46 minutes, $292 million stolen, DeFi faces development dilemma again

Author: Gu Yu, ChainCatcher

In the early morning of April 18, just two weeks after the theft of over $200 million from Drift, Kernel's DeFi re-staking protocol Kelp DAO has once again set a record for the amount stolen in the crypto industry this year: 116,000 rsETH maliciously minted, worth approximately $292 million.

It is reported that Kelp DAO is a triple-yield re-staking protocol based on EigenLayer. rsETH is a liquidity re-staking token (LRT) issued by Kelp DAO, designed to provide liquidity for non-liquid assets deposited into re-staking platforms (such as EigenLayer).

The core team of the protocol is composed of members from India. In September 2024, the protocol secured $9 million in funding, with numerous well-known investors including Laser Digital, Bankless Ventures, and Hypersphere Ventures participating. Currently, the total locked amount of the protocol exceeds $1.5 billion. In the same year, its parent company Kernel also received investment from Yzi Labs, which has close ties to Binance.

However, these once-proud backgrounds and achievements were shattered in an instant during this tragic incident.

Fatal Cross-Chain Forgery and the Cost of "Single-Signature"

According to a preliminary breakdown of on-chain records, this attack was not a traditional re-entrancy attack or flash loan, but a precise assault based on cross-chain message forgery.

The fundamental reason lies in the failure of Kelp DAO's rsETH bridging adapter across chains to conduct strict "source verification" of messages from underlying cross-chain protocols. The hacker forged legitimate asset release instructions, misleading Kelp's bridging contract into mistakenly believing that equivalent assets were locked on the source chain, thereby executing the hacker's instructions, releasing $292 million worth of rsETH on the Ethereum mainnet.

Approximately 46 minutes after the attack occurred, the Kelp DAO team activated an emergency pause mechanism. Although this action successfully intercepted two subsequent withdrawal attempts totaling 40,000 rsETH (about $100 million), nearly 20% of the circulating supply of rsETH (116,000 tokens) had already fallen into the hacker's hands.

Subsequently, the hacker deposited these rsETH into Aave V3 as collateral, borrowing a large amount of highly liquid wETH. Clearly, the hacker would not return this asset, and the collateral rsETH was derived from false minting without real underlying assets, which would result in Aave incurring approximately $177 million in bad debt, likely to be borne by all Aave depositors.

In this process, the biggest issue arose from the bridging contract of LayerZero. The LayerZero cross-chain contract used by Kelp DAO is configured as 1/1 DVN, known as a "single-signature" configuration, where a single validator's confirmation is sufficient to pass cross-chain messages, while LayerZero's official documentation recommends a 2/2 configuration.

After the incident, LayerZero's token ZRO fell by more than 40%, Aave's token AAVE dropped by over 22%, and the Kernel token associated with Kelp DAO is currently down over 13%. Additionally, several projects, including Solv, announced the suspension of LayerZero OFT bridging.

Systemic Collapse of DeFi's "Lego Structure"

Before this incident, Aave had never experienced any security incidents. Although this event was not caused by issues with its own contract code, it is still related to the protocol's risk assessment and isolation settings for such LRT tokens. In January of this year, Spark Protocol had delisted low-usage assets like rsETH and continued to tighten collateral and functional ranges, which kept the protocol unaffected during this turmoil.

Currently, Aave's total on-chain locked amount has rapidly dropped from $26.39 billion yesterday to $21.76 billion, with a single-day withdrawal amount reaching $4.6 billion. At the same time, many lending users have turned to other lending protocols, with high demand for ETH lending in the market, causing Spark's ETH pool deposit rate to quickly rise from 1.7% to 5%.

In response to this incident, Curve founder Michael Egorov stated that this event highlights the risks brought by the widely adopted "non-isolated lending" model. This model has good scalability but higher risks, making risk management crucial. One approach is to adopt a fully isolated model like that of Curve Finance's market, while another is to use a hybrid model (complex but feasible). However, the market has yet to fully understand the advantages of these solutions. Aave v4's Hub and Spoke model may be a step towards a semi-isolated and safer direction.

Currently, most mainstream lending protocols adopt a shared liquidity pool model, where almost all lending assets share liquidity and risk, such as Aave, Compound, and Spark. Only a few lending protocols like Morpho, Kamino, and Euler adopt an isolated lending pool model. This essentially represents a trade-off between capital efficiency and safety.

In the V4 version launched by Aave at the end of March this year, the concepts of Hub and Spoke were introduced. The Hub (central / Liquidity Hub) is the central liquidity hub responsible for holding all assets and global accounting. The Spoke (radiation) is a modular entry point for direct user interaction, responsible for specific lending rules and risk control.

Each Spoke provides specific lending functions (supply, borrowing, repayment, withdrawal) and has independent risk parameters: different types of collateral, liquidation rules, interest rate models, E-Mode, Isolation Mode, RWA support, etc.

This means that Aave will be able to decide whether to establish fully isolated lending asset pools based on specific situations for assets with different risks and natures, thereby controlling the global risks posed by single assets.

Additionally, well-known DeFi player benmo proposed the following five points regarding this incident:

First, the security of packaged assets like LRT cannot be compared to that of native assets; lending platforms cannot treat these two equally in terms of collateral.

Second, L0 will lose part of the cross-chain market in the future; multiple assets like usde and usd0 have already stopped L0 cross-chain, and even if business resumes, the original credibility may be hard to restore.

Third, AAVE's reputation has been damaged; the security of the unified lending market has re-entered a phase of scrutiny by whales. Each additional collateral asset equally increases the risk of the original collateral, which is inherently unfair to native assets. V4 and modularization are trends in the development of lending products, and this transition process will likely accelerate. Choosing lending business rather than lending platforms or curators, but the cost of this business is increasing.

Fourth, the cost of acquiring TVL in L2 will further increase; the current TVL level will further flow back to L1.

Fifth, DeFi will halt its expansion route, returning to a conservative and safe mode, and further preventing scans from Anthropic Mythos.

From Drift to Kelp DAO, two significant security incidents within a short period demonstrate that the "nested" financial structure of DeFi means that the systemic collapse of any single link can instantly evolve into a liquidity crisis across the entire industry. In the past, this viewpoint mainly existed theoretically, with most security incidents' impacts remaining confined to individual protocols, but now this phenomenon has occurred in a tragic manner.

This is not only a judgment on cross-chain protocols and lending protocols but also a severe blow to user confidence.

"I no longer participate in any DeFi, only holding native ETH, not engaging in any staking or deposits, not chasing a little interest," said well-known KOL laolu.

"Let's withdraw from DeFi first; it's too dangerous. This injury is much greater than Drift/Cowswap…" said well-known DeFi investor Dovey Wang, expressing a similar view.