In April, an attacker drained 116,500 rsETH, roughly $292 million, from Kelp DAO's LayerZero-powered cross-chain bridge. LayerZero attributed the attack to North Korea's Lazarus Group, specifically the sub-group known as TraderTraitor.
Incidents like these highlight a familiar pattern that we're recognizing: each new exploit becomes "evidence" that on-chain lending and collateralized borrowing are inherently fragile, and that the category should slow down. But that evidence is pointing to the wrong conclusion.
Demand for on-chain, self-custodial lending is one of the strongest product signals for Bitcoin. The Kelp DAO exploit merely demonstrates that building on networks other than Bitcoin and Bitcoin-derived codebases like Liquid are the wrong foundation for it.
What Happened at Kelp DAO
Kelp DAO's bridge used a LayerZero configuration with a single verifier responsible for validating cross-chain messages before releasing funds.
- The attacker compromised two remote procedure call (RPC) nodes that fed data to the verifier.
- They then used a denial-of-service attack to force the verifier into a failover state where it accepted forged messages from the compromised RPCs as legitimate.
- Once the verifier signed off, the bridge released 116,500 rsETH, about 18% of circulating supply.
The fallout went beyond Kelp itself. The 116,500 rsETH the attacker now held could be deposited as collateral on AAVE v3 and other major lending markets to borrow against. AAVE v3's pooled lending architecture interconnects collateral and borrow markets, with rsETH securing borrowings against USDT, USDC, ETH, and other assets in shared liquidity pools, so every market with rsETH exposure becomes questionable simultaneously. Lending markets including Aave, SparkLend, and Fluid froze rsETH-backed positions, and users withdrew across the board. According to a post-mortem report, more than $13 billion in total value locked (TVL) exited various platforms in the two days that followed.
The incident exposed three distinct failures:
- A verifier configuration that concentrated trust in a single signer
- Third-party RPC infrastructure treated as a reliable input to that signer
- A pooled lending environment where stolen collateral could amplify into industry-wide contagion through interconnected liquidity pools.
How Liquid and Simplicity Localize Risk
Blockstream designed Liquid with three architectural choices, each addressing a distinct failure mode that has driven losses across on-chain lending:
The Liquid Federation distributes signing across a multi-signer functionary set. Liquid is secured by a globally distributed federation of more than 85 entities, with block production and peg-out signing spread across 15 independent operators rather than concentrated in one node. The peg holds the bitcoin backing all LBTC in circulation under the federation's distributed multisig, where no single member can unilaterally move funds. Proof of reserves and the Liquid Federation’s wallet are verifiable and self-auditable for anyone running a Liquid node. There is no equivalent to the single-verifier configuration that failed at Kelp DAO.
Simplicity prevents entire classes of smart contract bugs. Simplicity is a smart contract language that’s been live on Liquid mainnet since July 31, 2025. Every Simplicity program has its execution cost statically computed before it runs. There are no unbounded loops, no global mutable state, and no dynamic memory allocation. The class of bugs that produces reentrancy attacks and oracle manipulations through unbounded callbacks in EVM-style contracts cannot happen on Simplicity. Simplicity has a formal specification, and verification of the runtime implementation is an ongoing effort. Contracts authored in SimplicityHL inherit the language's structural safety properties through compilation.
Of course, Simplicity does not eliminate every failure mode. Business-logic bugs, key compromise, and bad oracle data still apply, and any lending market on Liquid must defend against them.
Blockstream's lending architecture is peer-to-peer, not pool-based. AAVE v3's pooled liquidity model interconnects collateral and borrow markets, so when rsETH became questionable as collateral, every market exposed to it had to freeze simultaneously. On the other hand, Blockstream Research's simplicity-lending protocol is peer-to-peer. Each loan is a discrete spending condition with its own collateral and counterparty, with no shared liquidity pools that interconnect lending markets, so a failure in one loan does not propagate to others. The protocol could in principle support shared pools as a future feature, but its core design is isolated, market-by-market lending.
What Blockstream Is Building on This Foundation
Lending on Liquid is not a forecast. Mifiel has cleared more than $2 billion in tokenized lending on Liquid since 2023, with promissory notes issued and settled natively. Fully collateralized options contracts have been demonstrated on Liquid since February 2023 using covenant-based smart contracts, with no custodial intermediaries; these are reference implementations of the architecture rather than retail-facing markets, which are still to come.
The next layer is in active development. Blockstream Research's simplicity-lending repository is the early scaffold for a peer-to-peer lending protocol where each loan runs as a discrete SimplicityHL contract, collateral is held under spending conditions enforced by the Simplicity runtime, and there is no bridge, no shared pool, and no verifier whose compromise releases funds independently of consensus. The parallel simplicity-dex work covers oracle-free options trading on the same substrate.
The architecture described here is already in production. Liquid carries more than $5 billion in total value, with native USDT, native LBTC, and a growing set of issued assets. Simplicity is live and being used to build vaults, options, and lending primitives by teams inside and outside Blockstream.
Right Direction, Wrong Execution
The instinct to build self-custodial lending and collateralized borrowing is correct. Holders want their bitcoin, their stablecoins, and their other assets to do useful work without surrendering custody to a centralized counterparty. That demand is one of the clearest product signals in the on-chain economy, and it is not going away.
The Kelp DAO exploit highlights the detrimental cost of building lending on infrastructure that concentrates trust in a single verifier, depends on third-party RPC nodes as a critical signal source, and pools collateral and borrow markets in a way that lets a single asset compromise cascade across the entire ecosystem. A different, better foundation already exists and is running in production. The functionary federation spreads signing authority across many independent operators rather than concentrating it in a single node; Simplicity prevents entire classes of smart contract bugs at the language level; and Blockstream Research's simplicity-lending protocol is peer-to-peer with isolated loans, so a failure in one position cannot propagate across the whole protocol.
Builders working on self-custodial lending have a path forward that does not require any of the architectural choices that failed at Kelp DAO. Giving holders productive use of their assets without surrendering custody is the right path forward, but it needs to live on Bitcoin's strong foundation to ensure it has the security and sustainability to succeed long-term.
Build on a Foundation Designed for High-Assurance Lending
For developers, institutions, and builders evaluating on-chain lending architecture:
- Explore Simplicity and the SimplicityHL toolchain to start building contracts.
- Get familiar with the Liquid Network.
- Contact us to discuss enterprise lending and custody architectures on Liquid.
- Follow @Blockstream, @blksresearch, and @Liquid_BTC on X for ongoing updates.