Cardano founder Charles Hoskinson has issued a major warning to the cryptocurrency sector, declaring that the recent $292 million KelpDAO exploit reveals a fundamental vulnerability within Ethereum's core infrastructure. The attack, which resulted in a 10% market correction for related assets, demonstrates how restaking protocols, cross-chain messaging, and lending stacks can transform a single security breach into system-wide contagion, threatening the entire decentralized finance ecosystem.

Cardano Founder Warns Of Dangerous Flaw At The Heart Of Ethereum DeFi

Rather than deliver a standard postmortem, Hoskinson said he took internal incident-report material and used AI to turn it into a website that walked viewers through the mechanics of the exploit. That structure framed his larger point: the failure, as he described it, did not begin with broken contract math inside KelpDAO itself, nor with an obvious accounting flaw at LayerZero. Instead, he said it centered on a forged cross-chain message that was accepted as legitimate and allowed funds to be released on Ethereum.

“So, this was not a smart contract issue with Kelp and this was not a smart contract issue with LayerZero, but this was a cross-chain message forgery,” Hoskinson said. “So this was something new and different.”

The Cardano founder repeatedly returned to one design choice in particular: the reported use of a one-of-one verifier configuration. In his explanation, best practice would be a multi-verifier model such as three-of-five, but KelpDAO’s setup relied on a single active DVN. That, he argued, created an unacceptable single point of failure in a system already layered with staking wrappers, restaking protocols, bridges, and lending venues.

“The failure was in the verification logic, not the application logic,” he said. “Kelp did everything right from their contracts. They’re audited. They’re working well. The application’s working well. It’s the bridge configuration.” Hoskinson also emphasized that the industry still lacks a settled account of exactly where responsibility lies.

According to his summary, three separate root-cause analyses emerged after the exploit: one from LayerZero, one from KelpDAO, and one tied to LlamaRisk and Aave governance discussions but none fully agree. That leaves open whether the break occurred in the messaging layer, verifier setup, KelpDAO’s acceptance logic, or in the seams between them.

What made the event especially significant, in his view, was not only the theft itself but what happened next. Instead of dumping the stolen rsETH on decentralized exchanges, the attacker allegedly used it as collateral in lending markets to borrow more liquid assets. That turned an exploit into a balance-sheet problem for other protocols, leaving what Hoskinson described as poisoned collateral behind.

He called that dynamic the real novelty of the incident. “It wasn’t just a bridge hack. It spread to lending which then created bad debt contagion inside these lending protocols. It created a bank run and we saw $13 billion of TVL pulled in a very short period of time for a $290 million hack.”

The Cardano founder said the broader DeFi liquidity shock reached far beyond KelpDAO itself. Citing public reporting referenced in his walkthrough, he pointed to at least nine directly affected protocols and said Aave alone saw between $6.6 billion and $8.45 billion in losses, while rsETH traded in a volatile range between about $1,600 and $2,500 during the 24 hours following the attack.

He also raised the possibility of Lazarus involvement, though he acknowledged attribution remains unconfirmed. “There’s a lot of evidence here that there’s Lazarus connections,” he said, before adding that no independent forensics firms had definitively proven it.

At press time, Cardano (ADA) traded at $0.2504.