A vampire attack is a competitive DeFi strategy in which a newly launched protocol — typically a fork of an established competitor — aggressively incentivizes liquidity providers from the target protocol to migrate their capital by offering outsized token rewards for depositing (or migrating) LP positions, “draining” the victim protocol’s liquidity like a vampire drains blood; the canonical example is SushiSwap’s September 2020 attack on Uniswap, which temporarily drained ~$1B in liquidity from Uniswap by offering SUSHI token rewards so attractive that over 70% of Uniswap’s liquidity migrated to SushiSwap within days of its launch. Vampire attacks exploit a structural vulnerability of DeFi protocols: liquidity is mercenary — it follows the highest yield, and in protocols without moats beyond liquidity depth (like basic AMMs), a new entrant willing to sell future tokens cheaply enough can bootstrap from zero to dominance in days.
The Classic Attack: SushiSwap vs. Uniswap (2020)
Setup
The Attack (August–September 2020)
Step 1: Fork and Incentivize
Anonymous developer “Chef Nomi” launched SushiSwap — a fork of Uniswap v2 with one addition: a governance/fee token (SUSHI). SushiSwap offered SUSHI rewards to anyone who deposited their Uniswap LP tokens in SushiSwap’s staking contracts.
“`
LPs hold Uniswap LP tokens (UNI-V2) representing their pool share
↓
SushiSwap offers massive SUSHI rewards for staking those LP tokens
↓
~$1B in Uniswap LP tokens flow into SushiSwap staking contracts
↓
Migration event: SushiSwap converts all staked UNI-V2 tokens
→ Withdraws underlying assets from Uniswap
→ Redeposits into SushiSwap pools
↓
Uniswap TVL drops; SushiSwap launches with deep liquidity
“`
Step 2: The Migration
On September 9, 2020, SushiSwap executed a “migration” — using its control of the staked UNI-V2 tokens to pull liquidity from Uniswap and redirect it to SushiSwap pools. ~$830M migrated in a few hours.
Step 3: Uniswap Responds
Uniswap launched UNI governance token on September 16, 2020 — one week after the migration — distributing 400 UNI to every historical Uniswap user. This was widely seen as a defensive response to SushiSwap. The retroactive airdrop restored Uniswap’s competitive position.
Aftermath
- FTX’s Sam Bankman-Fried (SBF) took over SushiSwap admin keys at community request
- SushiSwap never permanently displaced Uniswap, but established itself as a top-5 DEX
- The attack kickstarted the “token incentives” arms race in DeFi
Why Vampire Attacks Work
Liquidity Provider Incentives
“`
Uniswap ETH/USDC LP:
- Fee APY: ~5–10%
- Token rewards: 0 (pre-UNI)
SushiSwap ETH/USDC LP:
- Fee APY: ~5–10% (same pool economics)
- SUSHI rewards: 50–200%+ APY (initially)
Rational LP decision: migrate
“`
No Switching Cost
- Assets are not locked (beyond unbonding periods)
- LP tokens are standardized
- Migration can be done in minutes
Fork = Zero R&D Cost
Other Notable Vampire Attacks
| Attacker | Victim | Year | Outcome |
|---|---|---|---|
| SushiSwap | Uniswap v2 | 2020 | Partial success; ~$830M migrated temporarily |
| Curve forks | Curve Finance | 2021+ | Multiple forks (Swerve, etc.) failed to displace Curve |
| GMX forks | GMX | 2022–2023 | Dozens of forks (Vela, Mux, etc.); none displaced GMX |
| Blur | OpenSea (NFTs) | 2023 | Highly successful; Blur took majority NFT volume via BLUR airdrop rewards |
| Hyperliquid | dYdX, GMX | 2024 | Token points program drained liquidity from competitors |
Defenses Against Vampire Attacks
| Defense | How It Helps | Example |
|---|---|---|
| Governance token launch | Makes migration less attractive (existing users loyal) | Uniswap UNI launch in response to SushiSwap |
| Liquidity locks / vesting | Capital can’t migrate quickly | veTokenomics, locked LP programs |
| Protocol moat (network effects) | DEX aggregators route to highest liquidity — deeper pool → more volume → more fees → deeper pool | Uniswap v3 concentrated liquidity |
| User base network effects | Protocol-specific features create stickiness | Curve’s veCRV bribe ecosystem |
| Retroactive airdrops | Reward loyalty to existing users | Uniswap’s 400 UNI per user |
Vampire Attack vs. Liquidity Mining
Both involve token incentives to attract liquidity, but:
- Liquidity mining: Protocol incentivizes deposits with its own token to bootstrap from zero
- Vampire attack: Protocol specifically targets an established competitor’s LP positions, often by accepting competitor LP tokens as staking collateral
All vampire attacks involve liquidity mining; not all liquidity mining is a vampire attack.
History
- August 27, 2020: SushiSwap launches; vampire attack begins against Uniswap
- September 9, 2020: SushiSwap migration executes; ~$830M leaves Uniswap
- September 11, 2020: Chef Nomi sells SUSHI dev allocation, crashing price; community backlash
- September 14, 2020: SBF takes over SushiSwap; price partially recovers
- September 16, 2020: Uniswap launches UNI retroactive airdrop; liquidity returns
- 2021: Multiple vampire attacks on Curve (Swerve, etc.) all fail due to Curve’s veToken moat
- 2023: Blur executes the most successful NFT vampire attack against OpenSea using BLUR token rewards; OpenSea market share collapses from ~80% to <20%
- 2024: Vampire attacks become normalized competitive strategy; “points programs” emerge as softer pre-token vampire mechanism