|

What the Kelp DAO Exploit Reveals About Bitcoin Lending

What the Kelp DAO Exploit Reveals About Bitcoin Lending
What the Kelp DAO Exploit Reveals About Bitcoin Lending

In April, an attacker drained 116,500 rsETH, roughly $292 million, from Kelp DAO’s LayerZero-powered cross-chain bridge. LayerZero attributed the assault to North Korea’s Lazarus Group, particularly the sub-group often known as TraderTraitor.

Incidents like these spotlight a well-known sample that we’re recognizing: every new exploit turns into “proof” that on-chain lending and collateralized borrowing are inherently fragile, and that the class ought to decelerate. But that proof is pointing to the incorrect conclusion.

Demand for on-chain, self-custodial lending is one among the strongest product indicators for Bitcoin. The Kelp DAO exploit merely demonstrates that constructing on networks apart from Bitcoin and Bitcoin-derived codebases like Liquid are the incorrect basis for it.

What Happened at Kelp DAO

Kelp DAO’s bridge used a LayerZero configuration with a single verifier answerable for validating cross-chain messages earlier than releasing funds.

  • The attacker compromised two remote procedure call (RPC) nodes that fed information to the verifier.
  • They then used a denial-of-service assault to pressure the verifier right into a failover state the place it accepted cast messages from the compromised RPCs as respectable.
  • Once the verifier signed off, the bridge launched 116,500 rsETH, about 18% of circulating provide.

The fallout went past Kelp itself. The 116,500 rsETH the attacker now held may very well be deposited as collateral on AAVE v3 and different main lending markets to borrow towards. AAVE v3’s pooled lending structure interconnects collateral and borrow markets, with rsETH securing borrowings towards USDT, USDC, ETH, and different property in shared liquidity swimming pools, so each market with rsETH publicity turns into questionable concurrently. Lending markets together with Aave, SparkLend, and Fluid froze rsETH-backed positions, and customers withdrew throughout the board. According to a post-mortem report, greater than $13 billion in whole worth locked (TVL) exited varied platforms in the two days that adopted.

The incident uncovered three distinct failures: 

  1. A verifier configuration that concentrated belief in a single signer
  2. Third-party RPC infrastructure handled as a dependable enter to that signer
  3. A pooled lending surroundings the place stolen collateral may amplify into industry-wide contagion by way of interconnected liquidity swimming pools.

How Liquid and Simplicity Localize Risk

Blockstream designed Liquid with three architectural selections, every addressing a definite failure mode that has pushed losses throughout on-chain lending:

The Liquid Federation distributes signing throughout a multi-signer functionary set. Liquid is secured by a globally distributed federation of greater than 85 entities, with block manufacturing and peg-out signing unfold throughout 15 unbiased operators moderately than concentrated in a single node. The peg holds the bitcoin backing all LBTC in circulation beneath the federation’s distributed multisig, the place no single member can unilaterally transfer funds. Proof of reserves and the Liquid Federation’s wallet are verifiable and self-auditable for anybody operating a Liquid node. There is not any equal to the single-verifier configuration that failed at Kelp DAO.

Simplicity prevents whole courses of good contract bugs. Simplicity is a great contract language that’s been live on Liquid mainnet since July 31, 2025. Every Simplicity program has its execution value statically computed earlier than it runs. There aren’t any unbounded loops, no international mutable state, and no dynamic reminiscence allocation. The class of bugs that produces reentrancy assaults and oracle manipulations by way of unbounded callbacks in EVM-style contracts can not occur on Simplicity. Simplicity has a proper specification, and verification of the runtime implementation is an ongoing effort. Contracts authored in SimplicityHL inherit the language’s structural security properties by way of compilation.

Of course, Simplicity doesn’t eradicate each failure mode. Business-logic bugs, key compromise, and unhealthy oracle information nonetheless apply, and any lending market on Liquid should defend towards them.

Blockstream’s lending structure is peer-to-peer, not pool-based. AAVE v3’s pooled liquidity mannequin interconnects collateral and borrow markets, so when rsETH grew to become questionable as collateral, each market uncovered to it needed to freeze concurrently. On the different hand, Blockstream Research’s simplicity-lending protocol is peer-to-peer. Each mortgage is a discrete spending situation with its personal collateral and counterparty, with no shared liquidity swimming pools that interconnect lending markets, so a failure in a single mortgage doesn’t propagate to others. The protocol may in precept assist shared swimming pools as a future function, however its core design is remoted, market-by-market lending.

What Blockstream Is Building on This Foundation

Lending on Liquid will not be a forecast. Mifiel has cleared more than $2 billion in tokenized lending on Liquid since 2023, with promissory notes issued and settled natively. Fully collateralized choices contracts have been demonstrated on Liquid since February 2023 using covenant-based smart contracts, with no custodial intermediaries; these are reference implementations of the structure moderately than retail-facing markets, that are nonetheless to return.

The subsequent layer is in lively improvement. Blockstream Research’s simplicity-lending repository is the early scaffold for a peer-to-peer lending protocol the place every mortgage runs as a discrete SimplicityHL contract, collateral is held beneath spending situations enforced by the Simplicity runtime, and there’s no bridge, no shared pool, and no verifier whose compromise releases funds independently of consensus. The parallel simplicity-dex work covers oracle-free choices buying and selling on the similar substrate.

The structure described right here is already in manufacturing. Liquid carries greater than $5 billion in whole worth, with native USDT, native LBTC, and a rising set of issued property. Simplicity is stay and getting used to construct vaults, choices, and lending primitives by groups inside and outdoors Blockstream.

Right Direction, Wrong Execution

The intuition to construct self-custodial lending and collateralized borrowing is right. Holders need their bitcoin, their stablecoins, and their different property to do helpful work with out surrendering custody to a centralized counterparty. That demand is one among the clearest product indicators in the on-chain economic system, and it’s not going away.

The Kelp DAO exploit highlights the detrimental value of constructing lending on infrastructure that concentrates belief in a single verifier, is dependent upon third-party RPC nodes as a essential sign supply, and swimming pools collateral and borrow markets in a means that lets a single asset compromise cascade throughout the whole ecosystem. A special, higher basis already exists and is operating in manufacturing. The functionary federation spreads signing authority throughout many unbiased operators moderately than concentrating it in a single node; Simplicity prevents whole courses of good contract bugs at the language stage; and Blockstream Research’s simplicity-lending protocol is peer-to-peer with remoted loans, so a failure in a single place can not propagate throughout the complete protocol.

Builders engaged on self-custodial lending have a path ahead that doesn’t require any of the architectural selections that failed at Kelp DAO. Giving holders productive use of their property with out surrendering custody is the proper path ahead, however it must stay on Bitcoin’s robust basis to make sure it has the safety and sustainability to succeed long-term.

Build on a Foundation Designed for High-Assurance Lending

For builders, establishments, and builders evaluating on-chain lending structure:

Similar Posts