Well, butter my biscuit and call me a wizard, but David Schwartz, the venerable CTO Emeritus of Ripple (that’s right, the one who’s seen more crypto shenanigans than a troll under a bridge), has a bone to pick with the DeFi bridge crowd. Seems like someone left the door open for a spot of trouble, and now the Kelp DAO ecosystem is lighter by a cool $290 million. Ouchie.
Now, young Schwartz, who’s been poking around the cross-chain systems for Ripple’s shiny new RLUSD stablecoin, reckons the whole industry’s got its head so far up its own blockchain it’s forgotten about the basics. Like, you know, not getting robbed blind. Apparently, everyone’s too busy chasing convenience and scaling faster than a wizard on a broomstick to bother with, say, not getting hacked.
I evaluated a lot of DeFi bridging systems for use by RLUSD. I was almost exclusively focused on the security and risk aspect. One thing I noticed is that most schemes were very well designed and had really strong mechanisms available to protect against exactly the type of attack… but then they’d say, “Oh, but don’t actually use those features, they’re a bit fiddly.” Honestly, it’s like selling a lock and then telling people to leave the key under the mat.
– David ‘JoelKatz’ Schwartz (@JoelKatz) April 20, 2026
Security? Nah, Let’s Just Wing It
Schwartz, bless his cotton socks, found that most bridging systems were actually quite clever-on paper. They had all sorts of fancy mechanisms to stop exactly the kind of attack that hit Kelp DAO. But, as he pointed out, bridge providers were all too keen to suggest bypassing their own best features because, well, they’re a bit of a faff. “We’ve got the best security,” they’d say, “but it’s much easier if you just ignore it.” Brilliant.
The push for simplicity and speed in adding new blockchain networks came with the expectation that operators would simply ignore robust security protocols. It’s like building a castle and then leaving the drawbridge down because, you know, it’s easier to get in and out.
The $290 Million ‘Oopsie’
Over the weekend, some clever scoundrel managed to siphon off approximately 116,500 rsETH (roughly $290 million) from the Kelp DAO ecosystem across the Ethereum and Arbitrum networks. As reported by U.Today, the hack was due to a bug caused by a severe private key compromise on the source chain. The attacker hijacked a legitimately deployed Kelp DAO peer contract, which made it possible for them to initiate a massive withdrawal in a matter of minutes. The exploiter’s initial wallets were funded via the cryptocurrency mixing service Tornado Cash. Classy.
Schwartz, ever the sage, reckons this multi-million dollar disaster was about as preventable as a troll getting a haircut. “I have a funny feeling part of the problem is going to be something like KelpDAO choosing not to use key LayerZero security features out of convenience,” he noted. Well, there’s a surprise.
Read More
- Silver Rate Forecast
- Gold Rate Forecast
- Brent Oil Forecast
- Bitcoin’s Lightning: €Billion Bargain That Leaves Wallets Laughing!
- FDIC Unveils Groundbreaking Stablecoin Rules Under GENIUS Act – What It Means for Crypto!
- The Billionaire, the Blacklist, and the Trumpian DeFi Farce
- HYPE PREDICTION. HYPE cryptocurrency
- AI’s Glasswing: A $100M Bug Hunt for the Elite – Public Left in the Dark
- XRP Is Cheaper Than SWIFT: Japanese Banks’ Data Show Shocking Truth
- CNY JPY PREDICTION
2026-04-20 08:35