Ethena and DeXe: An Analysis of Countertrend Performance and Structural Logic During Kelp's Collapse

On April 18, 2026, the DeFi industry experienced its largest security breach to date this year — the re-staking protocol Kelp DAO was maliciously inflated by approximately 116.5k rsETH due to a cross-chain bridge vulnerability, resulting in a loss of about $292 million. This incident not only set a new record for DeFi thefts in 2026 but also sparked widespread concerns across the ecosystem about the security of cross-chain infrastructure. Several mainstream protocols urgently paused related bridging functions and deposit services, and the market was filled with panic over liquidity chain withdrawals.

However, amid chaos and sell-offs, two protocols and their tokens showed weekly performance contrary to the overall market trend: Ethena (ENA) rose about 25.11% over the past seven days, while DeXe (DEXE) surged as much as 50.52% in the same period. This “counter-cyclical strength during a crisis” is no coincidence; it reflects a re-pricing of crypto funds’ emphasis on “security attributes” and “governance robustness” following security incidents.

Kelp Faces the Largest DeFi Attack of 2026

At 2:35 a.m. Beijing time on April 18, 2026, Kelp DAO’s LayerZero-based cross-chain bridge was attacked. The attacker used a wallet that had previously laundered funds through Tornado Cash to send a forged cross-chain message to the LayerZero EndpointV2 contract. This message was faithfully transmitted by the LayerZero protocol to Kelp’s deployed bridge contract on the mainnet, which, without verifying whether the source chain had genuine deposits, released 116,500 rsETH to an address controlled by the attacker — the problem was, no one had ever deposited this asset on the other chain. The stolen tokens were valued at approximately $292 million at the time, accounting for about 18% of the circulating supply of rsETH.

46 minutes later, Kelp’s emergency multisig froze the relevant contracts, but the attacker had already completed subsequent operations: collateralizing the stolen rsETH into Aave V3 lending protocol and borrowing about $236 million worth of wETH. More worryingly, Aave incurred massive bad debt, triggering intense market concern over risk transmission mechanisms in lending protocols.

As of April 20, 2026, Kelp was still working with LayerZero, auditors, and external security experts to analyze the root cause. Meanwhile, Aave, SparkLend, and Fluid froze markets related to rsETH; Lido Finance paused new deposits into earnETH; etherFi also suspended LayerZero cross-chain bridging for weETH and eETH. This attack is widely seen as a concentrated exposure of cross-chain infrastructure security risks, causing a systemic trust shock to the DeFi interoperability ecosystem.

Timeline: From Attack to Industry Response

Data Perspective: Structural Support for Counter-Cyclical Gains

Market Performance and Data

According to Gate.io data, as of April 20, 2026:

Ethena (ENA)

• Price: approximately $0.1165
• Market Cap: about $1.02 billion, market share 0.065%
• Circulating Supply: 8.75 billion ENA, total supply 15 billion
• 24h Change: -1.55% (short-term correction)
• 7-day Change: +25.11%
• 30-day Change: +13.59%
• 1-year Change: -59.16%
• 24h Trading Volume: about $6.01 million
• All-time High: $1.52, All-time Low: $0.07658
• Market Sentiment: Neutral

DeXe (DEXE)

• Price: about $14.78
• Market Cap: approximately $687 million, market share 0.053%
• Circulating Supply: 46.75 million DEXE, total supply 96.5 million
• 24h Change: -2.09% (short-term correction)
• 7-day Change: +50.52%
• 30-day Change: +129.88%
• 1-year Change: -0.58%
• 24h Trading Volume: about $424.6k
• All-time High: $32.38, All-time Low: $0.6715
• Market Sentiment: Bullish

Kelp Attack Losses

Structural Observations

The Kelp attack exhibits three structural features. First, the attack path involves trust assumptions in cross-chain messaging protocols rather than traditional smart contract logic vulnerabilities — the attacker forged cross-chain requests exploiting LayerZero’s trust in message sources and Kelp’s trust in LayerZero messages, creating a compound vulnerability of two trust layers being broken. Second, the stolen assets were leveraged via lending protocols, propagating the loss from a single protocol to lending platforms, amplifying systemic risk. Third, the industry’s emergency response was fragmented — protocols acted independently without coordinated measures, revealing a clear shortcoming in systemic security response within DeFi.

Public Sentiment Breakdown: Security Narrative vs. Governance Narrative

Regarding the Kelp attack and Ethena and DeXe’s counter-cyclical strength, three key viewpoints and debates have emerged.

Security Narrative: Causality or Trend Acceleration?

One view suggests Ethena’s strength reflects market “vote of confidence” in “security protocols.” Ethena promptly paused LayerZero OFT cross-chain bridge after Kelp’s incident and extended the pause on April 20, citing caution before root cause analysis of rsETH. Ethena also published reserve proofs verified by Chainlink and Chaos Labs. This transparent risk management at a crisis moment became a trust anchor for the market.

Another perspective urges caution: Is ENA’s rise overly simplified as a causal effect of the security narrative? Data shows ENA’s 30-day gain (~13.59%) is significantly lower than its 7-day gain (~25.11%), indicating most gains occurred around the Kelp event. Yet, the token’s one-year decline remains at 59.16%, with a large gap between the all-time high of $1.52 and current $0.1165. This suggests the attack injected narrative momentum into an existing technical rebound rather than triggering a fundamental revaluation.

Governance Narrative: Capital Rotation and Structural Shift

DeXe’s strength is widely seen as a signal of capital rotation within DAO governance. Data shows DEXE’s 30-day gain of 129.88%, 7-day gain of 50.52%, and a year-to-date rise among the top in crypto markets. Its sustained performance is supported by its modular DAO governance architecture, integrating proposal management, voting, delegation, execution, and incentives into a unified system; its price has only slightly declined 0.58% over the past year, demonstrating resilience amid broader DeFi declines.

The debate: Is the rise of governance tokens driven by “security narrative”? DeXe was not directly exposed to Kelp’s attack risk, and its core link to the event is the opposite of “asset security”—market tends to shift funds from “protocols with direct security vulnerabilities” to “protocols innovating governance at the system level.” But this migration is more driven by market sentiment than strict risk hedging. With a 24h trading volume of about $424.6k against a $687 million market cap, liquidity depth remains to be observed.

Cross-Chain Bridge Security: Underestimating Systemic Risks

Post-attack, discussions on cross-chain bridge security intensified. Some analysts note that “cross-chain bridges have always been high-value targets, and this incident highlights the significant security challenges they face. Widely used protocols like LayerZero, if vulnerable, could pose systemic risks affecting multiple projects relying on their infrastructure for interoperability.”

Others argue the issue isn’t the bridges themselves but the verification mechanisms for cross-chain message sources. LayerZero’s role in this incident was as a “messenger,” not an “asset custodian,” and the attacker exploited trust assumptions in the bridge contract’s message validation. Security improvements should focus on multi-source validation and risk isolation at the contract level, rather than outright dismissing cross-chain infrastructure.

Impact Analysis: Trust Rebuilding and Capital Reallocation

The Kelp attack’s impact on DeFi is multi-dimensional.

Trust System Rebuilding

The most profound effect isn’t the $292 million loss but the systemic doubt cast on cross-chain infrastructure trust assumptions. When a forged cross-chain message can bypass multiple trust layers and cause hundreds of millions in losses, the market’s “compositional trust” pricing model must recalibrate. DeFi applications relying on LayerZero or similar protocols will face stricter asset risk assessments and higher security audit standards.

Accelerated Capital Reallocation

Preliminary market response indicates funds are moving away from protocols exposed to cross-chain bridge risks toward two categories: protocols with active risk management and transparent reserves (like Ethena), and those innovating governance infrastructure without direct cross-chain asset exposure (like DeXe). The 30-day 129.88% rise of DEXE and 7-day 25.11% of ENA reflect this shift.

Regulatory Attention

In April 2026, multiple security incidents occurred — Kelp DAO’s $292 million loss, Drift Protocol’s over $285 million loss, totaling nearly $600 million — making April the most severe month for crypto hacking since February 2025. This concentration may prompt regulators to increase scrutiny of cross-chain protocol security standards, affecting compliance pathways and market access.

Security Sector Segmentation

Security narratives are no longer a single “audit report endorsement” but are divided into sub-sectors: formal verification of smart contracts, cross-chain risk isolation, transparent reserve proofs, and robust governance mechanisms. Ethena’s measures focus on the latter three — pausing bridges, publishing reserve proofs, awaiting root cause analysis; DeXe emphasizes modular and automated governance. This segmentation suggests future DeFi competitiveness will depend on depth in specific security sub-dimensions rather than generic “security” labels.

Conclusion

The Kelp DAO attack, with a loss of nearly $292 million, stands as one of the most warning-significant security events in DeFi in 2026. Yet, within the crisis, there are structural opportunities for re-pricing — Ethena’s cautious measures like pausing bridges and publishing reserve proofs demonstrate maturity and have gained market recognition with a 7-day 25.11% increase; DeXe’s ongoing deployment of modular DAO governance infrastructure, with a 30-day 129.88% surge, validates governance narratives’ capital siphoning effect during security crises.

Their counter-cyclical strength is not mere coincidence but a reflection of market “vote” on “risk resilience” and “governance robustness” under security shocks. This voting mechanism — capital concentrating on protocols with security premiums — is becoming the core driver of a new DeFi competitive cycle. For market participants, understanding this underlying logic is more important than chasing short-term price swings. In an era where trust in cross-chain infrastructure faces systemic doubt, security narratives have shifted from optional to baseline requirements, and protocols demonstrating transparency, prudence, and structural resilience will be better positioned in this trust reconstruction.