Cryptonews

Wintermute Chief Questions DeFi's Future Viability Amid Lack of Groundbreaking Developments

Source
cryptonewstrend.com
Published
Wintermute Chief Questions DeFi's Future Viability Amid Lack of Groundbreaking Developments

Evgeny Gaevoy, CEO of Wintermute, has given a frank evaluation of decentralized finance's current situation, highlighting structural risks that still impede innovation.

DeFi not doing well

Gaevoy expressed concerns about composability and how interconnected protocols increase risk rather than distribute it, saying that things appear pretty bleak for DeFi innovation at this stage, in response to recent developments.

His argument is based on a fundamental tenet of DeFi. Protocols can build upon one another thanks to composability, which is frequently touted as one of the industry's greatest advantages. In reality, the same characteristic produces tightly coupled systems in which a single failure can spread to several layers.

According to Gaevoy, the way risk should be assessed has changed since exploits' spillover effects are no longer contained within a single protocol.

Series of attacks

His comments come at an opportune moment. On April 18, 2026, KelpDAO was the victim of an exploit valued at approximately $290 million. Initial signs point to a highly skilled, state-affiliated actor, most likely connected to the DPRK's Lazarus Group.

Source: LayerZero

The attack itself was not a simple smart contract malfunction. Rather, it specifically poisoned downstream RPC nodes utilized in the LayerZero Labs Decentralized Verifier Network. Under very specific circumstances, this made it possible for attackers to alter verification pathways.

What counts in the bigger picture is how the system design influenced the result. Because of a 1-of-1 DVN configuration, the incident was limited to KelpDAO's rsETH configuration, thereby creating a single point of failure. Although it is explicitly supported by LayerZero's architecture, multi-DVN configurations with redundancy were not implemented.

Consequently, once the attack path was established, there was no independent validation layer that could reject forged messages.

The event strengthens Gaevoy's position, despite the technical containment and lack of contagion to other assets or applications. The complexity needed to secure interconnected systems keeps growing, even when damage is isolated. With every new integration, the attack surface grows, and highly skilled actors are beginning to take advantage of this fact.