Enso Uncovers 'Toxic Pools' That Can Mislead DeFi Transaction Simulations

Thu, 16/07/2026 - 13:00
Enso has identified a previously undocumented class of malicious DeFi liquidity pools that can display accurate prices during transaction simulations before delivering worse execution once trades are confirmed on-chain.
Advertisement
Enso Uncovers 'Toxic Pools' That Can Mislead DeFi Transaction Simulations
Cover image via www.freepik.com
Google
Advertisement

Blockchain infrastructure company Enso has published new research describing a previously undocumented category of malicious liquidity pools capable of manipulating transaction simulations while producing materially different outcomes during on-chain execution.

The company refers to these pools as "toxic pools," arguing that they expose a broader weakness in decentralized finance infrastructure rather than a vulnerability affecting a single protocol. 

As wallets, DEX aggregators and routing engines increasingly depend on transaction simulations to determine the best execution path, the research suggests malicious pools can exploit that reliance by presenting attractive quotes during simulations before changing their behavior when transactions are actually processed on-chain.

HOT Stories
US Nets Just 15% of FTX's Shiba Inu (SHIB) Value; Bitcoin Does What AI Cannot, Binance Founder Explains; 70 Million XRP Lands in Millionaire Whale Wallets - Morning Crypto Report Shiba Inu Adds 60% in Weekly Spot Flows: Explaining What It Means for Price Health

Manipulating simulations instead of smart contracts

According to Enso, toxic pools differ from more familiar trading risks such as slippage or maximum extractable value (MEV). Instead of exploiting users after a trade has been submitted, they are designed to deceive the simulation process itself.

Advertisement

During a simulated transaction, the pools return prices that make them appear to offer the most competitive execution. Once the transaction is included in a block, however, the pools alter their behavior, causing traders to receive less favorable execution than originally quoted while still appearing to routing systems as the optimal path.

The company argues that this creates a new execution-quality challenge for wallets and aggregators, which may unknowingly continue directing users toward manipulated liquidity because the simulation results appear legitimate.

The research is based on approximately two months of forensic analysis combining archive-node RPC data, transaction tracing, smart contract inspection and independent validation. Enso said the investigation also benefited from discussions with contributors from Curve and Oku.

Advertisement

During the research, engineers identified two active toxic pools operating on different decentralized exchange protocols but using similar techniques, suggesting the attack model is not limited to a single ecosystem.

One documented case involved a manipulated Curve liquidity pool on Ethereum that processed more than 129,000 successful swaps while consistently delivering worse execution than its quoted prices. 

According to Enso, the discrepancy resulted in approximately $225,000 of overstated quotes, more than 37,000 failed transactions and nearly $30,000 in gas costs spent on reverted trades.

A second example focused on a malicious Uniswap v4 hook deployed on Polygon. The researchers reported that the hook generated a transaction failure rate of roughly 99.1%, repeatedly attracting routing algorithms before causing transactions to revert.

Behavior changes over time

One aspect that surprised researchers was that the Ethereum-based pool did not behave maliciously all the time. Instead, it alternated between honest and manipulated execution, making periodic simulations or manual inspections insufficient to identify the pattern.

The investigation also uncovered several oracle contracts deployed by the same operator to support additional liquidity pools, suggesting that similar techniques could potentially be replicated across other markets.

"Our investigation leads us to believe this is not simply another isolated smart contract exploit," said Milos Costantini, co-founder and chief product officer at Enso. "The industry has spent years optimizing price discovery. 

Our findings suggest the next challenge is verifying execution integrity. If transaction simulations can be manipulated while real execution tells a different story, we need better ways to verify what users actually receive."

Execution verification layer expanded

Alongside the publication of its findings, Enso announced new capabilities for Enso Shield, the company's execution-protection layer.

The updated system introduces dedicated toxic-pool detection and execution verification tools that go beyond standard transaction simulations. 

Rather than relying solely on simulated quotes, Enso Shield continuously evaluates live on-chain conditions, monitors quote consistency over time and verifies completed execution using transaction traces to identify discrepancies that conventional simulation methods may overlook.

Enso believes the research raises broader questions about execution integrity across decentralized trading infrastructure, particularly for wallets, DEX aggregators and routing protocols that depend heavily on simulated transaction results.

Rather than attributing responsibility to any individual protocol, the company is encouraging further industry research and independent validation to determine how widespread similar attack patterns may be and whether additional safeguards are needed to improve execution transparency across decentralized finance.

Advertisement
Advertisement
Advertisement
Advertisement
Subscribe to daily newsletter

Recommended articles

Our social media
There's a lot to see there, too
Advertisement