DeFi TVL Falls 14% Following KelpDAO Bridge Exploit

EthanBrooks

Security Incidents On-Chain Data Exchange Risk

2026-05-26 20:52:55

ZRO-3.88%

Total value locked across DeFi categories has declined approximately 14% since mid-April, falling from roughly $172 billion to $148 billion. The decline coincides with the KelpDAO bridge exploit on April 18, which has cast a broader shadow over DeFi sentiment beyond the incident itself. On April 18, attackers reportedly linked to North Korea's Lazarus Group exploited KelpDAO's LayerZero bridge, stealing approximately $292 million (116,500 rsETH). The attack targeted off-chain infrastructure rather than smart contract vulnerabilities, manipulating internal RPC nodes and overwhelming external validators to feed false data into a single-point-of-failure verification setup, tricking the destination chain into releasing funds against a phantom burn on the source chain.

DeFi Sectoral Impact

Lending, the largest DeFi category, experienced the steepest decline, falling from approximately $53 billion to $40 billion over the period. Liquid restaking protocols also recorded notable declines.

Attack Mechanism Details

The KelpDAO exploit targeted LayerZero's bridge infrastructure through a compromise of off-chain systems. Attackers manipulated internal RPC nodes and overwhelmed external validators to inject false data into a verification setup with a single point of failure. This mechanism tricked the destination chain into releasing funds against a phantom burn recorded on the source chain, rather than exploiting a smart contract vulnerability.

Market Sentiment and Capital Withdrawal

Outflows have persisted for over five weeks following the exploit. Users who exited following the attack have largely not returned, indicating a broader withdrawal of marginal capital rather than a technical re-rating of specific protocols. The pattern reflects how high-profile infrastructure failures reduce risk appetite across the DeFi sector rather than remaining contained to the affected protocol.

Evolving DeFi Risk Surface

The KelpDAO attack highlights a shift in DeFi's threat landscape. As smart contract security has improved, off-chain infrastructure has emerged as a more exploitable layer—a risk that existing monitoring frameworks are still catching up to.

View Source

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.