News linked to both this project and an event.
According to Cointelegraph, DefiLlama data shows that there have been 518 hacking incidents in the crypto space over the past decade, resulting in cumulative losses exceeding $1.7 billion. A significant portion of these losses stemmed from private key leaks, phishing attacks, and other credential-based attacks. As smart contract security continues to improve, attackers are increasingly shifting their focus toward wallet security, signature infrastructure, development tools, and user operations. Recently, Kelp DAO’s rsETH cross-chain bridge was attacked, with approximately 116,500 rsETH tokens stolen—valued at roughly $290–293 million at the time of the incident.
According to a post by 0xngmi, founder of DefiLlama, following the hack of KelpDAO, Aave is facing severe pressure in handling bad debt. Currently, there are three potential solutions: First, socializing the loss across all users—this would result in an 18.5% impairment for users, generating approximately $216 million in bad debt. Aave’s Umbrella Insurance could cover $55 million, and the treasury could contribute an additional $85 million, leaving a shortfall of roughly $76 million. Second, executing a “rug pull” on rsETH holders on L2 chains—this would generate approximately $341 million in bad debt, with Arbitrum, Mantle, and Base markets suffering the heaviest losses. Third, returning assets to holders based on a pre-attack snapshot—but this approach is extremely operationally challenging, and even after Umbrella Insurance coverage, an estimated $91 million in losses would remain. Additionally, some suggest confiscating the hacker’s collateral to offset part of the bad debt. Meanwhile, Aave’s OG Security Module still holds approximately $300 million worth of AAVE tokens; applying a 20% reduction would provide an additional ~$60 million in loss coverage.