DeFi Sector Suffers $13 Billion Loss in 48 Hours Following KelpDAO Exploit

A massive exodus of capital is underway in the decentralized finance ecosystem, triggered by the recent KelpDAO protocol exploit over the weekend. Aave, a prominent DeFi lending platform, has witnessed a substantial decline of $8.45 billion in deposits within the past 48 hours, contributing to a broader decline of $13.21 billion in total value locked across DeFi. Total value locked, a widely used metric to gauge liquidity and overall market activity, refers to the combined dollar value of crypto assets deposited across DeFi protocols. The total value locked across DeFi has plummeted from $99.497 billion to $86.286 billion, with Aave's TVL dropping by $8.45 billion to $17.947 billion over the same period, according to data from DefiLlama. Protocol-level data reveals double-digit percentage drops across various platforms, including Euler, Sentora, and Aave, with losses primarily concentrated in lending, restaking, and yield strategies tied to the affected collateral. This downturn stems from a $292 million exploit of Kelp's bridge, which allowed attackers to utilize stolen rsETH, a widely used liquid re-staking token in DeFi, as collateral to borrow funds on lending platforms. Since these stolen tokens lacked legitimate collateral backing, borrowing against them created potential shortfalls for lenders, similar to deceiving a traditional bank by depositing fake fiat and taking out loans against it, ultimately leaving the lender with bad debt. In response, protocols have frozen affected markets, while panicked users have withdrawn funds, leading to a broad decline in total value locked. In contrast, token prices have moved less sharply than deposits, with the AAVE token down approximately 2.5% over 24 hours, while UNI and LINK are down less than 1% over the same period, according to CoinDesk market data. Peter Chung, head of research at Presto Research, noted in a report that the incident highlights the risks associated with cross-chain infrastructure, particularly in verification systems used by bridges. Preliminary analysis suggests that the issue may have originated in the verification layer rather than in smart contracts themselves. Chung added that the episode also demonstrates how interconnected DeFi protocols can transmit shocks beyond the initial point of failure, with withdrawal activity and market freezes extending to platforms without direct exposure to the exploit.