DeFi Suffers $13 Billion Loss in 48 Hours Following KelpDAO Breach

A significant decline in capital is being witnessed in the decentralized finance sector after a recent exploit of the KelpDAO protocol over the weekend. A leading DeFi lending platform, Aave, has experienced a substantial loss of $8.45 billion in deposits within the last 48 hours, contributing to a broader decline of $13.21 billion in total value locked across DeFi. The total value locked is a measure of the combined dollar value of cryptocurrency assets deposited across various DeFi protocols and serves as an indicator of market liquidity and activity. Within the same time frame, total value locked across DeFi dropped from $99.497 billion to $86.286 billion, while Aave's TVL decreased by $8.45 billion to $17.947 billion, according to data from DefiLlama. A closer examination of protocol-level data reveals double-digit percentage declines across multiple platforms, including Euler, Sentora, and Aave, with the majority of losses concentrated in lending, restaking, and yield strategies tied to the affected collateral. This downturn stems from a $292 million exploit of Kelp's bridge, which allowed attackers to utilize stolen rsETH, a widely used liquid re-staking token in DeFi, as collateral to secure loans on lending platforms. Since these stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, similar to deceiving a traditional bank by depositing fake fiat and taking out loans against it, ultimately leaving the lender with bad debt. In response, protocols froze the affected markets, while panicked users withdrew their funds, resulting in a broad decline in total value locked. However, token prices have not moved as sharply as deposits, with the AAVE token experiencing a decline of about 2.5% over 24 hours, and UNI and LINK seeing less than a 1% decrease over the same period, according to CoinDesk market data. Peter Chung, head of research at Presto Research, noted in a report that the incident highlights the risks associated with cross-chain infrastructure, particularly in the verification systems used by bridges. Preliminary analysis suggests that the issue may have originated in the verification layer rather than in the smart contracts themselves. Chung also added that the episode demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.