXes; Mango's oracle reads the inflated price.
  5. 2022-10-11 (~22:30 UTC)
    Eisenberg uses inflated mark-to-market position as collateral to borrow ~$117M of other assets from Mango lending pools.
  6. 2022-10-11 (~23:00 UTC)
    Mango Markets pauses operations; protocol's collateral pools are substantially drained.
  7. 2022-10-12 to 2022-10-15
    Eisenberg publicly identifies himself; characterises the attack as 'profitable trading.' DAO discussions begin on negotiated settlement.
  8. 2022-10-15
    Mango DAO votes to accept Eisenberg's return of ~$67M in exchange for non-prosecution at the DAO level.
  9. 2022-12-26
    DOJ arrests Eisenberg on commodities fraud and manipulation charges.
  10. 2023-01-23
    CFTC files parallel civil complaint.
  11. 2024-04-18
    Eisenberg convicted by jury on three counts: commodities fraud, commodities manipulation, and wire fraud.
  12. 2025
    Sentencing scheduled (substantial federal exposure).

Mechanism

The oracle design. Mango Markets used spot-market prices from Solana DEXes (Serum and AMM venues) to determine the mark-to-market value of positions and collateral. The oracle aggregated prices from multiple venues but, critically, the MNGO token's liquidity on those venues was thin — total combined liquidity was a few million dollars at most.

The two-account setup. Eisenberg funded Account A and Account B with separate USDC balances from his control. The two accounts were structured to take opposite sides of the same MNGO perpetual-futures trade: Account A long, Account B short. From Mango's perspective, the two trades were independent counterparties to each other.

The price manipulation. Eisenberg simultaneously executed trades on the underlying Solana DEXes (Serum and AMM venues) using a portion of his USDC to push MNGO's spot price up dramatically. With only a few million dollars of liquidity to absorb the buying pressure, MNGO's spot price moved from approximately $0.03 to $0.42 — a 1,300% increase. The price move was visible across all venues Mango's oracle aggregated.

The mark-to-market exploitation. Mango's oracle reflected the inflated MNGO spot price as the operative price for all positions. Account A's long MNGO perp position was now showing an enormous paper profit (long entered at ~$0.03; current mark $0.42). The system credited Account A with a mark-to-market profit that, combined with deposited collateral, was sufficient to use as collateral for additional borrowing.

The borrowing. Account A used the inflated mark-to-market value as collateral to borrow approximately $117M of various other assets (USDC, ETH, BTC, SOL) from Mango's lending pools. The borrowing was structured as a withdrawal — once executed, the borrowed funds were under Eisenberg's exclusive control. The 'collateral' supporting the borrowing (the inflated paper profit) was a fictional value supported only by the manipulated spot price.

The exit. Eisenberg withdrew the borrowed assets from the Mango platform. The protocol's accounting still showed Account A as having sufficient collateral (because the manipulated price was still in effect), but the actual platform now had a $117M hole — the spot-market positions Eisenberg had used to manipulate the price were sold back to their normal values, the MNGO spot price reverted, and Account A was now substantially under-collateralised. The $117M of withdrawn assets had been Mango's depositors' funds.

Impact

The Mango exploit had three lasting impacts. First, it became the canonical case study of DeFi oracle manipulation — the specific 'thin-liquidity AMM + collateral mechanism' vulnerability pattern is now well-understood and largely defended against in modern DeFi design. Second, Eisenberg's conviction was the first major US criminal verdict for market manipulation in DeFi, establishing that even attacks structured as 'legitimate trading' can constitute criminal conduct when the underlying mechanism is manipulation of a financial system. Third, the DAO-level negotiation (Eisenberg returning $67M in exchange for non-prosecution at the DAO level) was an early example of the structural mismatch between decentralised governance and law enforcement — the DAO's settlement did not preclude state prosecution, a point that became central in subsequent DeFi-governance discussions.

Operational lessons

  1. 1Spot-market price oracles from thin-liquidity venues are manipulable. Mango's oracle architecture was the proximate vulnerability. Modern DeFi protocols largely use TWAP windows from higher-liquidity venues or aggregated multi-source oracles (Chainlink, Pyth) precisely to prevent this exact attack pattern.
  2. 2'Profitable trading strategy' isn't a legal defence to market manipulation. Eisenberg publicly characterised his attack as legitimate trading and initially expected legal cover. The Federal jury verdict in 2024 confirmed that the legal framework for market manipulation extends to crypto when the underlying mechanism is structurally a manipulation.
  3. 3DAO settlements are not preclusive of state enforcement. The Mango DAO's vote to accept Eisenberg's return + non-prosecution did not prevent DOJ from bringing criminal charges. DAOs do not have the legal status to settle criminal matters; their decisions do not bind law enforcement.
  4. 4The same attack class persists in newer DeFi. Several other oracle-manipulation attacks (Inverse Finance, bZx, Cream Finance) have followed similar patterns. The structural defence (manipulation-resistant oracles + conservative LTV limits) is well-understood; protocols not implementing these remain vulnerable.
  5. 5Public attribution does not equal lack of accountability. Eisenberg's choice to publicly identify himself and characterise the attack as trading did not prevent his subsequent prosecution. Crypto attackers operating from US jurisdictions have substantial criminal-law exposure even when their actions are framed as exploits of public smart contracts.

Aftermath

Mango Markets continued operating post-exploit but with substantially diminished TVL and trust. The protocol implemented improved oracle architectures and conservative collateral parameters. Eisenberg's April 2024 conviction on three counts produced substantial federal prison exposure; sentencing was scheduled for 2025. The Mango case is now extensively cited in DeFi-security education and is referenced in numerous subsequent oracle-design discussions. The CFTC's parallel civil enforcement (settled in 2023) confirmed the regulator's jurisdiction over DeFi market-manipulation activity. The case study is foundational for any contemporary discussion of DeFi collateral system design.

Sources & further reading

We prioritise primary sources. Where a topic moves quickly (regulation, security incidents), we re-check sources on the cadence shown by the page's "Next review" date.

Related on Block Clarity Hub

Course — Developer Intro (Oracle Manipulation lesson)
Course — DeFi Safety Course
Case Studies — Euler Finance Exploit
Spotted an error? Report it on GitHubour correction policy