#rsETHAttackUpdate

DeFi just had its biggest wake‑up call of 2026 – let’s talk about it like friends

On April 18, KelpDAO’s rsETH bridge was exploited for $292M.
Not because of bad code – but because the bridge trusted 1 single validator 😬

Here’s what happened in plain English 👇

Attacker faked a cross‑chain message

The system thought rsETH was locked on one chain, so it minted new copies on another

No real backing → $292M drained, ~18% of rsETH supply gone

💡 The scary part? The contracts worked as designed. The design just had a single point of failure.

What happened next?

Attacker didn’t dump – they used stolen rsETH as collateral on lending protocols (Aave, etc.)

Borrowed real ETH → left bad debt behind

Lending markets froze, contagion spread fast

The friendly lesson for all of us
✅ DeFi risk isn’t just price swings – it’s infrastructure risk (bridges, oracles, validators)
✅ If a protocol uses a “1 of 1” bridge validator, that’s a red flag 🚩
✅ Composability is beautiful, but it also means one hole can sink nearby ships

Why I’m sharing this
We don’t run from hacks – we learn from them.
This is my #WCTC交易王PK entry for the Gate.io WCTC S8 plaza event.
I’m here to trade, grow, and help others stay safe.

👉 Join the discussion & win prizes:
https://www.gate.com/competition/wctc-s8