Charles Hoskinson, founder of Cardano, used his latest livestream to turn the April 18 KelpDAO exploit into a broader warning for DeFi designers: this wasn’t simply “another bridge failure” — it exposed how restaking, cross‑chain messaging, and lending rails can amplify a single compromise into system‑wide contagion.
What happened
- The attacker drained roughly 116,500 rsETH from KelpDAO’s Ethereum escrow — about $292 million by reported estimates.
- Rather than immediately selling the stolen staked‑ETH token, the attacker allegedly posted the rsETH as collateral in lending markets to borrow liquid assets. That move converted the theft into “poisoned” collateral circulating across protocols and triggered a broader liquidity shock.
Hoskinson’s read
- Hoskinson argued the root problem wasn’t KelpDAO’s application code or a simple smart‑contract bug in LayerZero. Instead, he highlighted a forged cross‑chain message that was accepted as legitimate and released funds on Ethereum.
- He said the real weakness is the verification layer and the complex interdependencies that sit between protocols — especially in stacks built from staking wrappers, restaking services, bridges, and lending venues.
- A key design choice drew his ire: KelpDAO reportedly used a one‑of‑one verifier setup (a single active DVN). Hoskinson called this an “unacceptable single point of failure,” advocating multi‑verifier models (for example, three‑of‑five) as best practice. “The failure was in the verification logic, not the application logic,” he said. “Kelp did everything right from their contracts… It’s the bridge configuration.”
Explaining the exploit
- Rather than a dry postmortem, Hoskinson said he converted internal incident reports into an AI‑generated website to walk viewers step‑by‑step through the mechanics of the attack. That walkthrough framed his core argument: the attack began with a forged cross‑chain message, not broken math in the app layer.
Conflicting root‑cause narratives
- Hoskinson noted the industry still lacks a single, settled account of responsibility. He pointed to three separate root‑cause analyses — from LayerZero, KelpDAO, and a thread tied to LlamaRisk and Aave governance — that don’t fully agree. That leaves open whether the break occurred in the messaging layer, verifier setup, KelpDAO’s acceptance logic, or in the seams between them.
Why the contagion mattered
- The aftermath is what, in Hoskinson’s view, makes this incident novel: the stolen rsETH entered lending markets as collateral, spreading the shock across balance sheets and triggering fast TVL outflows. He described it as a bank run that contributed to roughly $13 billion of TVL being pulled in a very short time after a ~$290 million hack.
- Hoskinson cited public reporting in his walkthrough, saying at least nine protocols were directly affected. He said Aave alone saw between $6.6 billion and $8.45 billion in losses, and rsETH traded in a volatile band of about $1,600 to $2,500 in the 24 hours after the incident.
Attribution and other notes
- Hoskinson raised the possibility of Lazarus‑group involvement but acknowledged that attribution remains unconfirmed and no independent forensics firm had proven it at the time of his remarks.
- For context, rsETH is a representation of staked ETH used across DeFi. The mechanics of such wrapped staked assets — and their acceptance as collateral across chains — are central to how a single compromise can ripple through lending markets.
Market snapshot
- At press time, Cardano (ADA) traded at $0.2504.
Takeaway
Hoskinson frames the KelpDAO incident as a warning shot: as DeFi becomes more interconnected via restaking, bridges, and cross‑chain messaging, verification architecture and trust assumptions are the new critical attack surface. The industry, he argues, needs clearer norms around verifier design, messaging proofs, and how protocol stacks accept and police collateral — or risk more single faults cascading into systemic crises.
Read more AI-generated news on: undefined/news
