KelpDAO Exploit Sparks $14.17B DeFi Outflows
KelpDAO exploit on April 18 drained about $300 million and triggered $14.17 billion in DeFi withdrawals, cutting total value locked to $85.32 billion and hitting Aave for roughly $8 billion.
On April 18 the KelpDAO protocol was exploited, resulting in the loss of roughly $300 million in assets. The attacker withdrew an estimated 116,500 rsETH and deployed those tokens as collateral across multiple decentralized finance platforms, triggering widespread withdrawals and protocol pauses.
Data from DefiLlama shows total value locked across tracked DeFi protocols fell from $99.49 billion to $85.32 billion, a decline of $14.17 billion following the incident. Aave experienced the largest single decline: its seven-day TVL dropped 32.44% to $17.038 billion, a loss of just over $8 billion and about 57.7% of the sectorwide outflows since April 18. Lido has become the largest protocol by TVL.
Several other protocols recorded substantial outflows over the seven-day period. Spark’s TVL contracted about 31.6%. Curve Finance declined 11.09% and Pendle fell 12.4%. Smaller and mid-size platforms saw sharper drops: Solv Protocol fell 68.09%, EulerDAO 51.74%, Predict Fun 51.64%, Merlinswap 42.4% and Overnight Finance 40.13%. Additional decreases included Abracadabra (33.42%), Apebond (33.34%), Vectis Finance (30.69%), Re7 Labs (30.09%), Kumbaya (28.41%), Treehouse (26.46%) and Dolomite (24.7%). Morpho, Ethena and Sky recorded declines of 9.62%, 7.79% and 9.76% respectively.
During the same seven-day window, liquid staking services and real-world asset products posted inflows and gains in TVL, with Lido’s increase placing it at the top of the leaderboard by locked value.
Protocols paused operations and assessed exposure after rsETH, which had been widely accepted as collateral, was moved. The removal of that collateral left loans and positions undercollateralized, creating bad debt concentrated on lending markets and prompting forced deleveraging and additional withdrawals.
Total value locked measures assets deposited in smart contracts across DeFi platforms; the DefiLlama figures reflect the set of protocols tracked by that data provider. The incident highlights how a single compromised collateral asset can affect multiple contracts when it is reused across interconnected lending and trading protocols.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
