Back to Blog

Newsletter - April 2026

Code Auditing
April 30, 2026
4 min read
Key Insights

Top 3 DeFi Incidents in April

KelpDAO: ~$290M

On April 18, 2026, KelpDAO’s rsETH LayerZero OFT bridge was exploited for approximately $290M.

The root cause was KelpDAO’s insecure 1-of-1 DVN configuration, which reduced cross-chain message verification to a single point of failure. After compromising RPC infrastructure trusted by the LayerZero Labs DVN, the attacker forced the sole verifier to attest to a fabricated cross-chain message. As a result, 116,500 rsETH were released on Ethereum without any corresponding source-side event on Unichain.

This incident was not caused by a flaw in the LayerZero protocol itself, but by a broader operational security failure spanning bridge configuration and infrastructure trust assumptions. Because KelpDAO relied on only one DVN, there was no independent verifier to challenge the forged message. At the same time, the attacker poisoned the RPC nodes used by that DVN and DDoS’d the remaining healthy nodes, forcing the verifier into a failover state where it depended entirely on attacker-controlled data. Once the fake message was attested, the Ethereum-side rsETH adapter executed as designed and released the funds, which were then quickly dispersed and laundered across multiple wallets and chains.

This incident highlights that bridge security cannot rely solely on protocol correctness. Projects should adopt multi-DVN configurations with independent verifiers, treat sudden RPC node outages during verification as attack signals rather than routine availability issues, and harden the infrastructure that feeds source-chain data to verifier networks.

For a detailed analysis, read our deep-dive post:

https://blocksec.com/blog/the-decentralization-dilemma-cascading-risk-and-emergency-power-in-the-kelp-dao-crisis

Drift Protocol: ~$285M

On April 1, 2026, Drift Protocol on Solana was exploited for approximately $285M.

The root cause was not a smart contract vulnerability, but a failure in the protocol’s governance and authorization process. At the time, Drift used a 2-of-5 multisig setup for high-privilege actions, meaning any two of five authorized signers could approve critical administrative changes. These actions were also not subject to any timelock. Once enough approvals were collected, they could be executed immediately. Compounding this risk was Solana’s durable nonce mechanism, which allowed pre-signed transactions to remain valid for a long time instead of expiring quickly like ordinary transactions. This gave the attacker time to collect malicious signatures in advance and wait for the right moment to use them. After inducing two of the five signers to approve malicious governance transactions, the attacker later submitted those transactions to take over admin control of the protocol. With that access, the attacker listed a fake collateral asset called CarbonVote Token (CVT), manipulated its Oracle price, loosened withdrawal restrictions, and used the fake collateral to drain large amounts of real assets through the Drift Vault.

This incident exposed three major weaknesses in Drift’s governance design. First, the attacker was able to separate signature collection from execution because the stolen approvals did not expire quickly. Second, the lack of a timelock meant the admin takeover became effective immediately, leaving almost no time for detection or intervention. Third, the admin role was too powerful: once compromised, it allowed the attacker to create a new collateral market, change oracle settings, and relax withdrawal controls, all of which directly enabled the theft.

This incident shows that governance security is not just about protecting private keys. Protocols also need to secure the full signing and approval process, add delays to high-privilege actions, limit the use of long-lived pre-signed transactions, and reduce the scope of what a single admin takeover can do.

For a detailed analysis, read our deep-dive post:

https://blocksec.com/blog/drift-protocol-incident-multisig-governance-compromise-via-durable-nonce-exploitation

Rhea Finance: ~$18.4M

On April 16, 2026, the Burrowland protocol of Rhea Finance on NEAR was exploited for approximately $18.4M due to a business logic flaw in its margin-trading module. Notably, as of April 23, 2026, all stolen funds had been recovered.

The root cause was that the protocol treated a user-supplied swap output declaration as if it accurately represented the amount that would actually be returned by the DEX. However, a malicious user could construct a circular swap path that recycled intermediate outputs within the route, artificially inflating the declared final output and manipulating the protocol’s accounting. As a result, the protocol’s solvency and leverage checks relied on a fabricated value rather than the real amount received. This flaw was rooted in the verify_token_out() function, which incorrectly counted certain intermediate outputs as part of the final result even though they were later reused within the swap path.

After circumventing these checks, the attacker routed borrowed assets out of the protocol through attacker-controlled fake pools, while the protocol received only a negligible amount of value in return. The attacker then withdrew liquidity from these pools to extract the funds. By repeating this process, the attacker ultimately drained approximately $18.4M from Burrowland.

This incident shows that margin-trading protocols should not treat user-declared swap outputs as trusted input. Protocols need to ensure that solvency checks are based on the actual received value, reject swap paths that can recycle intermediate assets, and prevent accounting logic from being manipulated by circular routing.

The information above is based on data as of 00:00 UTC, April 29, 2026.

This concludes the April security incidents brief.

You can learn more in our Security Incidents Library.

Stay informed and stay secure!

Sign up for the latest updates
Newsletter - June 2026
Security Insights

Newsletter - June 2026

This monthly report covers the three largest security incidents in June 2026, totaling approximately $22M in confirmed losses. A sophisticated honeypot attack drained ~$15M from JaredFromSubway's MEV bot by exploiting unchecked token allowances. Two legacy Aztec rollup deployments lost ~$4.35M through proof-settlement boundary gaps. SecondFi's Ed25519 implementation flaw exposed wallet private keys, resulting in ~$2.4M drained from 374 wallets. All three incidents share a common pattern: security guarantees that appeared intact on the surface but were never actually enforced.

~$4.1M Lost: Taiko, SecondFi Exploits | BlockSec Weekly
Security Insights

~$4.1M Lost: Taiko, SecondFi Exploits | BlockSec Weekly

This weekly blockchain security report covers two notable incidents from June 22-28, 2026, with approximately $4.1M in confirmed losses across Ethereum and Cardano. The Taiko bridge exploit combined an exposed SGX enclave signing key with an incomplete attestation policy that failed to reject debug enclaves, allowing the attacker to register a malicious prover and forge L2 state proofs on Ethereum. The SecondFi wallet vulnerability stemmed from a cryptographic implementation flaw in Ed25519 nonce derivation that removed the secret input, enabling offline private key recovery from public Cardano transaction data.

~$18M Lost: jaredFromSubway, Aztec & More | BlockSec Weekly
Security Insights

~$18M Lost: jaredFromSubway, Aztec & More | BlockSec Weekly

This weekly blockchain security report covers June 15 to June 21, 2026, with 3 notable incidents across Ethereum and BNB Chain totaling approximately $18.3M in losses. Two incidents are analyzed in detail. Based on on-chain analysis, the highlighted jaredFromSubway incident reveals a reversed approval attack pattern: unlike traditional exploits where attackers abuse vulnerabilities in trusted DeFi contracts to drain user-approved assets, this MEV bot proactively approved its own assets to untrusted third-party contracts for arbitrage. The attacker constructed fake wrapper tokens and swap pools that emitted real events but never consumed the granted allowances, with reported total losses of ~$15M. The report also covers Aztec's second exploit in three days, where a missing equality constraint between two witnesses for `old_data_root` in the escape hatch ZK circuit allowed the attacker to prove ownership of fabricated notes against a fake Merkle tree while passing on-chain root validation.

Best Security Auditor for Web3

Validate design, code, and business logic before launch. Aligned with the highest industry security standards.

BlockSec Audit