Bunni DEX Shuts Down, Cites Recovery Costs After $8.4M Exploit

Bunni, a decentralized exchange (DEX) built on Uniswap v4, said it will close permanently two months after an exploit drained some $8.4 million in crypto and left the team without the resources to recover.

In a post on X, the team behind Bunni said the cost to securely relaunch the protocol would run into “6-7 figures” for audits and monitoring alone, capital the team no longer has.

“It'd also take months of development & BD effort just to get Bunni back to where it was before the exploit, which we cannot afford,” the team wrote. “Thus, we have decided it's best to shut down Bunni.”

The attack at the beginning of September targeted BunniHub, the protocol’s main smart-contract system, and affected deployments on both Ethereum and Uniswap Labs' layer-2 network Unichain. Blockchain security firm CertiK, at the time, traced the stolen funds to two Ethereum wallets.

Bunni will keep withdrawals open on its website for now and plans to distribute remaining treasury funds to BUNNI, LIT and veBUNNI token holders, excluding the team. That process is still being reviewed for legal compliance.

Though the platform is winding down, Bunni’s team has open-sourced its v2 smart contracts under the MIT license. That allows other developers to leverage features like surge fees, liquidity distribution functions and automated rebalancing, which were part of Bunni’s infrastructure.

The team says they will continue working with law enforcement to track the exploiter and recover the stolen funds.