Paradex suffers another hacker attack: Why no funds were stolen despite 57 keys being leaked

Decentralized derivatives platform Paradex experienced two major security incidents within just two days. Following the system failure on January 19th that caused Bitcoin prices to display as zero, the platform confirmed today that the Mithril trading bot integrated into the system was hacked, resulting in the leak of sub-keys for approximately 57 users. However, unlike the expected disaster, this incident ultimately did not lead to user fund losses. The key lies in the permission design: the leaked sub-keys could only be used for trade execution and could not access users’ wallet balances.

Why Funds Remained Safe Despite Key Leakage

Scope of the Attack

According to Paradex’s official disclosure, hackers infiltrated Mithril’s internal systems, leading to the leakage of sub-keys for about 57 users. It is important to clarify a critical detail here: the leaked keys were not the users’ master keys, but specifically designated “sub-keys” used solely for trade execution.

This permission separation is crucial. Paradex explains that these sub-keys were designed with “restricted permissions,” specifically limited to:

• Allowed operations: placing orders, adjusting positions, closing positions
• Disallowed operations: withdrawing funds, transferring balances, modifying account settings

This means that even if attackers obtained these keys, they could only perform trading operations within the user’s account and could not transfer funds out. This layered permission architecture acted as a firewall at a critical moment.

Paradex’s Emergency Response

Upon discovering the anomaly, Paradex took swift measures:

• Immediately paused all XP-related transfers
• Recalled all sub-keys linked to Mithril
• Cut off access to the compromised bot
• Urged users to review and revoke external tool authorizations

From the speed of response, the platform effectively prevented further risk escalation.

Systemic Risks Behind the Incidents

Short-term Consecutive Issues

More concerning is that Paradex experienced two major events within 48 hours:

Though different in nature, both incidents highlight a common problem: weak risk management in the DeFi automated trading ecosystem.

Double-Edged Sword of DeFi Automation Tools

This series of events serves as a reminder that third-party automation tools can improve trading efficiency but are not risk-free. These risks include:

• Technical risks: platform maintenance issues, system failures causing abnormal liquidations
• Security risks: third-party bots themselves may become attack targets
• Permission risks: over-privileged access can lead to catastrophic consequences

Paradex was able to navigate this safely mainly due to proper permission design. However, not all platforms have such safeguards in place.

Implications for Users and the Market

Recommendations for Users

• Regularly review authorized external tools, keeping only necessary and trusted connections
• Prefer platforms and tools with layered permission designs
• Pay attention to platform security records and emergency response capabilities
• Avoid over-reliance on a single automation tool

Market-Level Considerations

These incidents indicate that the DeFi automated trading ecosystem still needs to improve security standards. Some users acknowledge Paradex’s quick response, but others point out that rapid reaction alone is not enough; fundamental improvements in system design and risk control are essential.

Summary

Paradex’s hacking incident was ultimately contained without fund losses, but the lessons are significant. While proper permission design prevented financial damage, the occurrence of two major incidents in a short period reveals room for improvement in technical operations and security management. For traders, balancing convenience and safety has never been more critical. When choosing automation tools, it’s not just about features but also about platform permission architecture, security track record, and risk management capabilities. The development of DeFi should prioritize both ease of use and reliability.