Gm, Aleks here. 

The crypto mood is grim.

At $293 million stolen, this weekend’s Kelp DAO-LayerZero exploit is the 10th largest in the DefiLlama database. Last year’s Bybit heist was nearly five times larger.

And yet it has triggered a crisis of confidence that might surpass the gloom of 2022, when people were genuinely afraid that crypto might not survive a series of multibillion-dollar bankruptcies that dragged Bitcoin to $16,000.

So, what could be worse than death? Why is the mood so foul? After all, Bitcoin has gone up over the past week.

Across X, the industry watercooler, crypto developers and investors are posting with the stunned tone of people who think they’ve spotted a lie — that the tradeoffs inherent in decentralised technology aren’t worth the trouble, and, in any case, the technology isn’t all that decentralised when push comes to shove.

Crypto investor Jon Wu summed it up this way (punctuation added for legibility): “Man, I know DeFi is not fully over, but it feels over. And not in the normal bear market kind of apathy-and-zero-vol-dead-chart kind of way — in the, ‘I don’t know, maybe atomic composability of arbitrary financial instruments secured by one-of-ones was a mistake’ kind of way.”

The Solana Foundation’s Seraphim Czecker put it more succinctly: “Feels like DeFi’s Lehman moment,” he wrote, in a nod to Lehman Brothers, a major US investment bank that collapsed in 2008, setting off the financial crisis that led to the Great Recession.

Now, DeFi developers need to improve the technology’s risk profile, wrote investor Simon Dedic, who called security “one of the most underfunded and least exciting verticals to work in.”

“The risk-reward ratio of DeFi simply isn't attractive enough anymore,” he wrote. “DeFi was actually supposed to eliminate the risk of a middleman and make finance more secure by letting you take control of your own assets. But it feels like we've achieved the exact opposite.”

The hack impacted Kelp DAO, of course, but it also led to the accumulation of bad debt on Aave. So many users have fled Aave — deposits have fallen nearly 40% over the past seven days — that it has lost the title of “largest DeFi protocol,” ceding it to Lido.

The hacker or hackers made off with more than 116,000 rsETH and almost took another 40,000 worth $92 million. But they were blocked by Kelp DAO, which paused relevant smart contracts in the nick of time.

The hacker swapped the stolen crypto on decentralised exchanges and borrowed against it on lending protocols, like Aave, using Ethereum and Arbitrum.

Kelp DAO wasn’t the only organisation that took action. Aave froze rsETH reserves. And, in a near-unprecedented move, Arbitrum’s 12-member security council froze about 31,000 Ether worth $72 million sitting on the blockchain.

Griff Green, a member of the security council, said he and his colleagues did not make the decision lightly.

Arbitrum founder Steven Goldfeder called it “one of the most complex decisions ever made in Arbitrum governance history.”

“This process was extremely distributed and coordinated by independent actors,” he wrote. “In a world where security councils exist, Arbitrum’s is a masterclass.”

Security researcher Taylor Monahan celebrated the move.

But crypto attorney Gabriel Shapiro noted that freezing funds to reverse a hack calls into question the entire concept of DeFi, which was meant to enable peer-to-peer finance, to remove middlemen with the power to censor transactions, good or bad.

Arbitrum’s decision opens up a whole new can of worms, according to Curve Finance founder Michael Egorov.

“Many will probably re-evaluate whether using Arbitrum is safe after this,” he wrote. “Also if they can freeze anyone — hard to argue that some TradFi regulations are not applicable to the chain itself. It is not neutral infrastructure.”

He suggested an industry powwow to come up with best practices for securing DeFi protocols.

A pseudonymous Yuga Labs employee who, aptly in this moment, goes by “Quit,” said the solution is simpler than freezes and security convocations. The solution is to stop being a degen, seeking exotic, layered, yield bearing assets.

“Confidence in DeFi is at an all time low right now,” Quit wrote. “We need to go back to basics. No reason somebody looking to deposit ETH to borrow USDC should be vulnerable to contagion from a bridge for liquid restaked rsKxyzstETH.”

Top DeFi stories of the week 🤖 

Latest from DL Research

This week in DeFi governance ⚖️ 

VOTE: Morpho votes to authorise incentives on Tempo


PROPOSAL: Aave DAO debates pausing tokens to address Kelp DAO hack


PROPOSAL: Lido DAO debates proposal to increase transparency and consistency in node operator assessment
 

Post of the week 💥

As noted above, the catastrophic Kelp DAO hack has many people dancing on crypto’s grave. 

Got a tip about DeFi? Reach out at [email protected]

DL News is an independent news organisation that provides original, in-depth reporting on the largely misunderstood world of cryptocurrency and decentralised finance. From original stories to investigations, our journalism is accurate, honest and responsible.

Forwarded by a friend? Subscribe here.