DeFi Suffers $13 Billion Loss in 48 Hours Following KelpDAO Breach

A massive exodus of capital from the decentralized finance ecosystem has occurred in the wake of the KelpDAO protocol's weekend exploit. Leading DeFi lending platform Aave has witnessed a staggering $8.45 billion decline in deposits over the past two days, contributing to a broader $13.21 billion downturn in total value locked across DeFi. The total value locked in DeFi has plummeted from $99.497 billion to $86.286 billion, with Aave's TVL alone decreasing by $8.45 billion to $17.947 billion, according to DefiLlama. Data from various protocols reveals double-digit percentage declines, with Euler, Sentora, and Aave being among the most affected, primarily due to losses in lending, restaking, and yield strategies tied to the compromised collateral. The root cause of the issue lies in a $292 million exploit of Kelp's bridge, which allowed attackers to utilize stolen rsETH, a widely used liquid re-staking token in DeFi, as collateral to secure loans on lending platforms. As these stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, drawing parallels to deceiving a traditional bank by depositing fake fiat and taking out loans against it, ultimately leaving the lender with bad debt. In response, protocols have frozen affected markets, while panicked users have withdrawn funds, resulting in a broad decline in total value locked. However, token prices have been less severely impacted, with the AAVE token experiencing a 2.5% decline over 24 hours, while UNI and LINK have dropped by less than 1% over the same period, according to CoinDesk market data. Peter Chung, head of research at Presto Research, noted that the incident highlights the risks associated with cross-chain infrastructure, particularly in verification systems used by bridges. Preliminary analysis suggests that the issue may have originated in the verification layer rather than in the smart contracts themselves. Chung also emphasized that the episode demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.