Kelp Hack Drains $293 Million, Sparks Warning on DeFi Contagion Risk

Source
Suehyeon Lee

Summary

  • DeFi protocol Kelp said it suffered a hack worth about $293 million and temporarily paused smart contracts tied to rsETH.
  • The hack prompted at least nine DeFi platforms, including Aave and Compound, to freeze rsETH markets and take risk-response measures, raising concerns over contagion between protocols.
  • Industry participants said non-isolated lending structures and cross-chain bridges were key weak points for risk transmission, and that DeFi platforms need to verify single points of failure (SPOF) and potential attack routes before approving collateral assets.

Forecast Trend Report by Period

Loading IndicatorLoading Indicator
Photo: Shutterstock
Photo: Shutterstock

The hack of decentralized finance protocol Kelp has renewed concerns that interconnections among protocols can amplify risk across the broader market.

Cointelegraph reported on April 19 that Kelp suffered a cyberattack that drained about $293 million. The protocol temporarily paused smart contracts tied to its restaking token rsETH and launched an investigation into the cause.

Industry participants are treating the episode not as an isolated breach at a single protocol, but as a case of contagion. Blockchain security firm Cyvers said the incident was more than a simple hack, describing it as one that spread rapidly across multiple protocols.

At least nine DeFi platforms, including Aave, Compound, Euler, SparkLend and Fluid, were affected. They froze rsETH markets or took other measures to contain risk.

Michael Egorov, founder of Curve Finance, highlighted the risks of non-isolated lending structures. In those setups, multiple tokens are used together as collateral in a single pool, allowing trouble in one token to spread to other assets. Risks tied to a range of collateral tokens can then ripple across an entire platform. Asset transfers through cross-chain bridges were identified as a key vulnerability in the attack.

Cross-chain structures are complex and carry substantial risks, Egorov said, adding that they should be used cautiously and only when unavoidable. He also said DeFi platforms should thoroughly examine single points of failure, or SPOFs, and potential attack vectors before approving collateral assets.

Cyvers echoed that view, saying the core issue was not just smart-contract security but how quickly risk can spread through links between protocols.

DeFi hacking incidents have continued to mount. Before the Kelp breach, Solana-based derivatives exchange Drift Protocol suffered a hack worth about $280 million, and at least 12 attacks have been reported so far this month. Losses from hacks, exploits and fraud totaled $482 million in the first quarter, according to the report.

Suehyeon Lee

Suehyeon Lee

shlee@bloomingbit.ioI'm reporter Suehyeon Lee, your Web3 Moderator.
hot_people_entry_banner in news detail bottom articleshot_people_entry_banner in news detail mobile bottom articles
What did you think of the article you just read?




PiCK News

Pakistan in Contact With US, Iran to Restart Talks as Early as Tuesday, AP Reports

13 minutes ago
Pakistan in Contact With US, Iran to Restart Talks as Early as Tuesday, AP Reports

Vance Heads to Pakistan as US-Iran Talks Stall Over Ship Seizure, Hormuz

1 hours ago
Vance Heads to Pakistan as US-Iran Talks Stall Over Ship Seizure, Hormuz

LayerZero to Unlock 2.4% of ZRO Token Supply on April 20

3 hours ago
LayerZero to Unlock 2.4% of ZRO Token Supply on April 20

U.S. Spot Bitcoin, Ether ETFs Post Biggest Weekly Inflows Since Mid-January

3 hours ago
U.S. Spot Bitcoin, Ether ETFs Post Biggest Weekly Inflows Since Mid-January

US Spot Bitcoin ETFs Extend Inflow Streak to Three Days as Assets Near $100 Billion

3 days ago
US Spot Bitcoin ETFs Extend Inflow Streak to Three Days as Assets Near $100 Billion

Trending News