Uniswap V4 Hook Security: 7 Attack Vectors That Already Cost DeFi $11M — and How to Defend Against Them

Uniswap V4's hook architecture is the most significant change to AMM design since concentrated liquidity. It's also the most dangerous. In May 2025, Cork Protocol lost $11 million because their hook's beforeSwap function lacked a single modifier. In March 2026, the z0r0z V4 Router lost $42K because inline assembly trusted a fixed calldata offset. These aren't edge cases. They're the opening chapter of a new exploit category that will define DeFi security for years. This article maps the seven most critical Uniswap V4 hook attack vectors, dissects real exploits, and provides concrete defense patterns every hook developer and auditor must know. How V4 Hooks Change the Security Model Uniswap V3's security model was simple: trust the protocol. The Router, Factory, and Pool contracts were audited monoliths. If Uniswap was secure, your integration was (mostly) secure. V4 shatters this assumption. The new Singleton PoolManager delegates execution to arbitrary hook contracts at 14 different li