Makina Finance misplaced 1,299 ETH, roughly $4.13 million, in a flash-loan and oracle manipulation exploit.
The attacker drained the protocol’s funds and broadcast the transaction to Ethereum’s public mempool, the place it ought to have been picked up by validators and included within the subsequent block.
As a substitute, an MEV builder recognized by the handle 0xa6c2 front-ran the draining transaction, redirecting a lot of the funds into builder-controlled custody earlier than the hacker might transfer them off-chain.
The hacker’s transaction failed. The funds landed in two addresses related to the MEV builder.The fast takeaway is that Makina’s customers averted a complete loss. The deeper sign is who ended up holding the cash and what meaning for crypto’s rising emergency-response structure.
Crucial actor on this story is not the attacker or the protocol, however the block-building provide chain that intercepted the exploit and now controls whether or not customers get their funds again, below what phrases, and the way shortly.
MEV bots and builders have gotten crypto’s final line of protection, not by design however by structural place. That is an issue, as a result of rescue capability is concentrated within the fingers of profit-maximizing intermediaries working with unclear accountability.
MEV as a backstop is already a sample
The Makina incident is not a one-off. Chainalysis documented an identical dynamic throughout the 2023 Curve and Vyper exploit, noting that white hat hackers and MEV bot operators helped recuperate funds, which diminished realized losses beneath preliminary estimates.
The sample is mechanical: so long as exploits or rescue makes an attempt are seen in public transaction channels, subtle searchers and builders can compete to reorder transactions.
Generally they save funds. Generally they seize them. Both approach, they’re performing as a de facto emergency-response layer.
When an exploit transaction enters the general public mempool, MEV searchers monitor for worthwhile alternatives. If a hacker drains a protocol and broadcasts the transaction publicly, a searcher can assemble a competing transaction that executes first, redirecting the funds to a unique handle.
The searcher bundles the transaction and submits it to a block builder, who consists of it if the revenue exceeds competing bids. If the builder’s block will get chosen by a validator, the searcher’s transaction executes, and the hacker’s transaction fails.
That is revenue extraction with a useful aspect impact somewhat than pure altruism. But it surely’s additionally probably the most dependable mechanism crypto has developed for intercepting exploits in actual time, as a result of it operates on the transaction-ordering layer somewhat than counting on protocol-level circuit breakers or governance intervention.
Why dependence on MEV builders is uncomfortable
The issue with MEV-based rescues is that they focus emergency-response capability in a extremely intermediated pipeline.
On Ethereum, MEV-Enhance dominates block manufacturing. Rated’s relay panorama exhibits roughly 93.5% of current blocks routed by way of MEV-Enhance, in comparison with roughly 6% utilizing vanilla block manufacturing.
Inside MEV-Enhance, Relay market share is additional concentrated: Extremely Sound Cash accounts for roughly 29.84% of relay visitors, and Titan accounts for roughly 24.24%, which means the 2 largest relays collectively deal with over 54% of block manufacturing.
If most blocks movement by MEV-Enhance and most MEV-Enhance visitors flows by two relays, the rescue layer is structurally depending on a small set of intermediaries. That creates governance issues quick.
If a builder finally ends up holding rescued funds, who authorizes custody? Who units the bounty? What prevents extortion or ransom calls for? What if the builder is offshore, nameless, or working in a jurisdiction with weak enforcement?
The Makina case illustrates the issue. The funds are within the builder’s custody, however there isn’t any public SLA, predefined bounty, or clear mechanism for returning the funds to Makina or its customers.
The builder might return the funds voluntarily, negotiate a bounty, demand the next charge than business norms, or refuse to return the funds in any respect.
Personal routing makes the issue worse.
A 2025 tutorial paper titled “Sandwiched and Silent” documented widespread non-public routing of transactions and located that many victims migrate towards non-public channels after being sandwiched by MEV bots.
Nevertheless, non-public routing would not eradicate MEV, it simply shifts it from public mempools to non-public order movement channels managed by builders and relays.
For protocols, meaning public mempool rescues grow to be much less dependable as a result of exploit transactions more and more route by non-public channels accessible solely to a subset of builders.
An try and civilize chaos
Secure Harbor is a framework developed by SEAL that seeks to interchange the “MEV builder as unintentional custodian” mannequin with approved responders, express SLAs, and bounded incentives.
SEAL describes Secure Harbor as a authorized and technical framework that lets protocols pre-authorize white hats to intervene throughout energetic exploits.
The core operational rule is that rescued funds have to be despatched to official restoration addresses inside 72 hours, with pre-defined, enforceable bounties.
SEAL says Secure Harbor was motivated by the Nomad hack, the place white hats had been prepared to assist however constrained by authorized ambiguity about whether or not returning funds may very well be prosecuted as unauthorized laptop entry.
Secure Harbor removes that ambiguity by giving protocols a method to pre-authorize intervention and set clear phrases. SEAL claims Secure Harbor is already defending over $16 billion throughout main protocols, together with Uniswap, Pendle, PancakeSwap, Balancer, and zkSync.
Immunefi, the bug bounty platform, has operationalized Secure Harbor with stricter phrases.
Immunefi describes Secure Harbor as a SEAL-developed framework that redirects funds to a protocol-controlled vault on Immunefi’s platform. On Immunefi’s Secure Harbor program web page, the phrases state: “You have got 6 hours to switch funds again.”
Failure to fulfill the six-hour window is a cloth breach. That is 4 occasions sooner than SEAL’s baseline 72-hour requirement.
Secure Harbor would not eradicate the dependence on MEV infrastructure. As a substitute, it simply tries to formalize it.
If a builder front-runs an exploit and the protocol has adopted Secure Harbor, the builder is predicted to acknowledge the intervention as approved and route the funds to the protocol’s designated restoration handle throughout the SLA.
However that assumes builders monitor Secure Harbor registries, respect the phrases, and prioritize compliance over revenue.
State of affairs vary
The anticipated consumer restoration charge in an exploit could be modeled as: anticipated restoration equals the chance of intervention, multiplied by one minus the bounty proportion, multiplied by one minus the failure or leak proportion.
Secure Harbor goals to extend the chance of intervention by decreasing authorized ambiguity and capping the bounty proportion upfront.
Within the base case, Secure Harbor adoption will increase over the following 12 months. Extra protocols are including Secure Harbor phrases to their governance frameworks, and extra white hats are registering as approved responders.
The chance of intervention rises as a result of responders have authorized readability and glued bounty phrases. Restoration charges enhance, particularly for protocols that undertake stricter SLAs, resembling Immunefi’s six-hour window.
Within the bull case, the rescue layer professionalizes. Protocols construct tight vault addresses, compress SLAs to single-digit hours, and pre-negotiate bounty schedules with recognized white hat groups.
Builders combine Secure Harbor registries into their transaction-ordering algorithms, mechanically routing rescued funds to designated addresses with out handbook intervention.
Within the bear case, builder dependence hardens. Personal order movement and relay focus make rescues much less clear and extra oligopolistic. Protocols that have not adopted Secure Harbor find yourself negotiating with builders after the actual fact, with no clear leverage or SLA.
Governance turns into depending on intermediaries who maintain funds and set phrases unilaterally.
RegimeWho can interveneWhere funds landSLABounty termsAccountabilityFailure modeAd hoc MEV rescue (no Secure Harbor)Any MEV searcher/builder/relay actor who sees the exploit and may win orderingOften results in builder/searcher-controlled custody (or different third-party handle)NoneNegotiated / unclear (can flip into advert hoc “pay me” dynamics)Opaque (no pre-authorization, no formal obligations)Ransom / extortion threat, refusal to return funds, extended limbo, jurisdictional enforcement issuesSafe Harbor (SEAL baseline)Pre-authorized whitehats (explicitly approved by the protocol) throughout energetic exploitsProtocol-designated restoration handle (official restoration vacation spot)72 hoursPredefined / enforceable (set upfront by the protocol)Guidelines-based (scope-limited authorization + preset phrases)Breach of phrases if funds not returned on time; clearer escalation path vs advert hoc bargainingSafe Harbor (Immunefi program)Pre-authorized responders below Immunefi’s Secure Harbor movement (SEAL-derived)Protocol-controlled vault on Immunefi (structured custody movement)6 hoursPredefined reward/bounty construction (set by the undertaking throughout the program)Extra formalized (platform phrases + time-boxed compliance)Materials breach if not returned inside 6h; tighter SLA reduces limbo however raises execution stress
What to look at
The metrics that matter are adoption cadence, operational SLAs, and centralization stress.
Adoption cadence means monitoring what number of protocols add Secure Harbor governance proposals and register in SEAL’s adopter listing.
Operational SLAs imply watching whether or not the market compresses response home windows: SEAL’s 72-hour baseline versus Immunefi’s six-hour program indicators that tighter SLAs have gotten aggressive differentiators.
Centralization stress means monitoring whether or not the market share stays concentrated.
MEV bots have gotten crypto’s emergency-response layer, whether or not the ecosystem likes it or not. Secure Harbor is the try to show that right into a predictable, accountable system.
But it surely’s additionally a guess that builders will respect pre-authorized phrases, that protocols will undertake the framework quick sufficient, and that focus within the block-building pipeline will not undermine the equity or accessibility of rescues.
The Makina case exhibits what occurs when these assumptions do not maintain: funds sit in builder custody with no clear path again to customers.
