Recent findings reveal a new threat within decentralized finance (DeFi) that could lead to significant financial losses for traders. Dubbed "toxic pools," these malicious liquidity setups are designed to manipulate transaction simulations, tricking users into executing trades at unfavorable prices.
Enso, a DeFi infrastructure company, published a report on July 16 that highlights the tactics employed by these deceptive pools. Unlike traditional hacks that directly siphon funds from wallets, toxic pools create a façade of attractive price quotes during off-chain simulations. However, once a transaction is initiated, these pools alter their operations, resulting in much worse execution prices for the traders.
Understanding Toxic Pools
The mechanism of these toxic pools relies on misleading simulations that commonly occur during trade previews. For instance, a crypto wallet or decentralized exchange aggregator requests a price quote through a "dry-run" simulation, which should reflect current market conditions. The malicious contracts then detect this simulation state and generate an artificially favorable price. Yet, when the actual transaction is made, the pool modifies its logic to execute trades at a lesser rate, leading to substantial losses.
Research indicates that such setups are not merely isolated incidents. They present a broader risk to the integrity of execution within the DeFi space. Milos Costantini, co-founder of Enso, noted that these deceptive practices not only degrade the user experience but also create a financial drain through transaction failures. One notable case involved a manipulated Curve pool that caused over 37,000 reverted trades, resulting in losses of nearly $30,000 in gas fees.
Implications for Users
The emergence of toxic pools particularly threatens the trading environments on platforms like Ethereum and Polygon, where many traders seek competitive pricing. The malicious contracts can alternate between legitimate and harmful behaviors, making traditional security measures ineffective against them. For example, a malicious hook used in platforms such as Uniswap v4 has been linked to a staggering 99.1% failure rate in transactions, raising serious concerns for users relying on these systems.
As these deceptive pools continue to evolve, the need for effective solutions becomes urgent. Enso has responded by updating its Enso Shield product, which now detects these fake quotes across various blockchain platforms. The fight against toxic pools is now crucial for ensuring the safety and integrity of DeFi trading.
This content is for informational purposes only and does not constitute financial advice.


