Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 30+ AI models, with 0% extra fees
On April 18, 2026, Kelp DAO’s LayerZero-based rsETH cross-chain bridge was attacked. Hackers forged approximately 116,500 rsETH with a value of $292 million, making it the largest DeFi security incident to date in 2026. The attack’s core stemmed from a single-point verification vulnerability (1-of-1 DVN) in the Kelp DAO configuration—i.e., it relied on only one validator node; once that was breached, the attacker could forge cross-chain messages (the attack has been explicitly linked to North Korea’s Lazarus Group). The attacker then deposited the uncollateralized rsETH into lending platforms such as Aave and borrowed roughly $236 million in real assets, causing Aave to face potential bad debt of $177 million to $230 million and prompting nine major protocols to urgently freeze the rsETH market. In a single day, the total value locked (TVL) across global DeFi evaporated by more than $20 billion.
Emergency response and industry coordination—Aave quickly took the lead in establishing the “DeFi United” joint rescue mechanism. Core protocols such as Lido, Mantle, and ether fi, along with Aave founder Stani Kulechov, collectively committed more than $100 million to repair the asset pools. Even more importantly, action came from the Arbitrum Security Committee: it executed an emergency upgrade via 9/12 multi-signature, successfully tracking and freezing about 30,000 ETH from the hacker’s account (worth approximately $70 million). This marked the first time in Stage 1 L2 history that committee authority was used during a security crisis.
Impact and reflection—The incident has had a profound impact on DeFi. Analysts at J.P. Morgan quickly pointed out that DeFi, increasingly constrained by security vulnerabilities and sluggish TVL growth, continues to suppress institutional interest. The structural dilemma exposed by cross-chain bridges between “freedom and flexibility” and “absolute security” could not be clearer—at the same time, the ultra-low security configuration used by Kelp DAO also serves as a warning to the industry’s security standards. #rsETH攻击事件后续进展