Makina Finance misplaced 1,299 ETH, roughly $4.13 million, in a flash-loan and oracle manipulation exploit.
The attacker drained the protocol’s funds and broadcast the transaction to Ethereum’s public mempool, the place it ought to have been picked up by validators and included within the subsequent block.
As an alternative, an MEV builder recognized by the deal with 0xa6c2 front-ran the draining transaction, redirecting many of the funds into builder-controlled custody earlier than the hacker may transfer them off-chain.
The hacker’s transaction failed. The funds landed in two addresses related to the MEV builder.
The rapid takeaway is that Makina’s customers averted a complete loss. The deeper sign is who ended up holding the cash and what meaning for crypto’s rising emergency-response structure.
Crucial actor on this story is not the attacker or the protocol, however the block-building provide chain that intercepted the exploit and now controls whether or not customers get their funds again, beneath what phrases, and the way shortly.
MEV bots and builders have gotten crypto’s final line of protection, not by design however by structural place. That is an issue, as a result of rescue capability is concentrated within the palms of profit-maximizing intermediaries working with unclear accountability.
MEV as a backstop is already a sample
The Makina incident is not a one-off. Chainalysis documented the same dynamic through the 2023 Curve and Vyper exploit, noting that white hat hackers and MEV bot operators helped recuperate funds, which decreased realized losses beneath preliminary estimates.
The sample is mechanical: so long as exploits or rescue makes an attempt are seen in public transaction channels, refined searchers and builders can compete to reorder transactions.
Typically they save funds. Typically they seize them. Both manner, they’re appearing as a de facto emergency-response layer.
When an exploit transaction enters the general public mempool, MEV searchers monitor for worthwhile alternatives. If a hacker drains a protocol and broadcasts the transaction publicly, a searcher can assemble a competing transaction that executes first, redirecting the funds to a unique deal with.
The searcher bundles the transaction and submits it to a block builder, who consists of it if the revenue exceeds competing bids. If the builder’s block will get chosen by a validator, the searcher’s transaction executes, and the hacker’s transaction fails.
That is revenue extraction with a helpful facet impact reasonably than pure altruism. But it surely’s additionally probably the most dependable mechanism crypto has developed for intercepting exploits in actual time, as a result of it operates on the transaction-ordering layer reasonably than counting on protocol-level circuit breakers or governance intervention.
Why dependence on MEV builders is uncomfortable
The issue with MEV-based rescues is that they focus emergency-response capability in a extremely intermediated pipeline.
On Ethereum, MEV-Increase dominates block manufacturing. Rated’s relay panorama exhibits roughly 93.5% of current blocks routed by way of MEV-Increase, in comparison with roughly 6% utilizing vanilla block manufacturing.
Inside MEV-Increase, Relay market share is additional concentrated: Extremely Sound Cash accounts for roughly 29.84% of relay site visitors, and Titan accounts for roughly 24.24%, which means the 2 largest relays collectively deal with over 54% of block manufacturing.
If most blocks move by MEV-Increase and most MEV-Increase site visitors flows by two relays, the rescue layer is structurally depending on a small set of intermediaries. That creates governance issues quick.
If a builder finally ends up holding rescued funds, who authorizes custody? Who units the bounty? What prevents extortion or ransom calls for? What if the builder is offshore, nameless, or working in a jurisdiction with weak enforcement?
The Makina case illustrates the issue. The funds are within the builder’s custody, however there isn’t any public SLA, predefined bounty, or clear mechanism for returning the funds to Makina or its customers.
The builder may return the funds voluntarily, negotiate a bounty, demand a better price than trade norms, or refuse to return the funds in any respect.
Personal routing makes the issue worse.
A 2025 educational paper titled “Sandwiched and Silent” documented widespread personal routing of transactions and located that many victims migrate towards personal channels after being sandwiched by MEV bots.
Nonetheless, personal routing would not eradicate MEV, it simply shifts it from public mempools to personal order move channels managed by builders and relays.
For protocols, meaning public mempool rescues grow to be much less dependable as a result of exploit transactions more and more route by personal channels accessible solely to a subset of builders.
An try to civilize chaos
Secure Harbor is a framework developed by SEAL that seeks to exchange the “MEV builder as unintended custodian” mannequin with licensed responders, express SLAs, and bounded incentives.
SEAL describes Secure Harbor as a authorized and technical framework that lets protocols pre-authorize white hats to intervene throughout lively exploits.
The core operational rule is that rescued funds have to be despatched to official restoration addresses inside 72 hours, with pre-defined, enforceable bounties.
SEAL says Secure Harbor was motivated by the Nomad hack, the place white hats have been prepared to assist however constrained by authorized ambiguity about whether or not returning funds might be prosecuted as unauthorized pc entry.
Secure Harbor removes that ambiguity by giving protocols a solution to pre-authorize intervention and set clear phrases. SEAL claims Secure Harbor is already defending over $16 billion throughout main protocols, together with Uniswap, Pendle, PancakeSwap, Balancer, and zkSync.
Immunefi, the bug bounty platform, has operationalized Secure Harbor with stricter phrases.
Immunefi describes Secure Harbor as a SEAL-developed framework that redirects funds to a protocol-controlled vault on Immunefi’s platform. On Immunefi’s Secure Harbor program web page, the phrases state: “You could have 6 hours to switch funds again.”
Failure to fulfill the six-hour window is a fabric breach. That is 4 instances sooner than SEAL’s baseline 72-hour requirement.
Secure Harbor would not eradicate the dependence on MEV infrastructure. As an alternative, it simply tries to formalize it.
If a builder front-runs an exploit and the protocol has adopted Secure Harbor, the builder is anticipated to acknowledge the intervention as licensed and route the funds to the protocol’s designated restoration deal with throughout the SLA.
However that assumes builders monitor Secure Harbor registries, respect the phrases, and prioritize compliance over revenue.
State of affairs vary
The anticipated consumer restoration price in an exploit may be modeled as: anticipated restoration equals the likelihood of intervention, multiplied by one minus the bounty share, multiplied by one minus the failure or leak share.
Secure Harbor goals to extend the chance of intervention by lowering authorized ambiguity and capping the bounty share prematurely.
Within the base case, Secure Harbor adoption will increase over the following 12 months. Extra protocols are including Secure Harbor phrases to their governance frameworks, and extra white hats are registering as licensed responders.
The likelihood of intervention rises as a result of responders have authorized readability and glued bounty phrases. Restoration charges enhance, particularly for protocols that undertake stricter SLAs, comparable to Immunefi’s six-hour window.
Within the bull case, the rescue layer professionalizes. Protocols construct tight vault addresses, compress SLAs to single-digit hours, and pre-negotiate bounty schedules with identified white hat groups.
Builders combine Secure Harbor registries into their transaction-ordering algorithms, routinely routing rescued funds to designated addresses with out guide intervention.
Within the bear case, builder dependence hardens. Personal order move and relay focus make rescues much less clear and extra oligopolistic. Protocols that have not adopted Secure Harbor find yourself negotiating with builders after the very fact, with no clear leverage or SLA.
Governance turns into depending on intermediaries who maintain funds and set phrases unilaterally.
| Regime | Who can intervene | The place funds land | SLA | Bounty phrases | Accountability | Failure mode |
|---|---|---|---|---|---|---|
| Advert hoc MEV rescue (no Secure Harbor) | Any MEV searcher/builder/relay actor who sees the exploit and may win ordering | Typically leads to builder/searcher-controlled custody (or different third-party deal with) | None | Negotiated / unclear (can flip into advert hoc “pay me” dynamics) | Opaque (no pre-authorization, no formal obligations) | Ransom / extortion danger, refusal to return funds, extended limbo, jurisdictional enforcement points |
| Secure Harbor (SEAL baseline) | Pre-authorized whitehats (explicitly licensed by the protocol) throughout lively exploits | Protocol-designated restoration deal with (official restoration vacation spot) | 72 hours | Predefined / enforceable (set prematurely by the protocol) | Guidelines-based (scope-limited authorization + preset phrases) | Breach of phrases if funds not returned on time; clearer escalation path vs advert hoc bargaining |
| Secure Harbor (Immunefi program) | Pre-authorized responders beneath Immunefi’s Secure Harbor move (SEAL-derived) | Protocol-controlled vault on Immunefi (structured custody move) | 6 hours | Predefined reward/bounty construction (set by the venture throughout the program) | Extra formalized (platform phrases + time-boxed compliance) | Materials breach if not returned inside 6h; tighter SLA reduces limbo however raises execution strain |
What to look at
The metrics that matter are adoption cadence, operational SLAs, and centralization strain.
Adoption cadence means monitoring what number of protocols add Secure Harbor governance proposals and register in SEAL’s adopter listing.
Operational SLAs imply watching whether or not the market compresses response home windows: SEAL’s 72-hour baseline versus Immunefi’s six-hour program alerts that tighter SLAs have gotten aggressive differentiators.
Centralization strain means monitoring whether or not the market share stays concentrated.
MEV bots have gotten crypto’s emergency-response layer, whether or not the ecosystem likes it or not. Secure Harbor is the try to show that right into a predictable, accountable system.
But it surely’s additionally a guess that builders will respect pre-authorized phrases, that protocols will undertake the framework quick sufficient, and that focus within the block-building pipeline will not undermine the equity or accessibility of rescues.
The Makina case exhibits what occurs when these assumptions do not maintain: funds sit in builder custody with no clear path again to customers.
