DeFi Sector Loses $13 Billion in 48 Hours Following KelpDAO Breach

A massive exodus of capital from the decentralized finance ecosystem has occurred in the wake of the KelpDAO protocol exploit over the weekend. Aave, a leading DeFi lending platform, has seen a substantial decline of $8.45 billion in deposits over the past two days, contributing to a broader decline of $13.21 billion in total value locked across DeFi. Total value locked, which measures the combined dollar value of crypto assets deposited in DeFi protocols, is a key indicator of liquidity and market activity. According to DefiLlama, the total value locked in DeFi decreased from $99.497 billion to $86.286 billion, with Aave's TVL declining by $8.45 billion to $17.947 billion during the same period. Protocol-level data reveals double-digit percentage drops across multiple platforms, including Euler, Sentora, and Aave, with the majority of losses concentrated in lending, restaking, and yield strategies tied to the affected collateral. The exploit, which involved a $292 million breach of Kelp's bridge, allowed attackers to utilize stolen rsETH, a widely used liquid re-staking token in DeFi, as collateral to borrow funds from lending platforms. As the stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, similar to deceiving a traditional bank by depositing fake fiat and taking out loans against it, ultimately leaving the lender with bad debt. In response, protocols froze affected markets, while panicked users withdrew funds, resulting in a broad decline in total value locked. Token prices have been less affected, with the AAVE token experiencing a decline of approximately 2.5% over 24 hours, and UNI and LINK declining by less than 1% during the same period, according to CoinDesk market data. Presto Research head of research, Peter Chung, noted in a report that the incident highlights the risks associated with cross-chain infrastructure, particularly in the verification systems used by bridges. Preliminary analysis suggests that the issue may have originated in the verification layer rather than the smart contracts themselves. Chung added that the episode demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.