Jimbo's Protocol Floor-Defense Drain

On May 28, 2023, the Arbitrum DeFi protocol Jimbo's Protocol — built to provide a "semi-stable floor price" for its JIMBO token by accumulating ETH reserves to defend against drops — was exploited for $7.5 million (4,090 ETH) through a flash-loan attack on its slippage-control logic. The JIMBO price fell 40% immediately after the attack.

What happened

Jimbo's Protocol's economic model: accumulate ETH in a treasury and use it to defend JIMBO's price floor by buying tokens whenever the price approached the floor. The mechanism's central function was JimboController.shift(), which managed the liquidity-pool composition during price-defense operations — adding or removing liquidity in response to market conditions.

The flaw lived in the slippage protection around shift(). The function accepted parameters about pool composition without rigorously validating that the resulting state would respect the protocol's intended economic invariants.

The attack:

1. Flash-borrowed 10,000 ETH as initial capital.
2. Swapped the ETH for JIMBO through the [ETH/JIMBO] trading pair, causing a price surge in JIMBO due to the size of the buy relative to pool liquidity.
3. Called JimboController.shift() with parameters that triggered liquidity-pool manipulation favourable to the attacker — adding and removing liquidity in a sequence that allowed extraction of value from the protocol's ETH reserves at the manipulated JIMBO price.
4. Converted the acquired JIMBO back to ETH at the manipulated rate, walking with a substantial profit.
5. Repaid the flash loan, netting approximately 4,090 ETH in profit.

The 4,090 ETH was extracted from Arbitrum and then bridged to Ethereum mainnet via Stargate and Celer Network — approximately 4,048 ETH made it to the mainnet (small portion lost to bridge fees and slippage).

Aftermath

• The JIMBO token price fell 40% immediately and continued declining as confidence in the floor-defense mechanism collapsed.
• The Jimbo's Protocol team announced revival plans involving a redesigned controller contract and a new token migration.
• Stolen funds were laundered; no public recovery.
• Jimbo's became a recurring reference for "floor-defense as marketing" — the protocol's defense mechanism was supposed to make JIMBO economically robust, and instead became the exact surface the attack exploited.

Why it matters

Jimbo's Protocol is one of several DeFi designs that attempted to create structural price-floor guarantees through on-chain treasury management — protocols like OlympusDAO derivatives, Tomb Finance, and various "rebase" / "floor" experiments. The category as a whole has had recurring security incidents because:

1. Price-defense logic inherently interacts with manipulable pool state. Any function that buys, sells, or rebalances based on the current pool price is one flash loan away from doing the operation against the attacker's interests rather than the protocol's.

2. Slippage controls on internal protocol operations are a different problem from slippage controls on user trades. The latter just protects users from getting bad fills; the former protects the protocol's solvency from adversarial conditions and requires much stronger invariant checking.

3. "Floor price" guarantees are economic claims, not technical ones — and economic claims that depend on the protocol's own reserves are vulnerable to attacks that drain those reserves through manipulation rather than direct theft.

The structural lesson: protocols selling stability as a feature need to demonstrate that the stability is robust against adversarial conditions, not just under normal market behaviour. Jimbo's $7.5M is the cost of failing this test.