GMX

Stage 0
TVL $259M
gmx.io
2026-01-28
Chains arbitrum avalanche

Risk Assessment

Upgradeability
48h+ Timelock
Admin Control
Weak Multisig
Fund Access
Restricted
Audits
Multiple
Oracle
Decentralized
Track Record
3+ years

GMX Risk Assessment

Overview

GMX is a decentralized perpetual exchange that enables trading with up to 100x leverage directly from user wallets. The protocol uses a unique liquidity model where GLP (liquidity provider) token holders provide the counterparty for all trades, earning fees and trader losses while bearing trader profits.

The protocol pioneered real-yield DEX perpetuals and has processed billions in trading volume across Arbitrum and Avalanche.

Smart Contract Risk

Contract Architecture:

  • V1: OrderBook and GLP pool contracts
  • V2: Improved isolated pool design
  • Position and order management contracts
  • Liquidation engine with keeper network

Code Quality:

  • Audited by PeckShield and Zellic (2025)
  • Open source contracts
  • Bug bounty program active
  • Transparent documentation

July 2025 Incident (V1):

  • $42M exploit via reentrancy vulnerability in OrderBook
  • Attacker manipulated GLP token prices
  • GMX negotiated return, attacker kept $5M bounty
  • V1 paused, security patch deployed
  • V2 pools unaffected

Attack Surface:

  • Complex derivatives logic
  • Oracle-dependent for mark prices
  • GLP pool absorbs trader PnL
  • Liquidation mechanics critical

Admin/Governance Risk

Governance Structure:

  • 2-of-3 Gnosis Safe multisig
  • Signers: Krunal, Ben, and one other
  • Snapshot voting for proposals
  • 63,000+ community governance participants

Multisig Concerns:

  • Low threshold (2-of-3) for protocol of this size
  • Known signers reduces collusion risk
  • Talk of expanding to 4-of-6
  • Rogue action would be immediately visible

Trust Assumptions:

  • Multisig trusted to execute governance decisions
  • Anonymous founding team (trust concern for some)
  • Emergency pause requires multisig action
  • 28-day timelock on new token minting

Transparency:

  • Open governance process
  • Audit results published
  • Tokenomics documented
  • On-chain actions visible

Oracle Risk

Chainlink Integration:

  • Mark prices from Chainlink oracles
  • Multiple data sources for reliability
  • Fast price feeds for derivatives
  • Price deviation protections

Oracle Security:

  • Decentralized oracle network
  • No single point of failure
  • Critical for liquidation accuracy
  • Historical validation

Economic Risk

Liquidity Risk:

  • $600M+ TVL in liquidity pools
  • GLP holders bear trader PnL risk
  • Deep liquidity in major pairs
  • CEX-competitive execution

GLP Model:

  • LPs profit from fees + trader losses
  • LPs lose when traders profit
  • Rebalancing through arbitrage
  • Real yield from protocol fees

Operational History:

  • Launched September 2021
  • V2 launched August 2023
  • July 2025 V1 exploit ($42M)
  • Rapid response and partial recovery
  • Generally strong operational record

Stage Assessment

Stage 0 Criteria:

  • Weak multisig (2-of-3) for governance
  • Anonymous founding team
  • Recent major exploit (July 2025)
  • Emergency functions require trusted execution
  • Derivatives complexity adds risk

Key Concerns:

  • Multisig threshold too low
  • V1 exploit demonstrates smart contract risk
  • Anonymous team reduces accountability
  • Complex mechanism harder to audit

Justification: GMX is classified as Stage 0 (Fully Assisted) due to its weak 2-of-3 multisig governance, the recent V1 exploit, and anonymous founding team. While the protocol has strong community participation and transparent operations, users must trust a small group of individuals with significant protocol control. The July 2025 exploit demonstrates that even audited derivatives protocols carry substantial smart contract risk. As the multisig expands and security hardens, the protocol may advance.