S Pettigrove and M Bacina
Mango attacker charged by US DoJ
The cryptocurrency trader behind October's Mango Markets exploit has been arrested after the US Department of Justice initiated proceedings for commodities fraud and manipulation in the Southern District of New York.
In October, Avraham Eisenberg allegedly drained US$110M in user deposits from the decentralised trading and lending protocol, Mango Markets, after initiating a pump and dump scheme. The scheme apparently involved the sale and price manipulation of the protocol's native Mango (MNGO) governance token.
In an unsealed indictment, US authorities allege that Eisenberg sold perpetual futures referencing the MNGO token to himself before initiating a large volume of buy orders on multiple cryptocurrency exchanges resulting in a significant increase in the price of the thinly traded MNGO token. This increased the value of Eisenberg's collateral on the Mango Market exchange and allowed him to withdraw the equivalent of US$110m in various tokens, including USDC, SOL, mSOL, wBTC, SRM and a large amount of MNGO tokens.
As the Mango spot price returned to its previous levels, Eisenberg's collateral also collapsed in value and the protocol was apparently unable to liquidate his positions, rendering Mango Markets insolvent.
After Eisenberg's attack was revealed by blockchain sleuths, Eisenberg admitted his role in what he termed a "highly profitable trading strategy" which involved the protocol operating as designed. Eisenberg's claims were widely criticized by many in the crypto community.
After negotiations with Eisenberg, the Mango DAO (Eisenberg himself being a significant token holder) voted to allow him to retain around 40% of the borrowed cryptocurrency on the condition that he return the balance of the tokens. The terms of the governance proposal also purported to waive potential claims, freezing action and criminal investigations relating to the exploit.
Notwithstanding the vote, the FBI has taken steps to investigate the matter resulting in US prosecutors pursuing criminal proceedings. Interestingly, the action proceeds on the basis that Eisenberg's conduct involved commodities fraud and manipulation. The complaint identifies virtual currencies generally as commodities, including USDC, but does not specifically allege that the MNGO token is a commodity (although that may be inferred from the nature of the charges against Eisenberg).
The DoJ's action will be welcomed by many in the crypto community. It nevertheless raises a number of interesting legal questions. Eisenberg has sought to adopt a "code is law" defence, asserting that his trading involved "legal open market actions" and that the Mango Markets protocol had merely operated as designed. The DOJ's complaint suggests there may be limits to such a defence. The fact that Eisenberg took steps after the attack to make users whole also did not assuage the US authorities.
The complaint also raises interesting questions for protocols which seek to negotiate with hackers to secure the return of hacked or exploited funds. In this case, the DOJ determined to prosecute Eisenberg notwithstanding the governance vote which purported to offer some form of immunity to Eisenberg. Eisenberg's apparent involvement in that vote and the generous "bounty" retained by Eisenberg may have factored into the DOJ's assessment. The DOJ may have formed a different assessment of Eisenberg's conduct had he been participating in a formal bug bounty program or similar procedure adopted by the protocol in advance.