DeFi Sector Suffers $13 Billion Loss in 48 Hours Following KelpDAO Breach

A major downturn is sweeping through the decentralized finance (DeFi) space after the KelpDAO protocol was compromised over the weekend. In the past 48 hours, Aave, a leading DeFi lending platform, has seen a staggering $8.45 billion in deposit withdrawals, contributing to a broader decline of $13.21 billion in total value locked (TVL) across DeFi. TVL, which represents the combined dollar value of cryptocurrency assets deposited across DeFi protocols, is a key indicator of liquidity and market activity. According to DefiLlama, the total value locked in DeFi has plummeted from $99.497 billion to $86.286 billion, with Aave's TVL alone decreasing by $8.45 billion to $17.947 billion. Data at the protocol level reveals double-digit percentage drops across various platforms, including Euler, Sentora, and Aave, with the majority of losses concentrated in lending, restaking, and yield strategies tied to the affected collateral. The crisis originated from a $292 million exploit of Kelp's bridge, which allowed attackers to utilize stolen rsETH, a widely used liquid re-staking token in DeFi, as collateral to secure loans on lending platforms. Since these stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, similar to deceiving a traditional bank by depositing counterfeit fiat and taking out loans against it, ultimately leaving the lender with bad debt. In response, protocols have frozen affected markets, while panicked users have withdrawn funds, leading to a broad decline in total value locked. However, token prices have been less severely impacted, with the AAVE token experiencing a 2.5% decrease over 24 hours, and UNI and LINK dropping less than 1% over the same period, according to CoinDesk market data. Peter Chung, head of research at Presto Research, noted that the incident highlights the risks inherent in cross-chain infrastructure, particularly in the verification systems used by bridges. Preliminary analysis suggests that the issue may have originated in the verification layer rather than in the smart contracts themselves. Chung also emphasized that the episode demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.