Author: Dao Ge

Recently, there has been much heated discussion online about the AAVE security incident.

The main process of the incident is as follows:

Attackers targeted KelpDAO's validation mechanism and, by forging cross-chain messages, caused LayerZero's cross-chain bridge to mint over 110,000 rsETH out of thin air on the mainnet. They then deposited these fraudulently created rsETH into Aave as collateral and borrowed about $236 million worth of WETH/ETH.

This operation directly led to a massive liquidity withdrawal of WETH/ETH from Aave. As the fallout from this security incident spread, various assets that were originally stored in Aave were quickly withdrawn in large volumes. This caused liquidity depletion to rapidly spread to nearly all mainstream assets on Aave.

Even more seriously, this turmoil extended to the Solana ecosystem, causing liquidity in various lending protocols on Solana to become quite strained.

For a description of the entire incident, you can refer to the link at the end of the article.

Undoubtedly, this incident has had a significant impact on the entire DeFi ecosystem, leading to an overwhelming flood of various comment articles online about the matter.

However, the majority of these articles, aside from merely venting emotions, failed to clarify the key aspects of this incident and did not objectively assess its impact. Many articles blithely blamed all the issues on DeFi, and even baselessly proclaimed the fallacy that "decentralization is dead."

In fact, the core reason for this security incident lies in the significant security vulnerabilities in the design of KelpDAO's validation mechanism.

LayerZero provides a DVN (Distributed Verification Network) mechanism for various protocols to confirm messages during cross-chain operations. Since DVN is a distributed validator, the protocol that calls this validator should configure the mechanism using a distributed approach—using multiple signatures to confirm a message.

However, KelpDAO only used a single signature to confirm messages.

This left an opportunity for attackers—once an attacker compromised this single signature, they could confirm any message.

Another more typical scenario can help us better understand this issue:

Usually, some large institutions (such as CEX exchanges) tend to hold a significant amount of Bitcoin assets. For wallets holding these large amounts of Bitcoin, these institutions utilize multi-signature wallets rather than single-signature wallets.

If a single-signature wallet is used, as soon as its single signature is compromised, all the Bitcoin in that wallet is at risk. With a multi-signature wallet, even if one or more signatures are compromised, as long as the multi-signature threshold remains, the Bitcoin in the wallet remains secure.

This is a basic understanding and common sense that operators and designers in the crypto ecosystem with some security awareness should possess.

However, the KelpDAO team lacked even this basic understanding—they chose to use a highly centralized design with a single signature, which led to this massive disaster.

This precisely proves that in the DeFi world, decentralized configuration must become the standard for every critical process to ensure the security of the entire mechanism.

Therefore, the claim that "decentralization is dead" is truly absurd.

Of course, Aave is by no means innocent in this incident. Its problem lies in not being promptly alert to the potential risks associated with the collateralized assets.

In January 2025, there was a post on Aave's governance forum warning that KelpDAO's assets might pose risks. But Aave remained indifferent to this.

In contrast, another similar protocol, Spark (originating from MakerDAO), promptly halted the collateralized use of rsETH.

The starkly different responses of these two protocols to this security risk reveal the significant gap in their risk management of security.

Spark's action reminds me of a past security incident involving MakerDAO.

In March 2023, the collapse of Silicon Valley Bank caused the largest collateral asset of DAI, USDC, to suffer a severe de-pegging, leading to DAI's price dropping below $1 within a short period.

This was also a DeFi disaster caused by centralization issues. It exposed MakerDAO's inadequate defense against centralization risks at the time.

However, since then, MakerDAO has embarked on a rebirth process, directly promoting the "Endgame Plan," accelerating its decentralization and asset diversification process to mitigate similar centralization risks to the protocol.

This is how we see Spark today, demonstrating stability in response to this incident.

MakerDAO's rebirth precisely illustrates that encountering such issues requires all projects within the ecosystem to double down vigilance against centralization risks at every stage and double down on prevention.

Only in this way can a stronger, more resilient DeFi system be built from a long-term perspective.

MakerDAO has walked this path, and Aave along with all other DeFi systems must continue down this road.

The DeFi mechanism is not the cause of security incidents; rather, the centralization thinking and operations that actual operators have subconsciously grown accustomed to are the root of the problem.

Continuously fighting against centralization risks and continuously addressing centralization issues is the correct direction for DeFi evolution and the proper method for DeFi to solve similar problems.

Reference link:

https://x.com/lanhubiji/status/2045779703051460715

In the crypto world, feel free to share and discuss!

Author WeChat: 570111

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。