Ripple CTO Emeritus David Schwartz said his review of DeFi bridge designs for Ripple’s RLUSD highlighted a recurring issue that may now be at the center of the KelpDAO/rsETH incident: Critical security controls exist, but teams are often pushed toward lighter configurations because they are easier to use and faster to scale.
In a series of articles on What stood out, he wrote, was not the lack of tools. According to him, many systems already offered strong protections against the type of failure currently being discussed around KelpDAO. The problem was that these protections were often accompanied by friction.
Former Ripple CTO warns bridge outages could repeat
“One thing I noticed is that most of the systems were very well designed and had very strong mechanisms to protect against exactly the type of attack that the KelpDAO/rsETH situation appears to have been caused by,” Schwartz wrote. “However, one thing I noticed is that they generally recommend not bothering to use the most important security mechanisms because they incur convenience and operational complexity costs.”
The former Ripple-CTO does not say that transition teams lack security features on paper. He says some business models aim to make these features optional, even when the assets secured may eventually grow large enough to make the compromise untenable.
“Their selling point was that they have the best security features, but are easy to use and scalable provided you don’t use the security features,” he wrote. “I have a funny feeling that part of the problem will be that KelpDAO chose not to use key security features of LayerZero out of convenience. I hope I’m wrong.”
The broader concern, according to Schwartz, is the design of incentives. If applications are allowed to choose their own trust assumptions, competition may drift toward lower-friction configurations rather than higher-assurance configurations. This point was explicitly raised by XRP community figure Vet, who argued that letting apps define their own security “inevitably goes downhill.”
Schwartz pushed back in part, saying simpler setups may make sense when the value is still low or when the assets are already guaranteed by a trusted issuer and can be frozen. But he also suggested that in open crypto markets, temporary shortcuts can become permanent.
“It’s getting incredibly complicated. I’d say probably not,” the former Ripple CTO wrote when asked if the projects could be held responsible for losses. “But the entire DeFi bridging industry is infected by people using moderate security because ‘we just need to make it work, we’ll improve it later’, which results in huge amounts of money being protected and further improvements never coming.”
He was also candid about the industry’s habit of relearning the same lesson after every explosion. “We could wait until we have a perfect solution, but that’s not the choice everyone made,” Schwartz said. “So every once in a while we’ll have a big failure and then everyone will pay attention for a month or two and the cycle will repeat.”
Overall, Schwartz frames the problem as structural: DeFi continues to try to increase liquidity across chains before it has resolved how to manage bridging risk at the level of demands for others’ money. Even Schwartz, while defending some narrower uses of simpler bridge configurations, acknowledged that decentralized governance remains poorly suited to difficult security decisions regarding detention risk.
The backdrop is the April 18 rsETH incident involving KelpDAO. An attacker exploited KelpDAO’s LayerZero-powered rsETH bridge and drained 116,500 rsETH, valued at approximately $290 million. Aave’s Guardian subsequently froze the rsETH and wrsETH markets in deployments where the asset was listed, emphasizing that Aave itself had not been hacked and that the problem was with the asset rather than the lending protocol.
Aave later said that all pools remained operational, but that the freeze had halted new deposits and borrowing against rsETH collateral while the situation was assessed. The episode quickly evolved into a broader DeFi risk event because rsETH had been integrated into lending markets, raising new questions about collateralization standards, bridge configuration choices, and whether convenience-driven interoperability is still undervalued across the stack.
At press time, XRP was trading at $1.40.
Featured image created with DALL.E, chart from TradingView.com
Editorial process as Bitcoinist focuses on providing thoroughly researched, accurate and unbiased content. We follow strict sourcing standards and every page undergoes careful review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance and value of our content to our readers.
