Hook
A freshly deployed Curve pool on Ethereum quietly returned a 22.5% price improvement over the leading competitor. For three consecutive days, it lured hundreds of routing aggregators into selecting it as the optimal swap venue. Then, every single transaction reverted. The pool never intended to execute a trade. It was a simulation trap—a piece of code designed to look perfect in pre-execution previews and fail on-chain. Total gas wasted: over $30,000. Total realized profit for the attacker: $3,460. Pocket change, but the method is a blueprint for much larger heists.

Context
Every modern DeFi wallet and aggregator relies on a silent hero: the simulation engine. Before you click “Confirm,” a local node or RPC endpoint replays your transaction against the latest state. It estimates output, gas, and slippage. The aggregator then picks the pool offering the best simulated return. This system assumes one thing: that the pool's response during simulation is honest. That assumption is now broken.
The attack, independently detected by Enso Security and reported by Unchained, exploits a fundamental gap between Ethereum’s EVM simulation and actual execution. An attacker deploys a liquidity pool—on Curve, Uniswap v4, or any protocol supporting custom logic—that acts like a chameleon. During simulation, it returns an inflated quote. During execution, it either reverts or switches to a worse price. The user sees a perfect trade, sends the transaction, and gets a failed or unfavorable result. The aggregator has already forwarded the order flow. The damage is instant.
This isn’t a theoretical risk. Two confirmed cases exist: a Curve pool on Ethereum mainnet that processed over 129,000 simulated swaps, and a Uniswap v4 hook on Polygon with a 99.1% failure rate. The attacker deployed additional contracts across other chains, suggesting a systematic operation rather than a one-off experiment.
Core
The technical mechanism is elegant in its simplicity. The malicious pool uses a conditional statement that checks the caller’s gas limit. During simulation, typical callers (like a wallet’s eth_call) send a gas limit of 2^64-1 or a very high value, triggering the “honest” branch that returns an attractive price. During real execution, the transaction carries a lower gas limit, causing the contract to branch into the “malicious” path—revert or return a worse price. It’s a classic EVM inconsistency exploit, weaponized against simulation.

Let’s look at the numbers. The Curve pool on Ethereum attracted 129,251 transactions. Enso calculated that users were quoted an overquote—the difference between the inflated simulation price and the real floor price—totaling $225,000. But the attacker only extracted $3,460 in actual profit, likely from a few successful trades where the revert logic failed or the timing was exploited. The remaining $221,540 never materialized because the transactions reverted. Yet the gas spent on those reverts—$30,000—burdened users and clogged the mempool.
The Uniswap v4 case is more insidious. The hook allowed the attacker to deploy a pool with a custom afterSwap callback that checks block.timestamp or block.number. In a simulated call (eth_call), these values are set to the current state, but the hook can alter its response based on whether it detects a real transaction versus a static call. Out of 1,200 attempted trades, only 11 succeeded. The 99.1% failure rate is a signature of intentional sabotage.
Based on my experience in 2017 auditing ERC-20 tokens, I saw a similar pattern: smart contracts that return different values to different callers. That was a vulnerability in token transfers. Here, it’s a vulnerability in price discovery. The industry has focused on frontrunning, sandwich attacks, and oracle manipulation, but this attack targets the simulation layer—a blind spot no one anticipated.

The attacker’s address reveals a pattern of deployment. They created at least three other contracts on Ethereum and Polygon, each with similar logic but varying revert conditions. Enso’s analysis shows that the Curve pool alternated between honest and malicious behavior over time, making it difficult to flag with a single on-chain check. This is not a script kiddie; it’s a deliberate strategy to maximize confusion and evade detection.
Contrarian
Most coverage of this attack frames it as another MEV variant. It is not. MEV exploits transaction ordering. This exploit exploits transaction simulation. The two are orthogonal. Ordering attacks require the attacker to see pending transactions; simulation spoofing requires the attacker to see nothing but the aggregator’s call pattern. It is cheaper, harder to detect, and scales linearly with the number of pools deployed.
The contrarian angle: this is actually a bullish signal for DeFi security vendors. Enso Shield, the product that caught this, will now see demand spike. Every aggregator and wallet will need “post-simulation verification”—a step that compares the simulated output to the actual execution hash. This adds latency but closes the gap. The market will pay for that latency because the alternative is trust in a broken assumption.
Another unspoken insight: Uniswap v4’s hook architecture, while innovative, lowers the barrier for deploying malicious pools. Pre-v4, launching a Curve pool required bootstrapping liquidity. Now, any developer can spin up a hook with arbitrary logic. The decentralization benefits are real, but so is the attack surface. Expect more “toxic hooks” in the coming months, especially on Polygon and other low-fee chains where gas waste is less painful for attackers.
Enso’s discovery also highlights the failure of the simulation-as-reality dogma. Wallets like Rabby and MetaMask, and aggregators like 1inch and ParaSwap, should have already built validation checks. They didn’t. The attacker’s profit was a tiny fraction of the gas wasted, but the true cost is the erosion of user trust. Yield is the bait; liquidity is the trap. The simulation trap is the latest iteration.
Takeaway
The simulation trap is now active. The attacker deployed more contracts. Enso’s detection caught only two. How many others are still floating, waiting for a larger target? The next iteration will not settle for $3,460. It will drain a honeypot or manipulate a large swap. Surveillance is anticipating the break before it happens. The break happened. Now the industry must rebuild the simulation layer with the same rigor as the execution layer.