"Let's withdraw from DeFi first, it's too dangerous. This is going to be much more damaging than Drift/Cowswap..." said Dovey Wang, a well-known DeFi investor.

Article author: Gu Yu

Article source: ChainCatcher

On the morning of April 18, just two weeks after the Drift theft of over $200 million, Kernel's DeFi restaking protocol Kelp DAO broke the record for the largest amount stolen from the crypto industry this year: 116,000 rsETH were maliciously over-issued, worth approximately $292 million.

Kelp DAO is a triple yield restaking protocol based on EigenLayer. rsETH is a Liquidity Restaking Token (LRT) issued by Kelp DAO, designed to provide liquidity for illiquid assets deposited into restaking platforms such as EigenLayer.

The core team members of this protocol are all from India. In September 2024, the protocol secured $9 million in funding, with participation from numerous well-known investors including Laser Digital, Bankless Ventures, and Hypersphere Ventures. Currently, the total value locked in the protocol exceeds $1.5 billion. In the same year, its parent company, Kernel, also received investment from Yzi Labs, which has close ties to Binance.

However, these once proud backgrounds and achievements were shattered instantly in this tragic accident.

Deadly Cross-Chain Forgery and the Cost of "Single Signature"

Based on the initial analysis of the on-chain records, this attack was not a traditional reentrancy attack or flash loan, but a precise raid based on cross-chain message forgery.

The root cause lies in the fact that Kelp DAO's rsETH bridging adapters across different chains failed to perform rigorous "source verification" on messages from the underlying cross-chain protocol. Hackers forged legitimate asset release instructions, misleading Kelp's bridging contracts into believing that peer assets were locked on the source chain. Consequently, the contracts executed the hacker's instructions by default, releasing $292 million worth of rsETH on the Ethereum mainnet.

Approximately 46 minutes after the attack, the Kelp DAO team initiated an emergency halt. Although this action successfully intercepted two subsequent withdrawal attempts totaling 40,000 rsETH (approximately $100 million), nearly 20% of the circulating rsETH supply (116,000 rsETH) had already fallen into the hackers' hands.

Subsequently, the hackers deposited these rsETH into Aave V3 as collateral, borrowing a large amount of highly liquid wETH. Clearly, the hackers will not return these assets. Since the collateral rsETH was fraudulently issued and lacks any real underlying assets, this will result in approximately $177 million in bad debt for Aave, which will most likely be borne by all Aave depositors.

The biggest problem in this process lies in LayerZero's bridging contract. Kelp DAO uses a 1/1 DVN configuration for its LayerZero cross-chain contract, also known as a "single signature" configuration, where a single validator confirmation is sufficient to pass the cross-chain message. However, the official LayerZero documentation recommends a 2/2 configuration by default.

Following the incident, LayerZero's token ZRO fell by more than 40%, Aave's token AAVE fell by more than 22%, and Kernel's token, associated with Kelp DAO, is currently down by more than 13%. In addition, several projects, including Solv, announced the discontinuation of LayerZero OFT bridging.

The systemic collapse of the DeFi "Lego structure"

Prior to this incident, Aave had never experienced any security breaches. While this incident was not caused by a problem with its own contract code, it is still related to the protocol's risk assessment and segregation measures for such LRT tokens. In January of this year, Spark Protocol delisted low-usage assets such as rsETH and continued to tighten collateral and feature restrictions, which ensured that the protocol was unaffected by this recent controversy.

Currently, Aave's total on-chain value locked has rapidly decreased from $26.39 billion yesterday to $21.76 billion, with a single-day withdrawal of $4.6 billion. Simultaneously, a large number of borrowers are shifting to other lending protocols, leading to a surge in ETH lending demand in the market. Spark's ETH pool deposit rate has quickly increased from 1.7% to 5%.

In response to this incident, Curve founder Michael Egorov stated that this event highlights the risks inherent in the currently prevalent "non-isolated lending" model. While this model offers good scalability, it carries higher risks, making risk management crucial. One approach is to adopt a fully isolated model, like Curve Finance's marketplace; another is a hybrid model (complex but feasible). However, the market has not yet fully grasped the advantages of these solutions. Aave v4's Hub and Spoke model may represent a step towards semi-isolation and greater security.

Currently, most mainstream lending protocols adopt a shared liquidity pool model, where almost all lending assets share liquidity and risk, such as Aave, Compound, and Spark. Only a few lending protocols, such as Morpho, Kamino, and Euler, use a segregated lending pool model. This is essentially a trade-off between capital utilization efficiency and security.

In Aave's V4 version, launched at the end of March this year, the concepts of Hub and Spoke were introduced. Hub (Liquidity Hub) is the central liquidity hub, responsible for holding all assets and overall accounting. Spoke (Spoke) is a modular entry point for direct user interaction, responsible for specific lending rules and risk control.

Each Spoke offers specific lending functions (supply, borrowing, repayment, withdrawal) and has independent risk parameters: different collateral types, liquidation rules, interest rate models, E-Mode, Isolation Mode, RWA support, etc.

This means that Aave will be able to decide whether to establish completely segregated lending asset pools for assets with different risks and characteristics, based on specific circumstances, thereby controlling the overall risks brought about by a single asset.

In addition, well-known DeFi player benmo offered the following five points regarding this event:

First, the security of packaged assets such as LRT cannot be compared with that of native assets, and lending platforms cannot treat these two as equal collateral.

Secondly, L0 will lose part of the cross-chain market in the future. Several assets such as usde and usd0 have already stopped L0 cross-chain operations. Even if business resumes, it may be difficult to restore its original reputation.

Third, AAVE's dominance has been shattered, and the security of the monopolistic lending market is once again under scrutiny. Each additional collateral asset increases the risk of the original collateral assets equally, which is inherently unfair to the original assets. V4 and modularity are the trends in lending product development, and this transformation is likely to accelerate. Choosing a lending business, rather than a lending platform or curator, is an option, but the costs of this business are increasing.

Fourth, the cost of acquiring TVL at L2 will increase further, and TVL levels will now flow back to L1.

Fifth, Defi has stopped expanding its routes and returned to a conservative and secure mode, and it also needs to further prevent scanning by Anthropic Mythos.

From Drift to Kelp DAO, two major security incidents in a short period demonstrate that the "nested" financial structure of DeFi means that a systemic collapse in any link can instantly escalate into an industry-wide liquidity run. Previously, this view existed primarily in theory, with most security incidents affecting only individual protocols; now, this phenomenon has become a stark reality.

This is not only a trial of cross-chain protocols and lending protocols, but also a severe blow to user confidence.

“I’m not involved in any DeFi anymore. I only hold native ETH, and I don’t participate in any staking or deposits. I’m not greedy for even a little bit of interest,” said well-known KOL laolu.

"Let's withdraw from DeFi first, it's too dangerous. This is going to be much more damaging than Drift/Cowswap..." Well-known DeFi investor Dovey Wang shares a similar view.