Depth reset Kelp DAO 2.92 billion in serial robbery: DeFi's risk and proceeds are severely mismatched, and where's the breach of encryption

DeFi’s sword of Damocles in the Dark Forest fell again in the few weeks following the $285 million hacking that took place at the beginning of the month。

In recent days, Kelp DAO was subjected to a catastrophic hacking of assets amounting to $292 million. Not only did the storm drain Kelp DAO's treasury, but DeFi's portfolio was quickly transmitted to the lending giant, Aave, which directly carried over $200 million in bad luck。

When the smoke spreads, the projecters fall into the door of each other. As a long-term deep-tilled agency-level digital asset compliance teamCactus CustodyConsiders that the technology fog of “RPC poisons”, the serial robbery, casts a very serious soul torture on the whole industry: is the current very low yield of DeFi at a serious mismatch with the very high risk? In a future-oriented wave of institutional management, has the complete “de-centreization” become a cover for security loopholes

I. Recovery of the robbery: Bottom poisoning, single-signing naked and hacking

The combination of official information and security experts was repeated, and the attack was a well-planned “downside strike”。

1. Attack method: RPC node (RPC Poisoning)

According to official LayerZero statements and analysis by experts such as slow fog cosine, the entry point for the attack was not a code gap in the smart contract itself, but the bottom RPC node was hijacked or contaminated by hackers. This led Layer Zero to receive and process forged malicious data during cross-chain transmissions。

2. Deadly defensive black holes: 1/1 single signature mechanism

However, mere nodal pollution is not enough to roll close to $300 million in an instant. As the encryption of KOL Richard Heart points out in blood: there is a 1/1 (separate) permission set at the heart of the matter. This means that the vault gate, which controls hundreds of millions of dollars of liquidity, is simply locked in an ordinary lock. Without locks and double checks and balances, when bottom data are contaminated, hackers get “invincible passes” and single-point breakthroughs complete a major transfer of epic funds。

3. Money tracing: the money-laundering network of Lazarus Group

The tracking analysis of the chain of well-known data agencies, Chainalysis and Wu, further confirms the identity of the attackers: suspected North Korean national hacker organization Lazarus Group. The data from Chainalysis show that stolen funds have been systematized at a very high level in a very short period of time and have been quickly transferred to the ITA host network through typical Korean hacker money-laundering routes such as the Trans-chain Bridge and the Mixer. The entry of this state-level APT organization makes the already fragile DeFi line of defense as a piece of paper。

II. The sit-in effect and the Roma Gate: the systemic vulnerability of DeFi Lego

After the accident, a farce about “who is responsible” began。

• Kelp DAO and LayerZero tore each other: Kelp DAO pointed the spear at LayerZero, believing that its breach in the cross-chain infrastructure caused the disaster, while LayerZero insisted that the cross-chain agreement was intact and was mistaken for the project ' s blind trust in the RPC node data。
• The most dramatic and thought-provoking is the situation of Aave. As Kelp DAO assets (e.g. rsETH) were widely used as collateral in Aave, the theft of Kelp DAO immediately resulted in the value of the collateral being zero. As many industry observers have said, “It's not weird, Aave”. Aave's line of defense was “discovered” from the outside by the eco-partners, and although aave will use the Umbrella protection fund to make up for the damage, this has exposed DeFi Lego's “continue” crisis。

This also confirms the warnings of the Chainlink community, Zach Rynes, that Restaking is adding too much leverage to the Etherwood, and that the systemic damage will be immeasurable if the bottom collapses。

III. Soul torture: Have the gains and risks of DeFi been seriously mismatched

In this wave, OneKey’s Yishi put forward a critical point: the market will soon revalue the risks。

For a long time, the diaspora and institutions have been chasing single-digit APYs (annualized rates of return) or non-existent points of "Points" in DeFi, with 100 per cent of the principal at zero risk. This risk and the serious mismatch of returns are masked in the zeal of the cattle market, but are exposed to the machete of hackers。

The deeper reason is that the DeFi agreement generally uses a “low rate” model in order to compete for TVL (total lock volume). The modest amount of agreement revenue simply does not support the high level of security investment needed to resist national hackers. The project is managing hundreds of millions of dollars of assets with a very simple “grass table”-type structure, essentially an unsustainable model of “privatization of proceeds, socialization of risks”。

IV. The future of institutionalized management: the imperative of compliance

When smart contracts and decentralised governance do not protect our principal, the industry must face a real problem: Is there a need for a renewed embrace of independent, professional, centralized compliance hosting for future-oriented institutionalized mass funding

In the context of Web3, it would appear that the introduction of “centralized trusteeship” is politically incorrect. But the tragedy of Drift Protocol and Kelp DAO tells us that it is extremely dangerous to mix business logic (smart contract) with money custody (private key control)。

For DeFi projecters, public-chain foundations and institutional investors who manage huge amounts of money, the introduction of compliance custodians like Cactus Custody is not just a historical setback, but a necessity for financial infrastructure to mature:

Dismantling single point failure and separation of authority and responsibility

The protocol developers should focus on innovation in business logic, leaving the custody of the treasury and core assets to an independent compliance custodian. Host service providers generally have a well-established corporate-level wind control structure and approval stream, completely eliminating 1/1 of the absurd “naked run” practices。

It's an attempt to be independent of chain logic

HACKERS CAN CHEAT ON THE RPC NODE, TAKE ADVANTAGE OF CODE LOOPHOLES, BUT CANNOT CROSS THE INDEPENDENT WIND CONTROL ENGINE OF THE COMPLIANCE TRUST. WHEN THE SYSTEM DETECTS AN ABNORMAL TRANSFER ORDER INVOLVING $292 MILLION, THE COMPLIANCE CUSTODIAN ' S WIND STRATEGY IS TO FORCIBLY INTERCEPT ON THE BASIS OF THE INTENT OF THE TRANSACTION, TO FORCE CUSTOMER CONFIRMATION, COMPLIANCE REVIEW AND MULTI-CHANNEL VERIFICATION, AND TO KEEP THE FUNDS AT THE LAST GATE。

Insolvency isolation and fiduciary protection

As a licensed compliance trustee, Cactus Custody is subject to strict regulation, with the customer ' s assets physically and legally isolated from those of the company operating (insolvency). This type of fiduciary protection at the financial level is the trust base that no decentrized code can provide。

Concluding remarks

Kelp DAO's $292 million not only buys a painful lesson, but also breaks the false prosperity of the reincarnation track. DeFi has to move away from the “workshop” model of financial management when the agency's big money comes in。

Security and wind control need to be supported by real money and silver and professional systems. In the future, DeFi agreements that do not have access to compliance custodians and that do not provide institutional asset protection will be abandoned by mainstream capital. The choice of a compliance hosting programme is not only a responsibility for assets but also a cornerstone for the long-term survival of agreements in the dark forest。