Today's top news highlights:
1. Macroeconomic Outlook for Next Week: Markets Focus on Warsh's Federal Reserve Chair Nomination Hearing; US-Iran Tensions Rise Amidst Uncertainty in the Middle East
2. Shipping sources: The Strait of Hormuz is closed again, prohibiting any ships from passing through.
3. Kelp DAO cross-chain bridge attacked, approximately $292 million worth of rsETH transferred out.
4. Aave: The rsETH market on V3 and V4 has been frozen, and potential bad debts are being assessed.
5. RaveDAO denies manipulating RAVE price: Plans to introduce a lock-up mechanism and sell tokens as planned for operations.
6. A total of $6.6 billion has been withdrawn from Aave in a single day, with stablecoins accounting for $3.3 billion.
Regulation & Macro
Shipping sources: The Strait of Hormuz is closed again, prohibiting any ships from passing through.
According to Jinshi News, shipping sources said that merchant ships received a radio message from the Iranian Navy that the Strait of Hormuz has been closed again, prohibiting any ships from passing through.
Over the past week, market expectations for a negotiated end to the conflict between the US and Iran have continued to rise, with risk appetite surging further on Friday after the Iranian Foreign Minister announced the opening of the Strait of Hormuz. With the temporary ceasefire agreement between the US and Iran nearing its expiration, the Middle East geopolitical situation remains a key variable for the market. Market attention will also be focused on next week's confirmation hearing for Federal Reserve Chair candidate Warsh, as well as US retail sales data and preliminary April manufacturing PMI figures for Europe and the US. Here are the key points the market will be paying attention to in the coming week:
European Central Bank President Christine Lagarde will deliver a speech at 23:00 on Monday.
Tuesday, 8:30 PM: US March retail sales (month-on-month).
At 22:00 on Tuesday, the US February Business Inventories (MoM) and the US March Pending Home Sales Index (MoM) will be released.
On Tuesday at 22:00, the U.S. Senate Banking Committee held a hearing on Kevin Warsh's nomination as Chairman of the Federal Reserve.
At 22:30 on Wednesday, the U.S. EIA crude oil inventory data for the week ending April 17 will be released.
At 8:30 PM on Thursday, the number of initial jobless claims in the United States for the week ending April 18 will be released.
At 21:45 on Thursday, the preliminary reading of the US S&P Global Manufacturing/Services PMI for April will be released.
At 22:00 on Friday, the final reading of the University of Michigan Consumer Sentiment Index for April and the final reading of the one-year inflation rate expectations will be released.
The U.S. retail sales data for March, scheduled for release next Tuesday, may be one of the few bright spots among the economic data to be released next week. The data will demonstrate the extent to which soaring energy prices triggered by the Middle East wars have dampened consumer spending, which was already weak before the conflict broke out.
Pakistani sources: US-Iran talks may be held before Friday.
According to Jinshi News, two Pakistani security sources indicated that negotiations between the United States and Iran are likely to take place before Friday. The sources stated their assessment was based on several factors: two U.S. heavy transport aircraft (C-17 Globemaster IIIs) have landed at the Nur Khan Air Base in Rawalpindi, near Islamabad, the Pakistani capital. Furthermore, roads leading from the airport to Islamabad's Red Zone have been temporarily closed, indicating escalated security measures. Finally, the sources indicated that the Serena Hotel and Marriott Hotel in Islamabad are checking out guests and will not accept new bookings before Friday. The Serena Hotel is the venue for the first round of U.S.-Iran talks on April 11.
Poland's crypto law fails to pass parliament for the second time, hindering regulatory progress.
The Polish parliament once again failed to overturn President Karol Nawrocki's veto of a crypto regulatory bill, continuing the political deadlock in the country on the path to digital asset regulation.
In the latest vote, lawmakers failed to reach the 263-vote threshold required to overturn the veto, with only 243 votes against and 191 in favor. The bill, pushed by Prime Minister Donald Tusk, aims to align Poland with the EU's Crypto-Asset Market Regulatory Framework (MiCA), which Poland remains one of the few member states that has not yet implemented.
The president's side, however, maintained its opposition, citing excessive regulation, lack of transparency, and the potential increase in burden on small and medium-sized enterprises. Finance Minister Andrzej Domański warned that a lack of regulation could turn the market into a "haven for scammers," increasing risks for investors.
Furthermore, Zonda, Poland's largest cryptocurrency exchange, has also been embroiled in controversy. The government has accused it of links to illicit funds, while CEO Przemysław Kral has denied these allegations and stated that he will take legal action to protect his rights. This vote marks the second time, since December of last year, that a presidential veto has failed to overcome the bill, leaving its future uncertain.
Project Updates
Ethereum Name Service (ENS), an Ethereum domain name service provider, issued a security alert on the X platform, confirming a security issue on the platform and advising users to temporarily avoid accessing eth(dot)limo-related links. Its team has begun investigating the security issues affecting DNS registrars.
ENS clarified that the issue currently only affects the eth(dot)limo domain name resolution service and does not involve eth(dot)link, nor will it affect the normal use of the ENS domain name service itself. This warning is issued out of caution; users should avoid using eth(dot)limo links until the relevant team confirms the issue is fully resolved. Further updates will be provided as they become available.
According to Wall Street News, the high-profile power struggle at OpenAI over two years ago is still being talked about, and now a new personnel upheaval may be brewing – OpenAI shareholders are considering replacing Sam Altman again. Media reports indicate that some OpenAI investors believe Altman is too distracted by various "side projects," questioning his suitability to lead OpenAI to an IPO and turning their attention to another executive. On April 18th alone, three core OpenAI personnel announced their departure: Sora founder Bill Peebles, OpenAI Chief Product Officer Kevin Weil, and Enterprise Applications CTO Srinivas Narayanan.
It's worth noting that a few days ago, another report pointed out that OpenAI's $852 billion valuation was being questioned, and some investors were extremely dissatisfied with the company's business direction. One early investor bluntly stated, "You have a ChatGPT business with 1 billion users and an annual growth rate of 50% to 100%, and you're still talking about the enterprise market and code tools? This is a company that seriously lacks focus." Meanwhile, secondary market data shows that demand for Anthropic stock is surpassing that for OpenAI, and for the first time, buyers are willing to pay a valuation premium for Anthropic.
Doubts about Altman's suitability as CEO of a publicly traded company have long existed, primarily stemming from his private investments. When Altman was ousted, some members of OpenAI's board questioned his investments in other "side projects." Altman has consistently maintained that he holds no shares in OpenAI to avoid being influenced by financial motives in his decision-making.
Kelp DAO's rsETH cross-chain bridge was attacked. Attackers transferred approximately 116,500 rsETH from the bridge via LayerZero-related contract calls, equivalent to about $292 million at current prices. The protocol suspended its core contract approximately 46 minutes later, preventing further attack attempts. The Kelp team stated that it has suspended rsETH contracts on the mainnet and multiple L2 blockchains for investigation. Furthermore, the team is collaborating with LayerZero, Unichain, auditors, and top security experts to conduct a root cause analysis.
Aave: The rsETH market on V3 and V4 has been frozen, and potential bad debts are being assessed.
In response to the KelpDAO attack, Aave issued a statement saying that the rsETH market on Aave V3 and V4 has been frozen, and the asset currently has no lending capabilities. Neither Aave V3 nor V4 holds rsETH. Aave's contracts were not attacked; the attack was related to rsETH. The freeze was caused by a vulnerability in the Kelp DAO rsETH bridging mechanism. The rsETH market was frozen to prevent new rsETH deposits and collateralized loans while the situation is assessed. The team is reviewing rsETH lending information that occurred on Aave after the vulnerability attack and will share more details as soon as possible. If the protocol has accumulated bad debts due to this incident, the team will explore ways to mitigate the losses.
Previously, it was reported that the Kelp DAO cross-chain bridge was attacked, and approximately $292 million worth of rsETH was transferred out.
The KelpDAO hackers obtained approximately $250 million worth of ETH through staking and selling.
According to on-chain analyst Ember, KelpDAO was exploited early this morning to mint 116,500 rsETH out of thin air, resulting in a loss of up to $293 million. Most of these 116,500 rsETH were deposited into Aave and then used to borrow ETH, while a small portion was sold and exchanged for ETH. The hackers obtained a total of 106,466 ETH ($250 million) through staking and selling.
Justin Sun redeemed approximately 53,700 ETH from Aave five hours ago, worth $126 million.
According to on-chain analyst Ai Yi, Justin Sun redeemed 53,665 ETH from Aave five hours ago, worth $126 million. This portion of ETH is currently still in his wallet and has not yet been transferred.
In a discussion on SpaceX about the late Liv Perrotto, she had expressed her wish to have her design, "ASTEROID," used as SpaceX's mascot. Musk replied "OK."
According to GMGN data, the name-named coin ASTEROID experienced a short-term surge, rising from $16 million to approximately $164.2 million, with a 24-hour trading volume of approximately $78 million.
LayerZero issued a statement saying it is fully aware of the rsETH vulnerability and has been actively working with the KelpDAO team to fix it since the incident occurred, while continuously monitoring the situation. Other applications remain secure. The LayerZero team is working with SEAL and other organizations to find the root cause. Once all information is available, a full post-incident analysis report will be released together with KelpDAO.
In response to the Kelp DAO attack, Morpho CEO Paul Frambot stated that Morpho smart contracts are secure and functioning correctly. Exposure is limited, and curator took immediate preventative measures; only approximately $1 million worth of ETH was lent out as collateral in two isolated markets (out of thousands of markets). Of the approximately 500 Morpho Vaults (with deposits exceeding $10,000), only two are involved in these markets, and the final impact remains to be seen as the incident unfolds; due to Morpho's fully isolated market design, all other Vaults were unaffected. While the direct impact on Morpho is limited, second-order effects may still exist due to its broader ecosystem exposure.
Opinions & Analysis
According to an article posted on the X platform by on-chain analyst Ai Yi, on-chain detective ZachXBT was the first to start the fire, Bitget responded by launching an investigation, and called on other exchanges to follow suit. RAVE was affected by this and plummeted by about 35%. Strangely, Binance's RAVE contract OI (coin-based) did not change much.
The suspected manipulator's address currently holds 750 million tokens, with a total value exceeding $8.2 billion, representing a 75% concentration of token holdings.
Galaxy Research Director Alex Thorn disclosed data on the X platform, stating that the United States has added a total of 518 Bitcoin addresses to the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) SDN sanctions list over the past few years. These addresses have received approximately 249,814 BTC and transferred out 239,708 BTC, and currently hold a net of approximately 9,306 BTC, equivalent to approximately $707 million at current prices.
RaveDAO responded to recent rumors of market manipulation surrounding the RAVE token in a statement on the X platform, clarifying that the team was not involved and is not responsible for the recent price fluctuations.
RaveDAO stated that it will explore token lock-up mechanisms, including those triggered by price or performance, to align team incentives with ecosystem growth. Simultaneously, the team plans to sell a portion of unlocked tokens at an appropriate time according to the established TRS mechanism, using the proceeds for operational, recruitment, marketing, and strategic investment expenditures.
RaveDAO emphasized that the project's long-term goal is to promote the large-scale adoption of Web3 through offline activities, and pledged to use a portion of the proceeds for charitable purposes. Currently, 20% of the activity profits have been used for charity. It also stated that it will continue to focus on product, community, and compliance building, and promote the integration of on-chain entertainment with the real world.
Chain detective ZachXBT previously reported that the "pump and dump" behavior of RAVE tokens originated from three cryptocurrency exchanges. In response, Binance Co-CEO Richard Teng stated on the X platform: "Thank you ZachXBT for reporting this to Binance. We are currently investigating and will always fulfill our responsibilities to investigate all market misconduct."
According to on-chain analyst Ember, over $5.4 billion in assets were urgently withdrawn from Aave for hedging purposes after hackers borrowed a large amount of ETH by staking illegally minted rsETH on Aave. This included Justin Sun retrieving his 65,584 ETH ($154 million) from Aave. The remaining on-chain lending demand flowed into protocols like Spark: demand drove ETH deposit rates on Spark to a peak of 130%. Currently, 18% remains.
Regarding the Kelp theft of 116,500 rsETH, SlowMist's preliminary analysis suggests that the attacker used a 1/1 DVN configuration on LayerZero, a classic "single-signature" configuration, while the official LayerZero documentation recommends a 2/2 configuration by default. This "single-signature, single-point" configuration may have been compromised by social engineering techniques (this is just speculation, pending further investigation). The attacker successfully absconded with 116,500 rsETH on Ethereum, and actually attempted to abscond with another 40,000 rsETH twice, but failed. The attacker's transaction fees came from Tornado Cash. The 116,500 rsETH was dispersed and liquidated, putting pressure on various staking platforms, especially Aave, which is now experiencing massive bad debts.
Regarding the theft of rsETH from KelpDAO, crypto KOL benmo.eth analyzed that the incident has far-reaching implications, mainly reflected in the following six points:
1. The security of packaged assets such as LRT cannot be compared with that of native assets, and lending platforms cannot treat these two types of assets as equal collateral.
2. L0 will lose part of the cross-chain market in the future. Several assets such as USDE and USD0 have already stopped L0 cross-chain operations. Even if business resumes, it may be difficult to restore the original reputation.
3. AAVE's "golden skin" has been broken, and the security of the monopolistic lending market is once again under scrutiny by major players. Each additional collateral asset increases the risk of the original collateral assets equally, which is inherently unfair to the original assets. V4 and modularity are the trends in lending product development, and this transformation is likely to accelerate. Choosing a lending business, rather than a lending platform or curator, is an option, but the costs of this business are increasing.
4. The cost of acquiring TVL in L2 will increase further, and the TVL level will now flow back to L1.
5. DeFi has halted its expansion strategy, reverting to a conservative and secure approach, and further measures are needed to prevent scanning by Anthropic Mythos.
6. From a risk control perspective, large lending platforms should consider the feasibility of on-chain delayed withdrawals when faced with large withdrawals.
Important data
Blockchain analytics platform Arkham announced on its X platform that it has identified the on-chain wallet address of Morgan Stanley Bitcoin Trust (MSBT), a spot Bitcoin exchange-traded fund owned by Morgan Stanley. It has become the first platform to publicly identify the on-chain BTC holdings of the ETF, allowing users to track fund inflows and outflows in real time.
It is reported that the Morgan Stanley Bitcoin ETF was listed on the NYSE Arca on April 8, with Coinbase and BNY Mellon serving as custodians. According to Arkham tracking data, it currently holds 1,348 BTC, worth approximately $103.92 million.
Due to whales rushing to withdraw ETH, ETH utilization on Aave has reached 100%.
According to Lookonchain monitoring, due to the KelpDAO vulnerability attack, attackers deposited rsETH into Aave to borrow ETH, creating bad debt on Aave. Many whales have already rushed to withdraw their ETH from Aave. ETH utilization on Aave has now reached 100%.
Multiple whales successively sold off AAVE shares, causing AAVE to drop by over 18% in a single day.
According to Lookonchain monitoring, due to the KelpDAO vulnerability causing bad debts in AAVE, many whales have been selling off AAVE, causing AAVE to fall by more than 18% today. Among them:
- Smaugvision sold 20,015 AAVE at an average price of $103 per AAVE, for a total of 2.06 million USDC.
- Whale 0xFC56 sold 20,000 AAVE at an average price of $103 per AAVE, for a total of 2.05 million USDC.
- Whale 0xA2E4 sold 19,666 AAVE (worth $1.95 million) at an average price of $99 per AAVE, in exchange for 505.65 ETH (worth $1.18 million) and 10.11 WBTC (worth $765,000).
According to on-chain analyst Ember, $6.6 billion has been withdrawn from Aave today, half of which ($3.3 billion) is in stablecoins. Following this massive outflow, both deposit and borrowing rates have surged, with USDT and USDC stablecoin deposit rates reaching 13.4% and borrowing rates reaching 15%.
