What if you walked up to a poker machine, tapped a secret sequence of buttons, and it started spitting out jackpots, over and over, because of how it was programmed?
No lock-picking. No hacks. Just pressing buttons. The payout wasn't a fluke. It was baked into the logic.
Now imagine a federal court saying: "Well, the machine let you, and you didn’t lie, so it’s not a crime."
That’s not hypothetical. It happened, first in Las Vegas, and later in crypto.
In 2022, a man named Avi Eisenberg used $5 million to manipulate token prices and borrow over $100 million from a decentralized protocol called Mango Markets. He called it a “profitable trading strategy.” Now in May 2025, a federal judge vacated his fraud and manipulation convictions.
This article dives into:
- What actually happened during the Mango exploit,
- Why the court sided with Eisenberg,
- What a little-known gambling case (U.S. v. Kane) has to do with all this,
- And what this says about how badly DeFi still misunderstands its own boundaries.
Â
1. The Man, the Exploit, and the Real Sentence
Let’s get something uncomfortable but essential out of the way.
Avraham “Avi” Eisenberg is currently serving a 52-month federal prison sentence, not for what he did on-chain, but for something far worse: possessing child sexual abuse material discovered during the investigation into his Mango activities¹.
This has nothing to do with oracles, tokens, or crypto. It's a separate case. But it matters. Because when people talk about Eisenberg, as a “clever trader,” or a “DeFi outlaw,” it’s easy to forget that his most serious conviction is for a crime that has nothing to do with financial systems, and everything to do with deep, irreparable harm.
That needs to be said upfront.
Now, the Mango exploit is still worth understanding. Not to excuse Eisenberg, but because it exposed something fragile and unresolved in DeFi’s foundation, a hole between code, law, and ethics. That’s where we’re headed next.
Â
2. What Actually Happened at Mango Markets
Mango Markets was a cross-margin trading and lending protocol on Solana. Its collateral engine relied on a price oracle that averaged quotes from three comparatively thin-liquidity exchanges, FTX, AscendEX, and Serum. Those venues were chosen for speed and on-chain accessibility, not depth.
On 11 October 2022, Avi Eisenberg exploited that design in four deliberate moves:
- Setup – He deposited roughly USDC 5 million across two fresh Mango accounts and opened equal-and-opposite positions in MNGO-perpetual swaps.
- Price Pump – He aggressively bought spot MNGO on the same exchanges feeding Mango’s oracle, spiking the token price more than 700 % in fifteen minutes.
- Collateral Inflation – Because the oracle now believed MNGO was worth far more, Eisenberg’s long became massively “over-collateralised.” Mango’s contracts let him borrow stablecoins, SOL, and BTC against that phantom equity, over $110 million in total.
- Crash & Cash-Out – After draining liquidity, he reversed his buys, the price collapsed, and his short side printed further profit.
Nothing in the code malfunctioned; the contracts did exactly what they were written to do. Eisenberg later proposed (and the DAO accepted) a deal to return $67 million in exchange for civil immunity, framing his actions as a “highly profitable trading strategy.”
Think of it like this: a homeowner convinces an appraiser that their studio flat is a penthouse, takes out an eight-figure mortgage, and then walks away, perfectly within the bank’s automated approval logic. The bank isn’t hacked; its rules are just naive.
Â
3. U.S. v. Kane: The Slot-Machine Case That Predicted DeFi’s Future
Long before anyone had heard of Mango Markets, John Kane walked into a Las Vegas casino armed with nothing but insider knowledge and perfect timing. As a former slot-machine technician, he’d discovered that a certain model of IGT video-poker cabinet mis-calculated credits if you pressed its buttons in just the right order. No wires were clipped, no chips re-flashed, no malware installed. Kane simply exploited the game’s own code to force jackpots, hand after hand.
Naturally, the casino called the feds. Kane was indicted on wire-fraud and computer-fraud charges. Yet in 2014 a federal judge dismissed the case.
Why?
Because Kane never lied, never trespassed, never exceeded authorized access. He played a public machine exactly as it was programmed, just more cleverly than the designers intended. The court couldn’t stretch fraud statutes to punish conduct that violated no expressed rule.
Sound familiar? Swap the casino for a blockchain, the buttons for token trades, and you have Mango.
ă…¤ | U.S. v. Kane (2014) | Mango / Eisenberg (2025 ruling) |
Exploit medium | Video-poker machine | Solana DeFi protocol |
Technique | Timing sequence bug | Oracle price manipulation |
Unauthorized access? | None | None |
Misrepresentation lied? | No | No |
Court outcome | Charges dismissed | All convictions vacated |
Why this matters to DeFi
A slot machine is just primitive automation; a smart contract is advanced automation. Yet courts saw no legal difference: if the code allows it, and no deception or trespass occurs, traditional fraud law struggles to bite. That precedent casts a long shadow over permissionless finance, where “the machine let me” can become an all-purpose defence.
Â
4. The Court’s Ruling - What It Really Said
In April 2024 a Manhattan jury convicted Avi Eisenberg on three counts: commodities fraud, commodities manipulation, and wire fraud. Thirteen months later Judge Arun Subramanian wiped the slate clean.
Why? Two pillars: venue and falsity.
1. Wrong Court, Wrong State
The U.S. Constitution says criminal trials must be held where the alleged crime occurred. Eisenberg executed every trade from Puerto Rico. The government argued that Mango users in New York felt the pain, and one exchange involved had Manhattan staff. The judge called that connection “too thin.” Venue failure alone was enough to vacate the commodities counts.
2. No Lie, No Fraud
Wire-fraud law asks a simple question: Did the defendant deceive anyone?
Mango’s contracts contained no promise of repayment, no ban on price manipulation, and no disclaimer about oracle risk. The protocol’s silence became Eisenberg’s shield. In the judge’s words:
“Fraud statutes are not catch-all laws designed to punish all wrongdoing or dishonorable conduct.”
Without misrepresentation, wire-fraud collapsed. And once wire-fraud fell, the manipulation count, already venue-stranded, had no anchor.
What Counts as Market Manipulation?
Traditional Finance | Permissionless DeFi |
Pump-and-dump, spoofing orders, wash trades, insider tips. | Entire market is an AMM; trades are automated. “Spoofing” looks like normal liquidity-provision, wash trading is indistinguishable from volume mining. |
Specific exchanges regulate order books and can freeze accounts. | No single venue owner; smart contracts can’t freeze adversarial addresses. |
Deception is provable via chat logs, emails, trade sequences. | No chats, no identity. Code executes exactly as written, so “deception” is hard to pin. |
Takeaway: The legal definition of manipulation expects an identifiable marketplace and a human deceiver, two things Mango’s design never offered.
The court never said Eisenberg’s strategy was fair or admirable. It simply ruled that under existing statutes, and in the wrong courtroom, clever wasn’t criminal.
Â
5. So… Was It Wrong?
Imagine waking up, opening your Solana wallet, and seeing a zero balance where your Mango deposits used to be. No hack alert, no notice in your inbox, just empty numbers. That’s what some users faced on 12 October 2022. The protocol hadn’t malfunctioned; it had followed orders, orders one trader understood better than anyone else.
So, if a court says no fraud occurred, did anything wrong happen?
Intent ≠Crime
Avi Eisenberg didn’t luck into this payout. He mapped the oracle, tested liquidity depth, timed the spike, hedged with a short, and negotiated a payout. Intent was crystal clear.
But intent only counts legally when it pairs with deception or a breached duty. Mango had neither: no promise of fair pricing, no borrower agreement, no prohibition on self-directed price moves. Legally speaking, Eisenberg exploited a feature, not a bug.
“Exploitation” vs. “Smart Arbitrage”
At what point does profitable arbitrage tip into abuse? Here’s a snapshot:
ㅤ | Healthy Arbitrage | Eisenberg’s Move |
Goal | Close price gaps | Inflate price gap |
Counterparty risk | Low → adds liquidity | High → drains liquidity |
Net effect on protocol | Stabilises markets | Bankrupts markets |
Requires oracle flaw? | No | Yes |
Normatively welcomed? | Yes | No, but undefined |
The table makes one thing obvious: Mango’s code couldn’t tell the difference, and because its creators never articulated the boundary, neither could the judge.
Silence as a Loophole
- No duty âžś no breach.
- No representation âžś no falsity.
- No prohibition âžś no crime.
When a permissionless system refuses to declare what it expects from users, it surrenders moral authority to whoever presses the buttons fastest. Eisenberg didn’t crack a vault, he walked through an unlocked door the architects forgot to label “Private.”
And that raises a harder question the law alone can’t answer: Can a system call itself “financial” if it can’t recognise, let alone prevent, economic harm executed in broad daylight?
The rest of this essay keeps chasing that question.
Â
6. How the Cetus Hack Helps Clarify the Difference
If Mango raised doubts about whether intent alone can be wrong, the recent (May 2025) Cetus exploit slams the point home from the opposite direction, because this time the system didn’t merely behave poorly, it crashed through a math error.
What Went Wrong at Cetus
Cetus is a decentralised exchange on Sui. One function used a 64-bit integer to track liquidity but failed to guard against overflow. By feeding it a specially crafted, ultra-large input, the attacker wrapped the value back to near-zero, then minted an absurd number of LP tokens for pennies.
In a few transactions they siphoned roughly US ~$230 million from the pool before anyone could blink.
That’s not clever economics. That’s broken arithmetic.
Bug vs. Logic - A Clearer Lens
ă…¤ | Cetus Hack | Mango Exploit |
Underlying flaw | Integer overflow (programming bug) | Oracle design flaw (economic logic) |
Code behaved as intended? | No, violated numeric limits | Yes, followed contract exactly |
Developer responsibility | Missed basic safety check | Misjudged economic assumptions |
Legal framing | Unauthorised manipulation of state | No deception, no un-authorised access |
Public perception | Straight-up hack | Controversial “strategy” |
The difference is stark: Cetus broke; Mango enabled. That distinction explains why the same court logic that freed Eisenberg would almost certainly not save a Cetus-style attacker, there, the bug itself supplies the “falsity” element the law looks for.
Why Developers Share the Burden
Cetus proved that a single unchecked variable can vaporise hundreds of millions. Mango proved that unchecked assumptions can vaporise just as much. Both outcomes trace back to design choices. One sat in the solidity compiler; the other sat in the economics notebook. Either way, users paid.
Â
7. The Invisible Victims
You’re in Kuala Lumpur. It’s 6 a.m. You open Phantom on your phone to check the USDC you parked in Mango for a modest 8 percent yield. The balance shows 0.00. No hack alert, no e-mail, just empty numbers on a blockchain you can’t call for help. Welcome to permissionless finance on its worst day.
That morning, thousands of wallets across every continent registered the same shock. More than US $100 million in collateral was gone, reassigned to a single trader who hadn’t breached a line of code or lied to a soul.
Global Users, Local Courts
Those wallets belong to people in Vietnam, Nigeria, Argentina, Turkey, places where 8 percent on a stablecoin can mean rent or tuition. Yet any civil suit must be filed by an identifiable plaintiff in a specific jurisdiction. Most Mango users:
- never revealed their real-world identity,
- lack the means to litigate in the U.S. or Puerto Rico,
- aren’t even sure which entity to sue (is it the DAO? the devs? the attacker?).
A legal pathway exists only for a tiny, well-doxxed minority. Everyone else simply writes the loss off, or leaves DeFi for good.
When “Restitution” Becomes Governance Theater
Eisenberg eventually returned US $67 million after a token-holder vote. Sounds like justice, until you zoom in:
- Voting power skewed toward large holders, some of whom weren’t victims at all.
- The returned funds bolstered Mango’s treasury first; individual wallets received little clarity on reimbursement schedules.
- Users who lost small amounts never discovered a claim portal, let alone filed one.
Justice, in other words, was optional and political.
A System That Can’t Recognize Harm
Traditional finance has flaws, but at least it knows who its customers are. DeFi promises global access, yet the moment harm occurs, that very global anonymity turns victims into ghosts.
If a protocol can’t identify the people it hurt, or even admit they exist, can it still call itself financial infrastructure?
That question lingers as we turn from the human cost to the asymmetry of power that makes exploits like Mango even more unsettling.
Â
8. And What If a Hedge Fund Did This?
Re-run the Mango playbook, but swap Avi Eisenberg for “AlphaWave Global,” a Delaware-registered quant shop with Cayman feeder funds and an army of lawyers.
Same steps:
- Seed two wallets.
- Pump a thin-liquidity oracle.
- Borrow nine figures in under-collateralized loans.
- Disappear into custodial cold storage.
No Twitter confession, no Reddit AMA, no attempt to negotiate. Just silence, and quarterly returns that look spectacular on a limited-partner deck.
Why Power Protects
Large institutions bring three shields small actors lack:
Shield | How It Works |
Legal wrappers | Exploits routed through shell entities isolate principals from personal risk. |
Invisible infrastructure | Private RPC endpoints and sub-millisecond bots leave almost no public footprint. |
Narrative control | PR teams frame the event as “liquidity provisioning” or “high-frequency arbitrage,” muting outcry before regulators notice. |
Not Hypothetical: Jarredfromsubway.eth
A single wallet, jaredfromsubway.eth, quietly extracted more than $40 million by sandwiching meme-coin trades on Uniswap and PancakeSwap. The operator used Flashbots relays, an infrastructure tier typically rented by quant funds, and, when called out, replied on-chain: “All profits are within protocol design.” No one sued, no regulator objected, no funds were returned.
Would Regulators Even Know?
When an individual brags on Twitter, enforcement agencies get a heads-up. When a billion-dollar fund moves with NDAs and cloaked infrastructure, who notices?
And if the law couldn’t convict a solo actor who live-tweeted his caper, what chance does it have against an institution that erases its footprints in real time?
That asymmetry leads to an unsettling possibility:
The next Mango exploit might already have happened, performed quietly by someone powerful enough that we’ll never read the post-mortem.
The only defence is defining abuse so clearly that silence stops being a strategy. That takes us straight to the crux: can DeFi articulate what crossing the line looks like?
Â
9. Defining Abuse in a System That Has No Rules
DeFi’s core promise is simple: anyone can interact with financial software without asking permission.
Its core blind spot is just as simple: no-one agrees what counts as abuse when anyone can do anything.
Traditional finance uses contracts, disclosure laws, and regulators to draw bright red lines. DeFi often offers … silence. If the code executes, the action is allowed, end of story.
But Mango showed hat silence can be a loophole big enough to drain nine figures.
Intent Isn’t Enough
Eisenberg’s plan was deliberate: pump, borrow, dump, profit.
Yet no lie was told, no password stolen, no system accessed without authorisation. The protocol silently blessed every step. Without deception, the court saw no fraud.
When Arbitrage Turns to Extraction
ㅤ | Healthy Arbitrage – adds liquidity | Eisenberg’s Strategy – extracts liquidity |
Objective | Close mis-pricings | Create mis-pricing then harvest it |
Oracle dependency | None / minimal | Critical – relies on thin oracles |
Net effect on LPs | Reduced volatility | Insolvency & losses |
Role in ecosystem | Stabiliser | Parasite |
Explicit rule broken? | No | Also no |
The table is the heart of the dilemma. Both columns can be “legal” under silent code. Only one feels remotely fair.
Abuse Without Lies
Law is built to punish deception and trespass. Mango had neither.
So what does “wrong” mean when a system never said “don’t do that”?
Working as designed is not the same as working as intended.And intention doesn’t compile.
Until protocols encode expectations, whether through code, terms, or circuit breakers, exploit and innovation remain indistinguishable in court.
Without norms, every edge case defaults to winner-takes-all. The law can’t fix that vacuum; only design can.
Â
10. The Four Cracks Mango Left Behind
Mango’s courtroom victory didn’t close the book; it tore out four pages and left them blank. Each missing page represents a systemic gap that still haunts permissionless finance.
Crack | What Mango Revealed | Why It Matters |
1. Invisible Justice | Global, pseudonymous users had no legal venue, no claims process, and no guaranteed restitution. | A financial system that can’t even identify its victims eventually loses them. |
2. Intent-Responsibility Gap | Eisenberg’s plan was deliberate, harmful, and public, yet not illegal under current statutes. | If exploitation with clear intent isn’t punishable, “code-as-license” becomes the default ethic. |
3. Asymmetry of Power | A solo actor was caught only because he bragged; a well-equipped trading desk could execute quietly and walk away. | Enforcement scales inversely with resources, a reversal of the fairness DeFi claims to offer. |
4. Dehumanised Risk | Automated protocols executed harm with perfect indifference; no one on-chain registered pain or paused the system. | When software overlooks suffering, markets drift from finance toward a zero-sum game no one normal wants to play. |
Until these cracks are acknowledged, and eventually bridged, DeFi will keep producing edge cases that feel less like innovation and more like indictments.
Â
11. Final Reflection: “The Code Let Me” Is Not Enough
Mango’s code never said “no.”
Neither did the casino machine John Kane tricked, or the integer register that melted inside Cetus.
Each system, silent by design, surrendered its judgment to whomever understood it best.
Automation Without Expectations
Automation is brilliant at executing logic. It is terrible at expressing values.
When we off-load judgment to code but forget to embed boundaries, we leave an ethical vacuum, one any sharp trader, or well-funded desk, can inhale.
Winners, Losers, and the Vanishing Middle
In that vacuum, rules don’t disappear; they mutate. Speed becomes a rule, silence becomes a shield. Capital becomes the ultimate permission.
And the users who can’t arbitrate blocks or lobby lawmakers? They become data points on a Dune dashboard, nothing more.
Law’s Blind Spot
Courts can punish lies, trespass, forged signatures. They struggle with an act that is 100 percent logical and 0 percent honest.
Until legislatures redefine fraud for the age of autonomous markets, “The machine let me” remains a viable defence.
The Real Test
We love the phrase “don’t trust, verify.” Mango proved verification isn’t enough.
We must ask: “Verify what, exactly?”
Because if verification stops at does the contract execute?, then every oracle pump, every silent sandwich, every overflow is fair game.
A Choice, Not a Bug
This leaves builders, and, frankly, all of us, with a choice:
Encode values now, or let the fastest players write them for us in real time.
If we choose silence, the next exploit won’t come with a tweet or a confession.
Maybe it already happened, tucked inside a fund’s quarterly letter, described with a euphemism like “extreme alpha capture.”
And the code?
It will still say yes, because no one ever taught it how to say no.
Â
Footnotes
- Inner City Press – “Avi Eisenberg Sentenced to 52 Months for CSAM Possession”, https://www.innercitypress.com/sdny30cryptoeisenbergicp052325.html
- CoinDesk – “How Market Manipulation Led to a $100M Exploit on Solana DeFi Exchange Mango”, https://www.coindesk.com/markets/2022/10/12/how-market-manipulation-led-to-a-100m-exploit-on-solana-defi-exchange-mango
- Blockworks - “Mango Markets Wants Eisenberg To Pay Up, His Lawyers Say the “Matter Was Settled”, https://blockworks.co/news/mango-markets-wants-eisenberg-to-pay
- Wired – “Use a Software Bug to Win Video Poker? That's a Federal Hacking Case” https://www.wired.com/2013/05/game-king/
- United States v. Kane, United States V Kane - Oct. 2012 Magistrate Report - https://www.scribd.com/document/157683519/United-States-v-Kane-Oct-2012-Magistrate-Report
- United States v. Eisenberg, Rule 29 Opinion, SDNY, https://assets.bwbx.io/documents/users/iqjWHBFdfxIU/rmmTMWKeWe9s/v0
- SlowMist – “Cetus Integer Overflow Incident Report,” https://slowmist.medium.com/slowmist-analysis-of-the-230-million-cetus-hack-ee569af040f2
- Cetus - Rekt, https://rekt.news/cetus-rekt
- The Block, “Jaredfromsubway.eth's MEV bot rakes in millions of dollars in three months” - https://www.theblock.co/post/230218/jaredfromsubway-mev-bot
Made with Bullet