Vampire Attacks - ‘I vant to drain your liquidity’

What are vampire attacks?

One of the biggest issues when launching a new project is getting people to actually use it; your product is new on the block and no one really trusts it just yet – preferring to turn to the more established platforms. So how do you get people to risk testing out what you are offering? The answer is usually incentives.

It’s a well known strategy to gain users by airdropping free tokens or offering rewards for using your protocol. Even Uniswap, the biggest DEX (decentralised exchange) in crypto, airdropped UNI tokens to help keep users interested in their platform and kickstart their DAO as new competitors were popping up.

If a vampire attack is aimed at kickstarting a platform, it’s usually very targeted and involves marketing a product to the users of specific competitors with the intention of stealing them. You know those users are interested in a product like yours and use it regularly, so why not just steal them?

When was the first crypto vampire attack?

The first known example of a vampire attack was carried out by SushiSwap. SushiSwap launched on the 28th August 2020 during a period colloquially known by crypto users as ‘DeFi summer’. During the summer of 2020, DeFi was starting to take off and everyone wanted a slice of the action. TVL (total value locked) in DeFi went from less than $1b earlier in the year to over $15b by the end of 2020 and, with this influx of cash, crypto token prices began to soar.

Many new projects were popping up daily trying to grab some of the liquidity flowing into DeFi. Competition was high and everyone was trying to attract users, so projects needed to get creative to grab users’ attention.

Understanding how SushiSwap’s vampire attack worked first needs a bit of background on how DEXs function, so if you would like to learn more we have put together a guide to DEXs you can read.

When SushiSwap initially launched, it quickly attracted more than $100m of LP tokens (tokens given as a receipt of depositing crypto into a platform) staked on their platform in just a few hours. This was done by giving out very generous amounts of the SUSHI token to users who would stake their LP with the project. Initially they only allowed users to deposit Uniswap LP tokens into SushiSwap, this was key to the vampire attack. Before this, users who had deposited on Uniswap simply held the LP token and accrued interest on it from fees when other users traded with their liquidity. SushiSwap offered a way to increase the amount users could make exponentially by offering them the SUSHI token which was understandably very attractive to a lot of Uniswap liquidity providers.

Once the platform had been running for around 2 weeks (9th September 2020), SushiSwap’s smart contract router, MasterChef, was activated. MasterChef automatically redeemed any LP tokens within a pool for the base crypto tokens and staked them on SushiSwap, migrating all liquidity to SushiSwap in the process and giving staked users SushiSwap LP tokens. This drained over $1b from Uniswaps liquidity pools. Sushiswap’s TVL spiked massively and Uniswap’s dropped by nearly half (from $3b to nearly $1.5b). Uniswap then quickly responded by airdropping their own token, UNI, to attract users back to their platform which helped them regain a lot of their lost TVL shortly after.

While this vampire attack was successful in draining liquidity away from the leader of the DEX space very quickly, it also provided SushiSwap with an effective wide-reaching marketing campaign within the crypto space. In the following months Sushiswap peaked at nearly $8b in TVL, compared with Uniswap’s $10b, and even during the current bear market still holds about 50% of the TVL that Uniswap does.

So was it successful for SushiSwap? The answer seems to be a resounding ‘yes’, and for more than just the intended effect. Due to its success, SushiSwap’s approach was soon copied by others in the crypto space and beyond.

OpenSea/LooksRare vampire attack

OpenSea is the world’s largest NFT marketplace. Whether through actively trading on OpenSea, or simply reading reports of NFTs selling for millions of dollars through it, most people are now familiar with the OpenSea platform. And similar to the Uniswap/SushiSwap saga, it’s hard for new NFT marketplaces to get off the ground because the majority use, and trust, OpenSea.

NFTs operate a little differently from DEXs so if you would like to do some background reading we have a section in our What is Web3 article.

Once again, new project creators immediately went to offering incentives to try and give themselves a kickstart in the space. When LooksRare was trying to gain recognition and users, they looked at how they could target OpenSea (who held almost all of the NFT volume at the time). This is where the idea of trying their own version of a vampire attack began.

The LooksRare team were able to determine users who had traded over 3ETH of NFTs over the past 6 months on OpenSea, these users made up LooksRare’s target audience. They then airdropped those users LOOKS tokens. However the airdrop came with strings attached, in order to claim the tokens you had to list an NFT on the marketplace. This forced users to try out their platform which LooksRare hoped might be enough to trigger interest in their platform.

They also followed this up by offering yet more rewards for staking their LOOKS token (in an attempt to stop users instantly selling them) and trading NFTs on their platform. In total LooksRare set aside 75% of their tokens for users to earn. If you just looked at the volume that the LooksRare platform gained, you’d assume the strategy was successful with LooksRare hosting almost double OpenSea’s volume in February 2022 (+$500m vs OpenSea’s $250m) when it launched. However, looking deeper it was clear that not all of that volume was legitimate.

Users quickly found ways to exploit the rewards for trading which often beat the fees they were paying by ‘wash trading’. Users would list their own NFTs for more than their value and then purchase them from themselves. This meant they kept the NFT, most of the cash (except the 2.5% platform fee) and gained the LOOKS token reward too. So while LooksRare was doing 2x more volume than OpenSea, it had around 20-40x less users. At its peak, wash trading was calculated to be making up 97% of LooksRare’s volume.

This doesn’t mean the vampire attack was unsuccessful for LooksRare, it proceeded in taking some of OpenSea’s users and, even with suspected wash trading removed, it managed to gain a pool of legitimate traders.

OpenSea/X2Y2 vampire attack

Needless to say, during 2021 & early 2022 the NFT market was very hot. In January of 2022, NFT marketplaces did over $5b in volume, so LooksRare wasn’t the only OpenSea competitor to see the dollars. One of these other contenders was the marketplace X2Y2.

To try and attract users, X2Y2 decided to offer rebates on marketplace fees and ETH gas fees (which was a big issue during the NFT boom, sometimes costing over $100 to simply list an NFT to sell). As well as this, they gave OpenSea users airdropped tokens on the same terms as LooksRare – needing to list an NFT on X2Y2 in order to claim them. Stakers of LOOKS also received a share of the marketplace’s 2% fee to help sweeten the deal and attempt to stop users selling rewards straight away.

X2Y2 managed to have a greater impact than what LooksRare achieved, gaining a good number of users through the airdrop and then retaining them via rewards. X2Y2’s methods also proved more successful in the long run with their platform gaining over half of the current NFT marketplace volume from OpenSea.

Evolution of the vampire attack

As the crypto/Web3 space has evolved, so have vampire attacks. It’s usually no longer a case of simply offering one incentive to try and attract users, but instead offering a whole range with emphasis on retaining users through a more drawn out approach such as the one X2Y2 took.

As the crypto market contracts from its massive heights in 2021/early 22, the rewards for platforms offering incentives also shrinks as the user base decreases and liquidity reduces. During bear markets, airdrops tend to be muted with users instantly selling their rewards and projects finding it more difficult to convert users in the long term. Once the crypto market begins expanding again, it’s very likely that new projects will take fresh approaches on vampire attacks as they begin to compete over users who favour the more established platforms.

Depending on who you are trying to profit from, these attacks can be hidden from the public eye. Recently it was suggested that there is a silent vampire attack happening on stablecoin holders due to the high levels of inflation and increased interest rates that banks are offering. Most stablecoin providers back their stablecoins 1:1 with a fiat currency and, as the US central bank hikes its base rates, these providers can get better interest rates on the fiat they are backing the currency with. This means they are making money from users simply holding tokens like USDC, USDT and BUSD. It was estimated that base rates going up just 1% in the US would increase Circle’s (the creator of USDC) revenue by $150m a year – and USDC is just 1 contributor to the total number of stablecoins currently on the market and backed by fiat.

Overall vampire attacks have proven to be a great way to kickstart a project, as the most difficult thing for new projects when they launch is gaining attention. However, as the space has developed so has the complexity of the attacks, which has seen vampire attacks spread through the many different niches within crypto.

How vampire attacks may be used in the future remains to be seen, but undoubtedly they’ll be adapted and used extensively during the next boom in new and exciting ways.