JPMorgan Warns Security Flaws Hurt DeFi Growth Prospects

TLDR

• JPMorgan said persistent security flaws continue to limit DeFi’s institutional appeal.
• The KelpDAO exploit erased about $20 billion in total value locked within days.
• An attacker minted $292 million in unbacked rsETH and left nearly $200 million in bad debt.
• JPMorgan reported that hack losses this year are tracking 2025 levels.
• The bank said cross-chain bridge vulnerabilities remain a primary weak point.

JPMorgan reported that ongoing security breaches and flat total value locked limit decentralized finance growth. The bank linked repeated exploits to weaker institutional confidence and slower ecosystem expansion. Analysts also said recent attacks triggered capital shifts into stablecoins such as USDT.

JPMorgan Flags Structural Risks After KelpDAO Breach

JPMorgan said the KelpDAO exploit erased about $20 billion in total value locked within days. The bank described the incident as evidence of structural weakness across interconnected protocols.

An attacker breached a cross-chain bridge and minted $292 million in unbacked rsETH. The attacker then used the tokens as collateral to drain lending platforms and left nearly $200 million in bad debt.

The bank said contagion spread beyond the initial targets because protocols share liquidity and collateral links. As a result, losses affected platforms that had no direct exposure to the original breach.

Analysts led by Nikolaos Panigirtzoglou wrote, “Crypto participants have responded to recent exploits by seeking refuge in stablecoins.” They compared the move to traditional investors shifting into cash during uncertain periods.

JPMorgan said hacks continue to track levels recorded in 2025. The report stated that infrastructure and bridge exploits remain the primary weak points despite improved smart contract audits.

The bank explained that cross-chain bridges increase functionality but expand the attack surface. It added that complex validation systems and shared infrastructure raise the risk of large losses.

Stablecoin Flows Rise as TVL Growth Stalls

JPMorgan reported that total value locked has recovered in dollar terms but remains flat in ether terms. The bank said this pattern suggests limited organic expansion across decentralized finance platforms.

The report stated that muted growth raises questions about DeFi’s readiness for institutional scale. Analysts said institutional participation depends on stronger safeguards and predictable system behavior.

Following the exploit, capital moved from lending protocols into Tether’s USDT. JPMorgan said USDT benefits from deep liquidity and faster off-ramps during market stress.

The bank noted that stablecoins often act as a defensive allocation during volatility. It said participants rotate funds into dollar-pegged assets when protocol risk rises.

JPMorgan added that repeated breaches erode confidence in systems that rely on automated code. The report said attackers often exploit a single flaw to unlock large pools of assets.

The bank also stated that phishing attacks and bridge vulnerabilities expose locked funds across chains. It said the interconnected design of DeFi amplifies losses once an exploit begins.

JPMorgan concluded that security remains a core constraint on decentralized finance adoption. The report confirmed that recent hack losses align with levels recorded earlier this year.

The post JPMorgan Warns Security Flaws Hurt DeFi Growth Prospects appeared first on CoinCentral.