Written by: Liam 'Akiba' Wright
Compiled by: Saoirse, Foresight News
The theft of $292 million worth of rsETH from KelpDAO occurred at an extremely unfavorable time for the DeFi industry. Prior to this, the security breach at Drift Protocol on April 1st and the collapse of the Venus lending protocol in March had already severely damaged market confidence. Following this incident, approximately $10 billion in funds were withdrawn from the DeFi sector over the weekend. ( Related reading:Why is DeFi so frequently hacked? You may have overlooked these warning signs )
Multiple crises have compounded the difficulties facing DeFi, making its predicament increasingly difficult to avoid. Although the open-source decentralized finance system still exists, it is gradually losing its core position as the default gateway to on-chain finance. Stablecoins, tokenized government bonds, and compliant settlement channels continue to expand rapidly, while permissionless native protocols continue to suffer from a discount in market trust.
A list of theft incidents in 2026 circulating on the social media platform X vividly reflects the current pessimistic sentiment in the industry.
2026 Hacker Rankings (Source: Our Crypto Talk)
Some security incidents have been fully reviewed, some risks continue to escalate, and many events blur the lines between protocol vulnerabilities, cross-chain bridge failures, and theft of user assets. This article primarily analyzes the confirmed security incidents of 2026 and the industry landscape shifts exposed by these incidents.
The current state of the industry is vastly different from the heyday of DeFi in the summer of 2020 and the bull market of 2021. That glory now only exists in memory. At that time, DeFi told the market a financial narrative of openness, efficiency, and composability; by 2026, these characteristics still exist, but they no longer carry the halo and market faith.
Every major cryptocurrency theft increases the trust cost for users participating in DeFi. Currently, the fastest-growing and most secure areas of on-chain finance are gradually becoming payment networks, tokenized government bonds, and compliant token products, rather than the complex token ecosystem native to DeFi.
The real test for the industry right now is whether open-source DeFi can quickly rebuild market trust and maintain its position as a mainstream on-chain gateway. Currently, the entire sector isn't dying out, but rather facing a situation of shrinking market share.
The security risks of DeFi have long since gone beyond smart contract vulnerabilities.
One of the most common misconceptions people fall into after a large-scale hacking attack is attributing all incidents to vulnerabilities in smart contract code. The Drift protocol's loss of approximately $285 million precisely demonstrates that this understanding is outdated.
Chainalysis, an on-chain data analytics company, revealed that the attack stemmed from privilege abuse, vulnerabilities in administrator pre-signing operations, and fraudulent collateral, rather than a simple code flaw. This has led the market to realize that many of the risks in DeFi today lie hidden in areas such as governance permissions, signing mechanisms, and operational architecture.
This fundamental change alters the underlying entities that users need to trust. Code audits and market-validated contracts remain important, but they are no longer sufficient to cover the entire risk chain: signing nodes, cross-chain bridges, oracles, and market parameter configurations all have vulnerabilities. When protocols span multiple public chains, management committees, liquidity platforms, and collateralized derivatives, the attack surface expands far faster than the decentralized narrative evolves.
The Venus protocol's post-incident review also exposed similar problems, albeit in a different form. Attackers used inflated asset values as collateral for lending, siphoning off approximately $14.9 million in assets and leaving the protocol with over $2 million in bad debt. Although the cause of the incident differed from Drift's, the conclusion was the same: under conditions of weak liquidity and structural anomalies, leading DeFi lending platforms remain vulnerable to asset crises.
This was followed by the sudden collapse of KelpDAO. According to CryptoSlate, this vulnerability directly triggered a run on approximately $10 billion in funds across the entire DeFi market, forcing a freeze on all rsETH-related markets. Even though market sentiment subsequently eased and outflow data was revised, the signal remains very clear: when faced with cross-chain complexity, collateral uncertainty, and the risk of systemic contagion, users' first choice is to withdraw their funds.
This trend aligns with the 2026 security report released by security firm TRM: in 2025, the vast majority of industry theft losses came from infrastructure attacks, surpassing those from simple smart contract vulnerabilities.
The trust crisis in DeFi is becoming increasingly difficult to isolate because the industry needs to defend not just the code itself, but the entire complex operating system built on top of the code.
On-chain finance is still growing, but funds are flowing to safer products.
The overall liquidity situation does not support the claim of a "complete collapse of DeFi." CryptoSlate data from April shows:
- USDT's market capitalization has reached $185 billion, while USDC's market capitalization has reached $78 billion.
- The total supply of stablecoins on the Tron chain is $86.958 billion, while the total supply of stablecoins on the Solana chain is $15.726 billion.
The Ethereum blockchain still retains the core existing funds of native DeFi, and the market is more characterized by a concentrated migration of funds rather than a complete exit.
The shift in funds towards low-volatility wealth management products is more pronounced. As of March 12, 2026, the scale of tokenized US Treasury bonds has reached $10.9 billion, with over 55,000 holders.
Users are still using blockchain for settlement and asset ownership verification, but they are no longer willing to invest their assets in native DeFi projects that are complex in structure and have high risks.
The market segmentation is very clear:
Trust pressure and signals of capital outflow:
- The theft of $292 million from KelpDAO triggered an outflow of approximately $10 billion from the entire industry;
- Drift's locked assets were halved due to a permission vulnerability;
- Venus exposes itself to lending risks characterized by weak liquidity and frequent bad debts.
Positive signals for on-chain growth:
- The combined market capitalization of USDT and USDC is approximately US$263 billion.
- The tokenized U.S. Treasury bonds amount to $10.93 billion, with over 55,000 holders;
- Visa continues to advance USDC settlement and is building an institutional-grade stablecoin ecosystem.
Capital is clearly concentrating on products with clear logic, sufficient collateral, and suitable institutional investors.
Visa's 2026 Stablecoin Strategy Report is noteworthy: its data shows that the total supply of stablecoins increased by more than 50% in 2025, from $186 billion at the beginning of the year to $274 billion at the end of the year; and it proposes that 2026 will be the first year for institutions to officially deploy stablecoins, which means that the stablecoin field is moving towards mainstream standardization.
The same applies to settlement. Visa disclosed that its USDC monthly settlement volume has exceeded $3.5 billion annualized.
While the digital currency itself accounts for a small percentage of the overall stablecoin market, its significance to the industry is profound: compliant traditional financial infrastructure is being connected to the on-chain network, no longer needing to rely on the entire ecosystem narrative of native DeFi.
Core of industry competition: Who will control the future on-chain infrastructure?
CryptoSlate previously pointed out that compliant institutions are vying for over $330 billion in on-chain liquidity pools, including approximately $317 billion in stablecoins and nearly $13 billion in tokenized government bonds.
These funds continue to pursue advantages such as high speed, programmability, and 24/7 uninterrupted settlement. Market attention is also focused on leading assets and basic settlement networks, rather than various niche governance experimental projects.
The difference is particularly evident when compared to the bull market cycle of 2021.
In the past, DeFi encompassed both the underlying infrastructure and end products: the birthplace of innovation, the source of high returns, and the model for future finance were all concentrated here. But by 2026, the future of on-chain finance is being stripped of the messy risks of native DeFi and repackaged.
Tokenized funds enable 24/7 circulation and rapid settlement, while stablecoins handle payments and treasury transactions. Institutions can enjoy the advantages of blockchain while maintaining firm control over compliance, counterparty risk, and market structure.
CryptoSlate's project shutdown report shows that in the first quarter of 2026, over 80 crypto projects officially ceased operations or entered liquidation processes. While not limited to DeFi, this is enough to illustrate that capital has run out of patience for projects that cannot generate long-term value, stable returns, and real-world applications.
Crypto spot ETFs are also part of this major trend. Compliant products continue to attract market funds and attention, with users and institutions preferring infrastructure that allows them to enjoy the advantages of blockchain without bearing the high trust risks of native DeFi.
This also allows native DeFi to retain its own positioning, only with a narrower scope: open composability and permissionless innovation still have value, serving as a laboratory for financial primitives innovation—DeFi explores and tests first before various new models are absorbed and popularized by compliant products.
The core contradiction in the industry at present remains the squeezing of trust.
Native open-source DeFi is losing its narrative dominance. If it cannot quickly rebuild trust, optimize its operational architecture, and prove the irreplaceability of its complex design, it will gradually lose its position as the front-end entry point for on-chain finance.
The core competition in the industry has become clear: who will take over the next wave of on-chain demand? Currently, it seems that safer and more compliant on-chain packaging products are gaining the upper hand.
