coin-img-BTCBTC-0.06%coin-img-ETHETH-1.35%coin-img-SOLSOL-0.07%coin-img-USDCUSDC+0.01%coin-img-HOGRUNHOGRUN+13,900.00%coin-img-SMARTTOOLSSMARTTOOLS+18.91%coin-img-XRPXRP+1.02%coin-img-CHIPCHIP-7.52%coin-img-BTCBTC-0.06%coin-img-ETHETH-1.35%coin-img-SOLSOL-0.07%coin-img-USDCUSDC+0.01%coin-img-HOGRUNHOGRUN+13,900.00%coin-img-SMARTTOOLSSMARTTOOLS+18.91%coin-img-XRPXRP+1.02%coin-img-CHIPCHIP-7.52%coin-img-BTCBTC-0.06%coin-img-ETHETH-1.35%coin-img-SOLSOL-0.07%coin-img-USDCUSDC+0.01%coin-img-HOGRUNHOGRUN+13,900.00%coin-img-SMARTTOOLSSMARTTOOLS+18.91%coin-img-XRPXRP+1.02%coin-img-CHIPCHIP-7.52%coin-img-BTCBTC-0.06%coin-img-ETHETH-1.35%coin-img-SOLSOL-0.07%coin-img-USDCUSDC+0.01%coin-img-HOGRUNHOGRUN+13,900.00%coin-img-SMARTTOOLSSMARTTOOLS+18.91%coin-img-XRPXRP+1.02%coin-img-CHIPCHIP-7.52%

KelpDAO Exploit Shows the Hidden Spillover Risk for NFT Wallets

CoinDesk reports that a vulnerability tied to KelpDAO sparked a major DeFi liquidity shock after about $290 million was lost. While the incident did not target NFTs directly, it highlights a growing problem for collectors: using a single wallet for NFTs, lending, collateral, and DeFi activity can create indirect exposure when something breaks elsewhere. The loss occurred on April 18, when attackers manipulated transaction confirmations through a configuration flaw rather than a failure of core infrastructure. That distinction matters, but the market impact was immediate. KelpDAO's setup relied on a "1to1 DVN" architecture, leaving critical confirmations in the hands of a single validator. A compromised confirmation path can allow false signals that a transaction is complete when it is not, effectively creating a single point of failure. Although the confirmation weakness was specific to KelpDAO's deployment environment, spillovers spread quickly. Within hours, total value locked across DeFi dropped sharply, underscoring how tightly connected protocols and collateral markets have become. AAVE fell about 17%, and its TVL also declined as rsETH—widely used as collateral—turned unstable. That move set off bad debt, forced risk controls, and a fast liquidity drain, a familiar pattern once confidence breaks. DeFi has shed more than $13 billion in locked value over a short span, a reminder that attacks described as "isolated" often don't stay contained. For NFT holders, the lesson is operational. Even if NFTs are untouched at the protocol level, collectors who keep everything in one wallet may still face liquidation pressure, frozen positions, or loss of access if collateral assets like rsETH deteriorate or become locked inside lending and staking positions. Risk reduction is straightforward but frequently ignored: revoke unused smart-contract approvals, separate high-value NFTs into a dedicated wallet, and monitor lending and collateral positions actively. Most users only adopt these habits after damage is done. The KelpDAO incident is another example of how crypto risk can migrate quietly—and reach assets that were never directly attacked.
Selected
AAVE
AAVE+2.11%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.