How $771M Was Stolen From Protocols That Passed Every Audit

How $771M Was Stolen From Protocols That Passed Every Audit

Since January 2026, the crypto market has absorbed roughly $771 million in losses across 47 incidents. April alone accounted for the majority , well above the combined total for the previous three months. The numbers are striking. The pattern underneath them is what actually matters.

In every significant case, the smart contract code did exactly what it was built to do. The vulnerability wasn’t in the blockchain logic. It was in the layer of infrastructure that told the blockchain what to do — and in the assumptions about who could be trusted to give those instructions.

Eighteen Audits. One Unreviewed Signing Key.

Resolv Labs ran a DeFi stablecoin protocol with over $500 million in assets at its peak. By March 2026, it had completed eighteen independent security audits. Eighteen.

An attacker deposited $100,000 in collateral and walked out with roughly $25 million in ETH. The mechanism was precise: when the protocol minted its stablecoin, the decision about how many tokens to issue against deposited collateral was handled by an external off-chain service. That service stored its private signing key in a cloud key management system. Once the attacker obtained that key, they generated a minting instruction far beyond what the collateral justified. The on-chain contract received a validly signed command and processed it without question — because from the contract’s perspective, everything looked legitimate.

The stablecoin collapsed from its dollar peg to $0.025 in seventeen minutes. Other protocols that had accepted it as collateral were pulled into the damage.

All eighteen audits reviewed the smart contract logic. The cloud infrastructure and key management process weren’t covered sufficiently. The risk wasn’t in the code — it was in the operational layer giving instructions to the code.

A Multisig Is Only as Secure as the People Signing It

The Drift Protocol case is one of the most methodical exploits we’ve seen in recent memory. And it involved no exotic zero-day vulnerability — just patience, social engineering, and a governance process that moved faster than anyone could review it.

Drift is a major decentralized perpetual futures exchange on Solana. The attackers spent months establishing credibility: operating as a real market participant, contributing liquidity, building relationships with developers. At the same time, they created a fabricated token with synthetic trading volume to manipulate the price oracle the protocol depended on.

Their technical mechanism was a Solana feature called durable nonce — a way to sign a transaction today and execute it later, like writing a cheque and leaving it undated. The attackers prepared a set of these delayed transactions containing instructions to transfer full administrative control of the protocol to an address they controlled. Through ongoing social engineering, they persuaded Security Council members to sign what appeared to be routine governance operations.

Two weeks before the exploit, Drift had migrated to a new governance model requiring two-of-five Security Council signatures for critical actions. At the same time, the timelock was removed from the process — meaning approved actions could execute immediately, with no delay window for review or intervention. On April 1st, the attackers triggered the pre-signed transactions. Administrative control transferred in two on-chain transactions executed one second apart. Withdrawals started shortly after.

A multisig is not a safety guarantee. It’s a process. When signers don’t have time — or information — to understand what they’re approving, the multisig becomes a formality rather than a safeguard.

One Verifier. $292 Million.

The Kelp DAO exploit is technically the most consequential of the three, and it goes directly to a question that anyone building cross-chain infrastructure has to answer honestly: what does your trust model actually reduce to?

Kelp operated a liquid restaking protocol, with its token deployed across more than twenty blockchains via LayerZero. Cross-chain systems need a way to verify that something happened on another network — that tokens were burned, that a transaction settled. The receiving contract can’t directly observe the source chain. It relies on verifiers to attest that cross-chain messages are valid.

Kelp’s configuration used a single verifier. One. In a system handling hundreds of millions of dollars, the entire confirmation model came down to a single source of truth. When the attackers compromised two RPC nodes that the verifier used to read blockchain state — and simultaneously took down the remaining nodes with a DDoS — the verifier was left seeing only what the attackers chose to show it.

The fabricated message claimed that 116,500 tokens had been burned on the source chain, authorizing an equivalent mint on Ethereum. The verifier confirmed it. The contract executed it. The attackers then avoided an immediate market crash by depositing a large portion of the newly minted tokens as collateral in Aave and borrowing real ETH against it — extracting liquidity without triggering visible price collapse. Aave was left holding collateral whose legitimacy was now in question.

Arbitrum’s Security Council voted to freeze roughly 30,766 ETH on their network — around $71 million — pending DAO governance decisions. That emergency mechanism helped preserve part of the funds. It also raised the question that comes up every time a council of individuals can freeze assets: how decentralized is a system that has this kind of override built in? There’s no clean answer. Both the intervention and the underlying tension are worth understanding before building on any cross-chain infrastructure.

What Actually Failed — and What It Demands

Three different protocols. Three different attack vectors. One shared pattern: the code executed correctly. What failed was the trust architecture surrounding it — who held the keys, how governance approvals worked under pressure, what happened when a single verification source was fed false data.

Smart contract audits are necessary. They are not sufficient. The questions that determined the outcome in each case above don’t appear in audit reports: Who has access to signing infrastructure? What is the review process before a governance action executes? If the single verifier in a cross-chain system is compromised, what is the actual blast radius?

We’ve been asking these questions about our own infrastructure since 2018 — not because we expected to be attacked, but because building swap infrastructure that 6,000+ wallets and platforms depend on forces a specific kind of honesty. When Ellipal integrated SimpleSwap into their air-gapped hardware wallets, where private keys never touch the internet and every transaction passes through QR codes, we had to answer precisely: at which layer does our system accept external input as authoritative, and what would it take to compromise that input? The same question came up with Tangem, where swap execution runs through device-mediated signing with limited NFC sessions. You can’t hand-wave trust boundaries when the partner’s entire security model depends on yours.

The Resolv case makes the operational consequence concrete. Eighteen audits covered the contract logic. Nobody covered what would happen if the cloud key management service were accessed by the wrong party. A signing key stored off-chain, with insufficient access controls, became the attack surface for a $25 million exploit — on a protocol that had done more security reviews than most teams ever commissioned.

This is why we aggregate liquidity from 15+ independent sources, with no single venue controlling more than 25% of flow. Not primarily as an execution optimization, but because the architecture needs to survive the failure of any individual component without that failure propagating to users. During the Black Wednesday event in 2025, when the industry’s average swap completion rate fell to around 10%, we ran at 98.7%. That outcome reflects a design assumption: anything can fail, so nothing critical should depend on a single source holding.

The 2026 hack spree isn’t a story about broken code. It’s a story about what happens when the operational layer around the code isn’t held to the same standard as the code itself. For anyone evaluating swap infrastructure, a DeFi protocol, or any platform where funds move: start with the audit. Then ask what the audit didn’t cover, who holds the keys, and what the system does when a trusted source stops being trustworthy.

Those are the questions that mattered in March and April 2026. They’ll matter in the next cycle too.

This article was written by SimpleSwap — a self-custody crypto swap platform. 2,800+ coins, 20M+ swaps since 2018. Private, fast, no sign-up required — your keys, your crypto.

How $771M Was Stolen From Protocols That Passed Every Audit was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.