Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
#ArbitrumFreezesKelpDAOHackerETH
ARBITRUM FREEZES KELPDAO HACKER ETH: A DEFINING MOMENT FOR L2 SECURITY AND DECENTRALIZATION
THE INCIDENT: LARGEST DEFI EXPLOIT OF 2026
On April 18, 2026, the DeFi ecosystem faced one of its biggest shocks when Kelp DAO’s cross-chain bridge was exploited, draining 116,500 rsETH worth around 292 million dollars. This accounted for nearly 18 percent of the total rsETH supply and became the largest DeFi exploit of 2026.
The attacker used a fake cross-chain message that appeared legitimate, triggering the bridge to release funds to a controlled wallet via LayerZero’s EndpointV2. The wallet had been pre-funded through Tornado Cash, highlighting a well-planned and sophisticated attack strategy.
THE ARBITRUM SECURITY COUNCIL INTERVENTION
In a highly controversial but decisive move, the Arbitrum Security Council intervened on April 21, freezing 30,766 ETH worth approximately 71 million dollars that had been bridged to Arbitrum One.
Nine out of twelve council members approved the action, meeting the required supermajority. The frozen funds were transferred to a governance-controlled wallet, ensuring they cannot be accessed without further approval.
This action has sparked major debate. Supporters argue it prevented further damage and preserved recoverable funds, while critics question whether such intervention undermines decentralization.
THE KELP DAO EXPLOIT MECHANICS
Kelp DAO operates as a liquid restaking protocol where users deposit assets like stETH or cbETH and receive rsETH. These assets are bridged across multiple chains using LayerZero infrastructure.
The vulnerability came from how cross-chain verification was configured. The attacker exploited a weak validation setup, allowing a fake message to be accepted as legitimate. This resulted in funds being released without proper backing.
As a consequence, a large portion of rsETH supply is now effectively unbacked, raising serious concerns for holders across different blockchains.
THE BLAME GAME
LayerZero has stated the issue was due to Kelp DAO’s configuration, specifically the use of a single verifier setup, which created a single point of failure.
Kelp DAO, on the other hand, has pushed responsibility back, arguing that the configuration was based on LayerZero’s documentation and infrastructure design.
This dispute highlights a deeper issue in DeFi: unclear accountability between protocol layers.
MARKET IMPACT AND USER CONFIDENCE
The exploit has shaken confidence in liquid restaking and cross-chain systems. rsETH faced heavy pressure as users questioned its backing and security.
Liquidity fragmentation across chains has made recovery more complex, while users are now reassessing risk in multi-chain DeFi strategies.
At the same time, the Arbitrum intervention has reassured some investors that funds can be protected in extreme scenarios, even if it comes at the cost of decentralization purity.
SECURITY VS DECENTRALIZATION DEBATE
This event has reignited one of crypto’s oldest debates: should decentralized systems have emergency controls
On one side, the ability to freeze funds prevented further loss and may allow partial recovery for victims.
On the other side, critics argue that if networks can intervene and freeze assets, then they are not fully decentralized.
Arbitrum’s decision sets a precedent where Layer 2 governance bodies may act similarly in future crises.
IMPLICATIONS FOR LAYER 2 ECOSYSTEMS
Layer 2 networks are growing rapidly, but this incident shows that security models are still evolving.
Governance councils, multisig controls, and emergency powers are becoming critical components of network design.
Future L2 systems may need to clearly define the balance between decentralization and security intervention to maintain trust.
CROSS-CHAIN RISKS UNDER SPOTLIGHT
The exploit also exposes the risks of cross-chain bridges, which remain one of the most vulnerable parts of DeFi infrastructure.
Complex messaging systems, multiple chains, and validator dependencies create attack surfaces that are difficult to secure completely.
Protocols will likely move toward stronger validation models, multi-verifier systems, and stricter auditing processes.
FUTURE OUTLOOK
This incident will likely accelerate major changes in DeFi
Stronger security standards for cross-chain bridges
Better risk disclosure for users
More transparent governance frameworks
Increased regulatory attention on DeFi security practices
It may also push protocols to prioritize safety over speed when launching new features.
CONCLUSION
The Kelp DAO exploit and Arbitrum’s response mark a turning point for DeFi and Layer 2 ecosystems.
It highlights both the vulnerabilities in current infrastructure and the evolving role of governance in protecting users.
While the freeze has preserved part of the stolen funds, it has also challenged the core principles of decentralization.
Going forward, the industry must find a balance between security and trustlessness.
This event will not just be remembered as the largest exploit of 2026, but as a moment that forced DeFi to confront its biggest question: how decentralized should it really be