hodler

29 Apr 2026, 16:45

DeFi faces rising losses as AI-driven attacks escalate

The series of attacks on the Ethereum mainnet that led to over $1.5 million in losses has been exacerbated by new research that shows that artificial intelligence (AI) agents can now autonomously discover and exploit vulnerabilities in decentralized finance protocols. Security firm GoPlus Security reported that four separate contracts were exploited in just 48 hours ending April 29. The firm warned that hackers armed with AI are becoming more precise and faster than ever. And DeFi smart contract developers have nowhere to turn to except AI to tackle the problems that AI itself started. Can AI really hack DeFi by itself? a16z crypto tested an off-the-shelf AI coding agent against 20 past price manipulation incidents on Ethereum and found that when given just a contract address and basic tools, the AI succeeded in exploiting the vulnerability only 10% of the time. However, when researchers gave the agent access to structured knowledge about common attack patterns like vault donation exploits and automated market maker (AMM) pool manipulation, the success rate jumped to 70%. The researchers noted that while the AI is very good at finding bugs, it sometimes struggles with complex, multi-step attacks. One agent even tried to “escape” its test environment by extracting a secret key to look at future block data. Anthropic recently announced a new AI model called “Claude Mythos Preview.” The company stated that this model can autonomously find and write working exploits for zero-day vulnerabilities across major operating systems and web browsers. Before Mythos Preview , older models had a “near-0% success rate” at writing exploits. The company also confirmed that the same improvements that make the model good at patching vulnerabilities also make it good at exploiting them. When given access to Etherscan’s transaction API, the agent found actual past attack transactions and reverse-engineered them to write its own exploit code. How much was lost in the ZetaChain hack? GoPlus Security flagged four separate smart contract exploits on Ethereum mainnet within a 48-hour window ending April 29. The combined losses exceeded $1.5 million. The firm has described the current pace of AI-assisted attacks as a “countdown-by-the-second era.” In one of the week’s larger incidents, approximately $333,868 was drained across nine transactions on four chains, including Ethereum, Arbitrum, Base, and BSC. ZetaChain’s official post-mortem report says that no user funds were lost; the three affected wallets belonged to the ZetaChain team. The attacker took advantage of a feature in the GatewayEVM contract using “arbitrary calls.” The gateway lacked a strict blocklist, allowing the hacker to instruct it to transfer token allowances that had been set by the team wallets. The hacker funded wallets through Tornado Cash three days before the attack while mimicking a victim’s wallet. ZetaChain admitted that the vulnerability had been reported earlier through its bug bounty program, but the initial reports were dismissed. The protocol has since paused cross-chain transactions and is rolling out a patch to disable the risky code. Other Ethereum exploits identified by GoPlus Security over the past 48 hours include an onchain aggregator contract that lost roughly $983,000 due to missing access controls; an unauthorized third-party vault tied to TradingProtocol that lost roughly $398,000 also due to missing permission checks; a BCB contract that lost roughly $39,800 from a reentrancy vulnerability; and a QNT asset contract that lost roughly $124,900 from an arbitrary call vulnerability. Cryptopolitan reports that DeFi losses in April alone have reached record levels, surpassing the combined stats for the first three months of the year. With mounting losses in recent cases, it is setting up an epic showdown where hackers and developers are fighting AI with AI. With Anthropic’s Mythos and others now entering the conversation, it is looking like AI is arming hackers and developers won’t have any choice but to use AI to defend themselves Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .

29 Apr 2026, 16:15

Aave scrambles to revive lending in wake of KelpDAO exploit

Aave struggles to bring back borrowers and lenders since the Kelp DAO hack. The DeFi protocol started a campaign to rebuild the rsETH collateral, but other vaults also stay inactive. New loans on Aave have ground to a halt, with only an outlier of $32M borrowed as of April 28. Activity has fallen to almost negligible levels as the protocol and DeFi as a whole try to rebuild trust. Aave lending activity ground to a halt, despite higher than usual rates for lenders. Almost no new loan events were recorded following the recent KelpDAO hack. | Source: CryptoQuant . Aave total value locked slid to around $14B, down from over $25B before the hack. Fees remained at their baseline of $2.8M daily. As Cryptopolitan reported, on the busiest days after the hack, Aave saw outflows of over $15B . Aave lending rates remain elevated Aave lending rates remain elevated, with up to 6.38% for USDC borrowing. During the latest freeze of rsETH, the protocol offered over 13% in lending rates, but could not overcome investor fears. USDC vaults remained at 100% utilization, discouraging other lenders to risk their funds in the aftermath of the KelpDAO hack. As a result, Aave now offers better rates than the DeFi baseline, but lenders and borrowers are still reluctant to return. The latest Aave V3 data show stablecoins and WETH saw the most significant breakdown of lending, with outflows of leverage. Borrowing was still active for liquid assets like USDT, USDC, and WETH, but loan events slowed down to almost zero, based on CryptoQuant data. Based on Dune Analytics data, WETH is the most widely borrowed asset, with $6.5B in loans. $3.7B were borrowed in USDT, and $2.9B in USDC. The recent higher lending rates suggest Aave did not see increased demand for capital, but a liquidity stress event. Borrow rates spiked, increasing their APY to over 14%. Later, rates corrected, but remained elevated at 7.12%. Lenders have become more defensive, leading to more expensive capital for DeFi. Is another DeFi winter coming? The recent lending crunch shows DeFi went through one of its most significant borrowing collapses. This time, Aave survived, but raised questions of the resilience of DeFi. The previous DeFi winter followed the crash of FTX and Terra (LUNA), causing a two-year slump in DeFi activity. Some whales moved their funds immediately, shifting to Spark Protocol as one of the more secure DeFi locations. Aave’s founder Stani Kulechov still expressed confidence in the protocol, despite the lending crunch. He remarked that Aave had survived multiple bear cycles, and would be capable of a ttracting liquidity again. “ For me personally, the rsETH bridge incident was unfortunate as our team and community has put so much effort into securing the protocol and seeing the exploit happening outside of the protocol smart contracts, and affecting the markets is hard to watch even when the markets had (and still have) full backing like Mainnet Core,” remarked Kulechov in a recent X post . In the past few days, crypto influencers expressed their support for Aave and showed a readiness to return to lending and yield generation. The Aave protocol is also voting on a freeze of buybacks, until DeFi conditions improve. The vote will most probably resolve to ‘yes’ in two more days. The slower lending still pressures the AAVE token, which slid to $93.21 in the past week. If you're reading this, you’re already ahead. Stay there with our newsletter .

29 Apr 2026, 16:07

Ripple Prime Adds BTC Options via Bullish

Enterprise blockchain firm Ripple has significantly expanded its institutional offerings by deepening the integration between its prime brokerage arm, Ripple Prime, and the digital asset exchange Bullish.

29 Apr 2026, 15:57

The Protocol: Mythos forces crypto industry to rethink security practices

Also: Aave’s $300 million recovery effort, crypto for AI agents, and Bitcoin proposal for Satoshi-linked tokens.

29 Apr 2026, 15:31

Litecoin MWEB exploit resolved, block reorganization corrected

Litecoin recently faced one of its most serious technical incidents tied to the Mimblewimble Extension Blocks (MWEB) feature, after a validation flaw allowed an attacker to generate an inflated peg-out of approximately 85,034 LTC. The issue was traced to a failure in block connection-level verification, where MWEB input metadata did not properly match the underlying UTXO being spent. While the incident briefly shook confidence in the extension layer, it was ultimately contained through coordinated miner response and rapid protocol fixes. How the MWEB exploit unfolded According to a postmortem released by Litecoin , the exploit began in March 2026 at block height 3,073,882, when an attacker successfully exploited the validation gap. By manipulating MWEB input data, the attacker made a small input appear to justify a much larger output during peg-out processing. In reality, the underlying input value was only around 1–2 LTC, but the system incorrectly accepted it as valid backing for more than 85,000 LTC. This was not a standard wallet- or transaction-layer issue. Instead, it originated in how MWEB blocks were validated during chain connection. While the mempool and transaction construction layers functioned correctly, the final consensus-level verification step failed to fully validate the integrity of MWEB metadata against the referenced outputs. Once the abnormal peg-out was detected, miners quickly identified the inconsistency and initiated coordinated action to prevent further propagation. The suspicious outputs were isolated, and a portion of the funds was frozen at the protocol level to prevent further movement across the network. Containment, recovery, and miner coordination Following detection, developers and major mining pools moved into emergency response mode. Mining pools, including F2Pool, played a central role in stabilising the network by aligning on updated validation rules and rejecting malformed MWEB data. This coordination helped prevent the exploit from spreading further across the chain. The attacker later entered negotiations and returned the majority of the exploited funds. Approximately 84,184 LTC was recovered through coordinated transactions, while an 850 LTC bounty was retained as part of the agreement in exchange for cooperation in resolving the incident. Rather than reversing the chain, developers opted for a reconciliation approach. The system effectively neutralised the inflated output by rebalancing MWEB accounting through controlled peg-in mechanisms and freezing invalid outputs. This approach allowed the network to restore consistency without requiring a full rollback. Second incident triggered a 13-block reorganisation A second related incident occurred in April 2026, when attempts to re-exploit the same vulnerability exposed a different weakness in how nodes handled malformed MWEB data. This time, the issue did not result in additional inflation but instead caused instability in node processing. Upgraded nodes experienced processing stalls when encountering mutated MWEB blocks, while some miners continued extending a chain built on outdated validation rules. This divergence led to a temporary 13-block chain reorganisation, with F2Pool mining a significant portion of the affected blocks during the unstable period. The reorganisation was short-lived. Once upgraded nodes gained majority hash power and rejected the invalid history, the network converged back to the correct chain. No permanent ledger corruption remained after reconciliation. Protocol fixes and final resolution Developers released emergency updates under the 0.21.5.x Core series, addressing both the original validation flaw and the secondary block-handling issue. The fixes strengthened MWEB input validation during block connection, improved handling of mutated block states, and reinforced consistency checks across mining and consensus layers. Post-incident analysis confirmed that the exploit did not result in lasting inflation or loss of final-chain integrity. However, it highlighted the sensitivity of extension-block systems like MWEB, where added privacy and complexity introduce new validation risks. With miner coordination restored, patched nodes deployed, and invalid outputs neutralised, the network has returned to stable operation. The post Litecoin MWEB exploit resolved, block reorganization corrected appeared first on Invezz

29 Apr 2026, 15:24

Ayni Gold vs Kinesis: Two Sources of Gold-Backed Yield

PAXG and XAUT settled the basic question of putting gold on-chain. Neither pays yield. Kinesis and Ayni Gold both go further, but the source of that yield is structurally different. Kinesis pays from platform transaction fees, distributed monthly in KAU. Ayni Gold pays from mining production, distributed quarterly in PAXG. Same category of gold-backed crypto yield, different engines. For holders comparing where to earn yield in gold without giving up gold-denominated exposure, the choice between these two products comes down to which yield engine fits the portfolio. Side by Side: KAU vs AYNI Both products are gold-backed, and both pay yield. The differences lie in how each is structured underneath. Kinesis (KAU) Ayni Gold (AYNI) What the token represents 1 gram of vaulted investment-grade gold Tokenized exposure to gold-mining capacity at licensed concessions Yield source 15% of platform transaction fee revenue Mining output minus operational costs and success fee Distribution Monthly Quarterly Reward asset KAU (more gold) PAXG (gold-backed stablecoin) Operating since 2019 2025 Best for Holders who want a monthly yield from platform activity Holders who want a yield tied to physical gold production Kinesis (KAU): Yield from Platform Activity Each KAU token is backed by one gram of investment-grade gold bullion, stored in fully insured vaults across the ABX (Allocated Bullion Exchange) network. Gold reserves are audited semi-annually by Inspectorate International, and the platform has been operating since 2019. KAU has practical utility most gold-backed tokens lack. Holders can spend it globally through the Kinesis Virtual Card on the Mastercard network, with instant fiat conversion at the point of sale. Physical redemption is available from 100 grams of gold bullion, processed through the global vault network. The total Kinesis yield system distributes 57.5% of platform fees back to participants through five different yields, with KVT (Kinesis Velocity Token) holders receiving an additional 20% share. In 2026, Kinesis had paid out more than $168k to KAU holders cumulatively. How Yield is Generated The yield mechanic is fee-share. Kinesis takes a 0.22% transaction fee on platform activity. Of that, 15% flows to the Holder's Yield pool, distributed monthly in KAU to anyone holding gold on the platform. Holders receive their share proportional to how much KAU they hold against the platform's total. There are no lock-ups and no minimum holding period. Storage is free. The structural trade-off is clear. KAU yield is variable and tied directly to platform usage. Months with high transaction volume produce higher yields. Quiet markets compress them. This makes Kinesis a form of DeFi gold yield where holders are taking exposure to platform activity, not to gold production. Ayni Gold (AYNI): Yield from Mining Production Ayni Gold takes a different route to gold-backed yield. The protocol does not tokenize stored bullion. It tokenizes operating mining capacity instead. Each AYNI token represents 4 cm³ per hour of processing capacity at the Minerales San Hilario concession in Peru, an 8 km² alluvial site in Madre de Dios. The token has a fixed supply of 806,451,613 AYNI and no minting after launch. Two licensed concessions are now active under the protocol: the primary site (INGEMMET No. 070011405) and a secondary one acquired in Q4 2025. The verification stack covers four independent layers : CertiK and PeckShield for the smart contracts (both audits completed in October 2025), TurnKey for institutional custody, and Kangari Consulting for the geological assessments. How Yield is Generated Yield comes directly from mining output. Holders stake AYNI to receive staking rewards in gold, paid in PAXG every quarter. The conversion path runs through Peru's banking system: extracted gold is sold to local banks, the proceeds are converted to fiat, and the fiat buys PAXG through Paxos. Settlement uses daily gold pricing, and distribution is proportional to staked AYNI. Staking is tiered. Longer lock-ups earn higher reward weights via a dynamic success fee, which means loyal holders capture more of the net return. The protocol also burns 15% of accumulated success fees each quarter, which gradually reduces the circulating supply. The concession's projected daily production capacity is up to 8,000 grams, contingent on operational ramp-up. The 2025 scoping study at the site identified more than 9 metric tonnes of conceptual recoverable gold potential, with the caveat that scoping studies are early-stage assessments and not confirmed reserves. Holders considering PAXG yield staking find a different shape of exposure here. The position pays gold-backed DeFi yield from physical extraction at the concession, not from platform usage or new token issuance. How the Yield Engines Differ Three structural differences separate the two products: Yield source variability: Kinesis yield rises and falls with platform transaction volume. Ayni Gold yield rises and falls with mining output. Different exposure types. Reward denomination: Kinesis pays in KAU, the same asset holders already own. Ayni Gold pays in PAXG, a different gold-backed asset. Both keep yielding gold-denominated, but the mechanics differ. Token representation: A KAU represents stored gold. An AYNI represents operating mining capacity. The first tokenizes a static asset; the second tokenizes ongoing productive activity. The structural difference is not which model is better. It is the one a holder is choosing to have exposure to. Kinesis yield depends on people transacting on the platform. Ayni Gold yield depends on people extracting gold from a concession in Peru. They scale on different inputs. Both deliver gold backed stable yield in the sense that both reward assets are gold-backed and both keep returns denominated in gold. The yield engines underneath operate on a different economic logic. Choosing Between KAU and AYNI The right product depends less on yield expectations and more on what kind of gold exposure the portfolio needs. Kinesis fits holders who: Want gold they can spend globally through a debit card Prefer monthly yield distribution Want exposure to platform usage as the yield engine Value a six-year operating track record Ayni Gold fits holders who: Want yield tied to physical gold production Are comfortable with quarterly distribution Prefer yield paid in PAXG, separate from the staked asset Want exposure to mining output as the yield engine The two products serve overlapping but distinct needs. Both occupy the broader category of commodity backed DeFi, where returns trace back to real physical assets rather than synthetic strategies. The right framing is not platform-fee yield versus production yield. It is which yield engine matches the portfolio. Frequently Asked Questions How are Kinesis and Ayni Gold different? Kinesis pays yield from platform transaction fees, distributed monthly in KAU. Ayni Gold pays yield from mining output at licensed concessions in Peru, distributed quarterly in PAXG. Both are gold-backed; the yield engines are structurally different. Which one pays more? Both yields are variable. Kinesis depends on platform transaction volume. Ayni Gold depends on mining output. Neither offers a fixed APY. The right comparison is which yield source fits a holder's allocation thesis, not headline rate. Can I redeem either token for physical gold? Kinesis allows physical gold redemption from 100 grams minimum through its vault network. AYNI is not directly redeemable for gold, but stakers receive PAXG rewards, which can be redeemed for physical gold through Paxos. How does Ayni Gold convert mining output to PAXG? Extracted gold is sold to Peruvian banks, converted to fiat, then to PAXG via Paxos. Settlement is based on daily gold pricing and distributed quarterly to AYNI stakers proportional to stake size. Which has the longer track record? Kinesis has been operating since 2019, with $11 million+ paid to holders by November 2025. Ayni Gold launched its smart contracts in October 2025, audited by CertiK and PeckShield. Different maturity stages, different risk profiles. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.