Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
#DeFiLossesTop600MInApril 💥 The Two Titans of April: A Post-Mortem
These weren't simple "code bugs." They were sophisticated, multi-layer operations widely attributed to the Lazarus Group.
1. Drift Protocol (April 1) – ~$285M
The Attack: This was a control-plane compromise. Attackers spent months on a social engineering campaign to infiltrate the governance layer.
The Method: They manipulated the Durable Nonce system on Solana to execute pre-signed transactions that appeared legitimate to the network.
The Impact: Over 50% of Drift’s TVL was wiped out in minutes. This triggered a massive liquidity flight across the Solana ecosystem, as the "trustless" governance model was proven vulnerable to human infiltration.
2. KelpDAO (April 18) – ~$292M
The Attack: An "Oracle/Verifier" exploitation on a cross-chain bridge.
The Method: The attackers exploited a 1-of-1 verifier setup. By compromising two internal RPC nodes and launching a simultaneous DDoS attack on the external node, they put the verifier in an "echo chamber."
The Result: They tricked the Ethereum-side contract into believing 116,500 rsETH had been burned on the source chain. The contract released the funds based on a falsified view of reality, not a bug in the code itself.
📉 The Ecosystem Ripple Effect
The "Trust Shock" you mentioned is already showing up in the data:
Contagion: Following the KelpDAO hit, major platforms like Aave and SparkLend were forced to freeze rsETH markets to prevent bad debt from cascading through the rest of DeFi.
The "DeFi United" Fund: In a desperate bid to restore confidence, the industry has formed a $300M+ relief fund (with massive help from Mantle and Aave DAO) to compensate victims, but the psychological damage is done.
Institutional Retreat: This month has stalled the "Institutional DeFi" narrative. Many funds are moving back to "Sovereign-Grade" Bitcoin or highly regulated custodians.
🧠 The Strategic Shift
You’re right to highlight AI-enhanced attacks. We are seeing a move away from "contract hacking" toward "Infrastructure Infiltration." > The Lesson: If you can’t break the vault door (the smart contract), you kidnap the person with the key (social engineering) or you trick the eyes of the guard (RPC/Oracle manipulation).