The rsETH crisis resulted in $200 million in bad debt on Aave’s books, despite not a single line of its contracts misbehaving.
On Apr. 18, attackers that Chainalysis preliminarily linked to Lazarus compromised RPC infrastructure, forced a failover to poisoned nodes via DDoS, and injected false data into a 1-of-1 DVN configuration on KelpDAO’s rsETH bridge.
The forged message released approximately 116,500 rsETH, and Aave’s incident report confirmed that Ethereum accepted nonce 308 while the Unichain source endpoint never advanced past 307.
The attacker supplied the compromised rsETH to Aave and borrowed against it, resulting in bad debt and serving as a frame for the current state of DeFi’s security.
Exploiters extracted over $635 million across 28 incidents in April, the worst monthly total in over a year. DefiLlama puts the cumulative historical cost of hacks at $16.5 billion, with $7.7 billion specifically targeting DeFi.
The high-profile exploits on Drift and the KelpDAO bridge resulted in DeFi losing nearly $11 bilion in total value locked last month.
That contraction occurred as stablecoin rails, tokenized treasuries, and regulated settlement layers gained institutional traction in the same capital markets.
How did DeFi end up here?
Mitchell Amador, CEO of Immunefi, told CryptoSlate that DeFi has historically rewarded growth, integrations, liquidity, and speed over security maturity.
A protocol that adds a new asset, bridge, oracle, adapter, or external dependency gains immediate utility. The risk that integration carries produces no visible price signal until an exploit materializes, because the absence of an incident is invisible while it holds.
That asymmetry kept audit cycles and isolation practices secondary to shipping velocity for years, until April concentrated the consequences into a single month.
Amador said the most overlooked practices were multisig hygiene and management, supply chain hardening, real-time monitoring, and emergency response procedures.
Too many teams treated multisig as a security solution in itself, when its actual strength depends on signer count, the independence of those signers, their operational setup, and the processes around transaction review.
A low-threshold multisig, weak signer security, or a poorly monitored bridge or oracle can become a systemic exposure because DeFi protocols are composable by default. In this landscape, risk travels through integrations as efficiently as liquidity does.
While that culture was forming inside DeFi, a different model was being built in parallel.
Solstice Finance CEO Ben Nadareski assessed:
“The gap in output per person tells you what happens when you strip away everything that isn’t the core financial function. The teams that win this round will be the ones built on compliance and security from day one, ready to ship faster than a bank can call a meeting about it.”
DeFi built composable rails for over half a decade before Wall Street recognized them as the actual infrastructure layer of the next financial system.
The cost of that early market position was a security culture calibrated for speed over operational discipline.
Kasper Pawlowski, CTO of Euler Finance, names the governance dimension of the same failure in his post-incident analysis.
He said:
“DeFi treats risk assessment as a one-time onboarding decision, when in reality risk is dynamic.”
The 1-of-1 DVN configuration that enabled the KelpDAO exploit existed in production for years. Kelp says it was the default LayerZero shipped and reviewed across multiple integration meetings, while LayerZero says Kelp downgraded to it.
Whichever account is accurate, the configuration persisted unflagged through every integration with every downstream protocol. LayerZero has since banned the configuration on a protocol-wide basis, acknowledging that allowing its DVN to act as the sole verifier for high-value transactions was a mistake.
| Stage | What happened | Why it mattered |
|---|---|---|
| RPC infrastructure compromised | Attackers compromised RPC infrastructure tied to the rsETH bridge setup | The attack began outside the core smart contracts, showing how off-chain infrastructure can become the entry point |
| DDoS forced failover | Traffic was pushed onto poisoned nodes through a forced failover | That let attackers control the data environment seen by the bridge verifier |
| False data injected into 1-of-1 DVN | Poisoned nodes fed false data into a single-verifier DVN configuration | A 1-of-1 verifier setup meant there was no independent check to stop the forged message |
| Forged bridge message accepted | The forged message released about 116,500 rsETH | Fake collateral was effectively minted into circulation |
| Fake rsETH supplied to Aave | The attacker deposited compromised rsETH into Aave as collateral | Aave treated the asset as valid and allowed borrowing against it |
| Borrowing created bad debt | The attacker borrowed other assets and left Aave with roughly $200 million in bad debt | Losses from a bridge failure migrated into a lending market and were socialized across the pool |
The more consequential point is that a critical bridge-security parameter was normalized across the entire dependency chain until a $292 million exploit surfaced it.
Pawlowski argued:
“The operational machinery DeFi has built — DAO governance, external risk service providers, and monthly review cycles — doesn’t move at the speed the underlying risk surface does. In many cases, the people doing the reviewing aren’t structurally independent of the assets they’re reviewing.”
That structural conflict produced the specific governance failure Pawlowski dissected. Aave’s 25,000 ETH treasury recovery proposal was authored by TokenLogic, a paid Aave service provider that publicly lists Kelp as a client and operates an Aave delegate platform.
For reference, TokenLogic is the same firm voting on its own proposals. On the same day Aave expanded rsETH to a 93% loan-to-value ratio in eMode, SparkLend deprecated the asset entirely, bundling the move with routine cleanup of underused positions.
Three months later, that routine pruning was the only separation between Spark’s depositors and the bad debt Aave now carries.
One protocol’s independent risk judgment outperformed another’s full-stack risk advisory apparatus. DeFi’s review machinery generated worse outcomes than a single asset manager doing portfolio hygiene.
What “here” means
Before the exploit, Aave was the largest DeFi protocol by total value locked, with over $26 billion in deposits.
Pawlowski noted:
“Aave was the gold standard. If Aave can carry $200 million-plus in bad debt from a bridge exploit on a different protocol, the market has to recalibrate what ‘safe’ actually means in DeFi lending.”
The pooled lending model is only as strong as its weakest accepted collateral, and when that collateral breaks, the entire shared pool absorbs the damage. The exposure reaches every depositor in the broader market, extending well past the vault that held the position.
| Protocol | Decision on rsETH | Risk posture | Outcome |
|---|---|---|---|
| Aave | Expanded rsETH to a 93% loan-to-value ratio in eMode | More aggressive onboarding and collateral treatment | Ended up exposed to the compromised asset and now carries bad debt |
| SparkLend | Deprecated rsETH as part of routine cleanup of underused positions | More conservative portfolio and listing hygiene | Avoided the exposure that later hit Aave |
Pawlowski pointed out that the structural reality had been “muted by years of ‘battle-tested’ and ‘blue-chip’ marketing.”
Amador broadened the exposure map beyond the mechanics of KelpDAO. The attack surface in DeFi now covers governance, signers, privileged roles, integrations, bridges, oracles, custody arrangements, and every external system a protocol depends on.
The most dangerous operational assumption a team can hold is that audited smart contracts equal a safe protocol. Immunefi’s own research shows that DeFi losses declined by as much as 80% over the last several years, because the sector hardened its code and attackers adapted.
Amador added that they now study the entire risk chain for the weakest points, and those points are now off-chain, governance-adjacent, or buried in dependency stacks that no single audit covers.
For institutions, April forced a specific reset. Amador described the checklist now: how admin keys are managed, who can pause markets, what dependencies exist, what the incident response process looks like, and how quickly a threat can be contained.
Pawlowski made the same point from the capital side, saying institutions will continue to enter on-chain credit because the demand for tokenized markets, transparent settlement, and programmable financial infrastructure is real.
However, the institutional investors will move toward isolated markets, permissioned or curated vaults, stricter asset onboarding, better insurance, continuous monitoring, and formalized emergency controls.
Aave Horizon, a permissioned market for tokenized securities and RWAs launched in August 2025, has grown to more than $440 million in deposits.
Morpho’s vault ecosystem added ARCHITECT, the first FINMA-licensed investment manager to curate vaults at scale, and Flowdesk launched an institutional AUSD vault in March 2026, using tokenized equities as collateral.
EY-Parthenon and Coinbase’s 2026 survey found 73% of institutional respondents plan to increase digital asset allocations this year, but 81% prefer registered vehicles. Capital is moving on-chain through curated, governed, and compliance-aware structures.
The regulated alternative is accelerating on the other side of that same preference.
The GENIUS Act created the first federal framework for US stablecoins, with mandatory 100% reserve backing, no rehypothecation, and custody standards that Nadareski said “read like something a compliance desk could approve.”
A Goldman Sachs survey found 35% of institutional investors named regulatory uncertainty their biggest blocker, and 71% said they would increase exposure once clarity arrived.
Nadareski said, “The floor is in place, the capital is waiting.” The CLARITY Act, which would define jurisdictional and custodian standards for digital assets, including tokenized securities, awaits consideration by the Senate Banking Committee as of May 14.
When that passes, Nadareski argued that “the last item on most institutional checklists gets checked off. The waiting ends.” DeFi is competing for institutional capital against a nearly complete regulatory framework.
How DeFi resurges
Pawlowski named the full list of DeFi recovery tools: governance combined with proper market isolation, automated and AI-assisted risk monitoring, selective timelocks on parameters that warrant them, circuit breakers, KYC when required by regulation, application-specific sequencing, and policy-aware block builders.
He added:
“What’s been missing is the willingness to use them, because every one [of the tools] involves a tradeoff against the maximalist version of decentralization the industry has marketed itself on.”
Abandoning that marketing position is the starting point, but it’s not easy.
Pawlowski noted that “the crypto industry has spent years pretending it can have everything”, such as full decentralization, censorship resistance, institutional-grade safety, and retail accessibility, without tradeoffs.
It was “that fantasy that produced the conditions for these exploits.” A regulated institutional credit facility on-chain is a different product from a permissionless retail lending market, and governing both under the same orthodoxy created the conditions that let aggressive rsETH listings clear governance while structural bridge-security parameters sat unflagged for years.
Pawlowski believes the structural fix requires ending “the conflicts that let aggressive listings get waved through low-turnout governance votes by service providers with commercial relationships on both sides of the trade.”
SparkLend’s independent pruning, versus Aave’s eMode expansion on the same day, is proof that different risk philosophies yield different outcomes.
DeFi needs to institutionalize that distinction, build governance structures around it, and make the tradeoffs explicit to every user and institution evaluating the protocol.
Amador’s operational prescription attacks the same problem from the execution layer.
DeFi must professionalize security in the same way it professionalized liquidity incentives via continuous audits, live bug bounty programs, formal verification where appropriate, independent security councils, stronger multisig thresholds, hardware-backed key management, real-time monitoring, public incident response playbooks, and mandatory risk reviews for every major integration.
Circuit breakers and isolation mechanisms should be built so that losses from a compromised asset, adapter, or dependency stay bounded within the affected market.
The benchmark for evaluating protocols should expand to cover security posture alongside yield and total value locked: who audited it, what the active bounty size is, how admin keys are managed, what dependencies exist, what the emergency procedure covers, and how quickly a threat can be contained.
Users and institutions should be able to compare protocols on those dimensions the way they compare APR.
| Capability | Why it matters | What it looks like in practice |
|---|---|---|
| Market isolation | Prevents one compromised asset or dependency from contaminating a shared pool | Isolated markets, curated vaults, bounded-loss design |
| Governance independence | Reduces conflicts in asset onboarding and risk decisions | Independent risk councils, external review, lower-conflict voting structures |
| Real-time monitoring | Helps detect fast-moving failures before losses spread | Live monitoring, AI-assisted surveillance, dependency tracking |
| Emergency controls | Gives protocols a way to contain incidents quickly | Circuit breakers, timelocks, pause functions, emergency councils |
| Stronger key management | Reduces admin-key and signer risk | Higher multisig thresholds, hardware-backed keys, better signer hygiene |
| Continuous security review | Keeps risk assessment dynamic rather than one-time | Mandatory reviews for major integrations, recurring audits, formal verification where appropriate |
| Incident response readiness | Improves containment and recovery when something breaks | Public response playbooks, recovery guardians, predefined recovery procedures |
| Security transparency | Lets users and institutions compare protocols beyond yield | Clear disclosure of audits, bounty size, dependencies, admin controls, and response plans |
A reform is already underway, as KelpDAO has begun migrating rsETH to Chainlink CCIP, LayerZero has banned 1-of-1 verifier configurations protocol-wide, and Aave Proposal 477 authorized liquidation of attacker positions, with recovered assets routed to a Recovery Guardian multisig.
Phase II of that proposal covers burning excess rsETH on Arbitrum, restoring bridge backing, reopening withdrawals, and compensating affected users.
Arbitrum’s Security Council separately froze 30,766 ETH tied to the attacker’s downstream funds.
That recovery required emergency councils, DAO votes, multisigs, and court proceedings, comprising a crisis-management stack drawn from the institutional finance playbook, deployed within a system that describes itself as permissionless.
DeFi reaches for those tools when losses get large enough, and protocols can embed them in advance or reconstruct them while a crisis unfolds.
DeFi’s case for composability
Nadareski identified the specific prize at stake for institutions choosing between DeFi and regulated alternatives.
Compliance officers want circuit breakers, time-locks, and custody standards that match their existing playbooks, and Wall Street has been building that wrapper for years.
Nadareski said:
“The banks that move fastest will be the ones that stop trying to build everything in-house. Spinning up on-chain settlement with legacy teams puts you at 2028 if everything goes right. The play that ships this year is pairing established distribution and customer relationships with teams who already have the rails built.”
Composability is DeFi’s strongest argument for keeping the rails it built. A single protocol that executes a trade, manages collateral, routes liquidity, and automatically settles a transaction within seconds represents a capability that traditional finance can only replicate by rebuilding from the ground up.
Composability works as an institutional argument only if failures stay local. Once a bridge verifier, a governance vote, or a compromised oracle can transmit losses across shared liquidity pools at scale, composability operates as contagion infrastructure.
Amador noted:
“Trust the code is not enough when protocols depend on bridges, multisigs, governance processes, or external assets. The new standard has to be: assume every layer can fail, and design systems so one failure does not cascade into the entire market.”
Pawlowski framed the necessary changes as “growing up,” describing a sector that must accept and publish explicit tradeoffs, build genuinely independent governance structures, and make security a product feature that users and institutions can evaluate and compare.
DeFi built the composable infrastructure that tokenized markets are now adopting. Stablecoin rails, lending primitives, and liquidity mechanisms that originated inside permissionless DeFi are being packaged into products that Wall Street is shipping under regulatory cover.
If DeFi builds the operational maturity to match its technical architecture, composability remains the one capability beyond the reach of regulated wrappers. If DeFi fails to build that maturity, Wall Street captures the stablecoin and tokenization layer and, with it, the argument that open composable finance lacked the operational discipline serious capital requires.
