Web3 Risk Briefing

A bank will not let you pledge the same house as collateral to two lenders at once. But in the world of crypto staking, there is a mechanism that allows the same asset to simultaneously back multiple systems, with each system paying a separate yield. That mechanism is called restaking. Traditional finance has been using the same structure for decades under a different name, and the lessons that came out of that experience are worth understanding before you come across restaking as an option.

Staking ETH into Lido follows a clear logic: deposit any amount of ETH, receive equivalent stETH, automatically accumulate staking rewards, and maintain liquidity within the DeFi ecosystem. But behind this convenience, you have quietly entered a much larger financial structure.

The 2008 financial crisis left a lasting structural reflection: when assets are layered and repackaged for reuse, each layer creates yield while passing on risk, and the person holding the base asset often has almost no visibility into the real risk profile of the entire structure. Lido and Ethereum share a similar structural logic, not because they will reach the same outcome, but because they share the same core problem: when a tool becomes widely adopted, its connections to the broader system deepen in parallel. Today, Lido's scale has led people to ask again who qualifies as too big to fail inside Ethereum.

Most people who buy a hardware wallet do so for a specific reason: before authorizing any transaction, the device shows you exactly what you are approving. You read it on a physical screen, then press a button. That physical confirmation step is the point.

But there is a situation where pressing that button means approving something you cannot read. Instead of showing you which protocol is requesting access to which asset, the device displays a string of characters no one can interpret directly. This is called blind signing.

For many people entering Web3, the first thing they do is convert their money into a stablecoin. Stablecoins trade close to the dollar, and holding one feels like putting money into a digital safe. But what you hold is not a dollar. It is a promise about a dollar, issued by a specific institution under specific conditions. USDT, USDC, and DAI all look like dollar-equivalent assets, but they carry entirely different trust structures underneath. In March 2023, USDC fell to $0.8789 during the Silicon Valley Bank crisis and recovered only because of a temporary intervention by the US government. The stability of a stablecoin is a condition, not a guarantee. Before you choose which one to hold, it is worth understanding what you are actually trusting.

Native staking and liquid staking both allow your ETH to participate in Ethereum's consensus mechanism and generate yield. But they represent two fundamentally different trust structures. Native staking keeps you in a direct relationship with Ethereum, with control in your hands. Liquid staking gives you liquidity and a lower barrier to entry, but adds market, protocol, and governance dependencies in return. You interact directly with a liquid staking protocol, not with Ethereum itself. The liquid ETH token you hold is a derivative of native staking, not actual ETH. Before you choose liquid staking, it is worth understanding what you are actually exchanging.

Liquid staking sounds like staking made easier. Deposit ETH, receive a token, keep earning yield while staying liquid. That framing is not wrong. But it skips a layer of structural reality that exists from the moment you deposit. The protocol holds your withdrawal credentials, not you. The peg between stETH and ETH is maintained by market conditions, not a guarantee. Slashing losses are shared across all depositors regardless of which node caused them. None of this appears in the APY figure.

On May 15, 2026, THORChain was exploited for over $10.8 million across Bitcoin, Ethereum, BNB Chain, and Base. The protocol halted all trading within hours. That response is worth examining closely, because THORChain has repeatedly positioned itself as a censorship-resistant, permissionless network that cannot intervene in how its infrastructure is used. Today, when its own funds were at risk, the intervention happened quickly. The gap between what a protocol claims and how it behaves under pressure is one of the most important things to understand before using it.

On May 7, 2026, a liquidity provider called TrustedVolumes was exploited on Ethereum. $5.87 million was drained in a single transaction across four assets. The funds belonged to TrustedVolumes itself, not to individual users. But what this event reveals about how DeFi systems are actually constructed is relevant to anyone who uses them.

When you click "Connect Wallet" in Web3, you are not logging in. You are giving that website permission to interact with your wallet. These two actions look similar, but they are fundamentally different in nature. Logging in lets the other party recognize you. Granting an approval lets them act on your assets, and that approval does not cancel itself. If you connected to a site today and authorized it to interact with a token, and six months later that site was compromised, your approval would still be valid. As long as that contract exists, it holds the permission you gave it. This is why many people have had assets disappear from their wallets without doing anything at all.

Every time you interact with a DeFi protocol, you grant a smart contract permission to move your tokens. That approval does not expire when the transaction is done. It does not reset when you disconnect your wallet or stop using the protocol. The permissions you granted months or years ago are still active, and most of them you no longer remember. In 2024 alone, over $200 million was lost to approval-based exploits. Most victims had no idea the permissions still existed.

In traditional finance, a compromised account triggers a process. You call the bank. They freeze the card. Transactions can be disputed. Chargebacks exist. Fraud departments investigate. The system was built with the assumption that mistakes happen and some of them can be corrected.

In Web3, a transaction that has been confirmed on the blockchain is the final result. There is no dispute process, no freeze mechanism, no institution with the authority to intervene. This is not a flaw in the system. It is how the system was designed to work. The same property that makes blockchain transactions trustless and censorship-resistant also makes them irreversible. Understanding this is where understanding what a compromised wallet actually means has to begin.

A blockchain is a shared digital ledger. Instead of being stored and controlled by one company or institution, copies of the ledger are distributed across many computers connected to the network.

Every transaction added to the ledger is grouped into blocks. Once confirmed and added to the chain, those records are designed to be extremely difficult to alter. This is why blockchains are often described as tamper-resistant systems.

Your seed phrase is not a password. Passwords can be reset. If you forget a password, there is a recovery flow, a support team, an account verification process. Seed phrases have none of that. Whoever has your seed phrase has your wallet, completely and permanently, with no mechanism to reverse it.

Most people who lose funds to seed phrase theft did not make an obvious mistake. They responded to something that looked legitimate. The theft happened because the request felt reasonable in the moment. Understanding why that request is never reasonable, regardless of how it appears, is what this article is about.

When you open a DeFi application, you see an interface. A number showing the current yield. A button to deposit. The experience feels similar to depositing money into a savings account — you put funds in, the protocol does something with them, you earn a return.

What you are actually doing is more layered than that. The interface is the surface. Beneath it is a chain of systems, each one making assumptions about the others, each one a point where something can go wrong. In normal conditions, this chain is invisible — not because it is simple, but because it is working. A pressure event makes it visible all at once.

On April 18, 2026, a forged instruction reached Kelp DAO's cross-chain bridge. The bridge believed it. In 46 minutes, 116,500 rsETH tokens worth approximately $292 million left for an attacker-controlled address. No password was stolen. No encryption was cracked. The bridge was told a lie and had no mechanism to know.

What followed was not a simple theft. The attacker deposited the stolen rsETH into Aave as collateral, borrowed approximately $190 million in real ETH, and triggered a chain of freezes and withdrawals that pulled roughly $6 billion out of DeFi's largest lending protocol over the following days. Users who had never heard of Kelp DAO found their positions frozen. This is what DeFi composability risk looks like when it activates.

Fake wallet apps impersonate legitimate wallets like MetaMask, Trust Wallet, and Ledger Live. They appear in app store search results, Google ads, phishing sites, and social media links — and they are not accidents. They are manufactured at scale, targeting every major wallet brand, designed around one specific goal: getting you to type in your seed phrase.

If you do, the attack is complete. Everything in that wallet can be transferred out within minutes, and there is nothing to reverse it.

A smart contract is a program that lives on a blockchain and executes automatically when predefined conditions are met. There is no company running it, no employee processing it, and no one who can intervene once it starts. If the conditions are satisfied, the contract executes. If they are not, it does not.

This is a genuinely different way of building agreements and financial systems. It removes the need for a trusted intermediary. It also removes the safety net that intermediary would have provided.

A crypto bridge is a protocol that moves assets between two different blockchains. Without bridges, assets on Ethereum stay on Ethereum. Bitcoin cannot natively interact with Solana. Each blockchain is a closed system. Bridges create connections between those systems.

That connectivity is also why bridges are consistently among the most exploited targets in crypto. Moving assets across chains requires locking value in one place and representing it in another. That locked value is the target.

Since 2021, cross-chain bridge exploits have resulted in over $2.8 billion in stolen funds across dozens of incidents. The Kelp DAO bridge attack in April 2026 alone drained $292 million in under an hour.

When you buy cryptocurrency, you face an immediate decision you may not realize you are making: do you leave it where you bought it, or do you take possession of it yourself?

Leaving it on an exchange is simpler. Taking custody of it yourself is fundamentally different. The distinction is not about convenience. It is about who controls the asset, what risks each arrangement carries, and what happens when something goes wrong.

Most people who are new to crypto default to leaving funds on exchanges. Most people who have been in crypto long enough to see an exchange fail default to self-custody. The gap between those two positions is what this article is about.

In the first quarter of 2026, Web3 projects lost $482 million across 44 separate incidents. The largest single loss, $282 million, came not from a smart contract exploit but from a social engineering attack targeting a hardware wallet operation. Six projects that had been audited still lost a combined $37.7 million. One of them, Resolv, had undergone 18 separate audits before it was exploited.

The pattern that defined crypto theft in 2026 is not about broken code. It is about broken trust, compromised people, and infrastructure that most security frameworks were never designed to protect.

Choosing liquid staking on Solana is not just choosing a more convenient way to stake. It is exchanging one set of risks for a different set, with extra layers added on top. Most people making this choice do not realize they are making an exchange at all.

Both paths earn staking yield. Both involve delegating SOL to validators. The difference is not in what you earn. It is in what you are trusting, and what happens if that trust is tested.

FTX was once the world's second-largest cryptocurrency exchange. In November 2022, it collapsed in eight days. More than $8 billion in customer funds was missing. Its founder, Sam Bankman-Fried, was arrested, tried, and sentenced to 25 years in prison.

Customers who had trusted the platform with their savings discovered that their balances — however accurately the numbers appeared on screen — did not correspond to assets that actually existed.

FTX was not a story about a hack or a technical failure. It was a story about what happens when a centralized institution holds your money and you have no way to verify what they are actually doing with it.

You didn't buy it. You didn't sign up for anything. But one day you open your wallet and there it is — an NFT you've never seen before, from a project you don't recognize, sitting there like it belongs.

This is not a glitch. It was put there deliberately. And the people who sent it are waiting to see what you do next.

Receiving an unsolicited NFT is not dangerous on its own. What happens next — whether you interact with it — is what determines whether your wallet stays safe or gets drained.

Social engineering refers to the use of psychological manipulation to induce individuals to perform actions they would not normally take. In the crypto ecosystem, it has become the dominant category of loss, exceeding damages from smart contract exploits, exchange breaches, and infrastructure vulnerabilities in recent periods.

This matters because these attacks do not rely on technical flaws. They rely on influencing human decisions. The system remains intact; the user becomes the point of failure .

A private key and a seed phrase are two different ways of representing the same thing — control over a cryptocurrency wallet. Understanding the difference between them is one of the most important things anyone entering Web3 can learn, because losing either one means losing access to everything in that wallet, permanently.

Most crypto theft and permanent loss traces back to one of two things: a private key was exposed, or a seed phrase was shared. These are not recoverable situations. There is no customer support, no password reset, no way to appeal. The blockchain does not know who you are — it only recognizes whoever holds the key.

Risk level: High

Impact: If a private key or seed phrase is exposed, the wallet is effectively compromised. There is no password reset, no identity verification, and no way to reverse transactions.

Users who lose access to both their wallet and seed phrase permanently lose their funds. This has happened to many early crypto holders.

• Never share your seed phrase with anyone, under any circumstances — no legitimate service, support agent, or application will ever ask for it
• Store your seed phrase offline, written by hand, in a secure physical location — never in a photo, cloud document, or password manager
• Understand that importing your seed phrase into any application gives that application full access to your wallet
• Treat your private key with the same caution as your seed phrase — they are functionally equivalent in terms of access
• If either has been exposed, assume the wallet is compromised and move funds to a new wallet immediately

DeFi — short for decentralized finance — refers to financial services built on blockchains that operate without banks, brokers, or any central authority. Instead of a company managing the rules, DeFi protocols run on smart contracts: code that executes automatically when certain conditions are met.

DeFi removes the middleman. It also removes the safety net that comes with the middleman.

When a DeFi protocol is exploited, there is no fraud department. When a smart contract has a bug, there is no patch that protects users retroactively. When funds are gone, they are usually gone. This is not a reason to avoid DeFi entirely — it is a reason to understand it clearly before engaging with it.

In April 2026, Poland's largest cryptocurrency exchange, Zondacrypto, entered a public crisis involving at least $97 million in losses and up to 30,000 users unable to withdraw funds. The issue centers on a cold wallet holding approximately 4,500 BTC (~$330 million) whose private key was never transferred after a 2021 ownership change. The founder holding the key, Sylwester Suszek, disappeared in March 2022. The current CEO initially cited the wallet as proof of solvency, then admitted the exchange cannot access it. Authorities have launched a criminal fraud investigation.

On-chain data shows over $21 million transferred out of exchange-linked wallets while hot wallet balances dropped by 99.7%. User withdrawals remain frozen, governance has broken down, and the situation has escalated into a national political scandal. Recovery prospects remain uncertain, with cross-border complications and key individuals unavailable or missing.

On April 19, 2026, Vercel disclosed a security breach originating from a compromised OAuth token linked to a third-party tool, Context.ai. Attackers used Lumma Stealer malware to access a Vercel employee’s Google Workspace account and retrieve internal environment variables. These variables contained API keys and credentials used by Web3 applications hosted on Vercel. The stolen dataset — including source code and employee records — was later listed for sale for $2 million.

No confirmed on-chain funds were stolen, but the incident exposed a critical risk layer: frontend infrastructure. Multiple Web3 projects, including Orca, initiated emergency credential rotations. The full extent of downstream exposure remains unknown. Compromised API keys and deployment environments could potentially affect user-facing interfaces, even if underlying smart contracts remain intact.

On April 16, 2026, Rhea Finance — a lending protocol on the NEAR blockchain — was exploited via a logic flaw in its slippage protection mechanism, resulting in approximately $18.4 million drained from its reserve pool. The attacker spent two days preparing the exploit before execution. The vulnerability allowed the same intermediate token value to be counted multiple times during multi-step swaps, making positions appear sufficiently collateralized when they were not. This enabled the attacker to borrow against inflated values and extract real assets from the protocol.

Liquidity providers in affected pools experienced direct losses, and the protocol’s native token RHEA declined sharply in value. The exploit triggered cascading liquidations across the system, fully draining the reserve pool. Approximately $9 million has been recovered or frozen, including $3.29 million USDT frozen by Tether. However, around $8.4 million remains unrecovered, and compensation details have not yet been finalized.

Between April 7 and 13, 2026, a malicious app impersonating Ledger Live appeared on the Apple App Store. It was published under a shell developer account called "Leva Heal" — completely unrelated to Ledger — but looked nearly identical to the real application. Over 50 users downloaded it, entered their seed phrases when prompted, and had their wallets drained within minutes. Total losses exceeded $9.5 million across Bitcoin, Ethereum, Solana, Tron, and XRP. Three victims each lost over a million dollars. One musician posted online: "I lost my retirement fund. Ten years of Bitcoin. Gone in an instant." Apple removed the app after six days. The developer account was terminated. No public explanation was given for how it passed review. What this reveals The App Store's review process is not a guarantee of safety. The attackers did not exploit any code vulnerability. They exploited trust — specifically, the widespread assumption that anything listed on the App Store has been verified and is safe to use. What made this especially effective is that the real Ledger Live app is not available on the Mac App Store at all. It can only be downloaded from Ledger's official website. Most victims had no idea. What users should know Before downloading any Web3-related app, check the official website to confirm the correct download source If any app asks for your seed phrase, stop immediately — no legitimate app ever needs it Verify the developer name matches what the official company publicly states Being listed on the App Store does not mean an app is official or safe Your seed phrase is the only key to your assets. Any place that asks for it is a dangerous place — no matter how official or trustworthy it appears.

On April 11, 2026, musician G. Love switched to a new computer and opened the Mac App Store to find Ledger Live, the wallet software he'd been using for years. He found an app with a familiar icon, downloaded it, and...

On April 1, 2026, Drift Protocol — a decentralized derivatives exchange on Solana — was drained of approximately $285 million. This was not a code exploit. Attackers spent six months posing as a quantitative trading firm, building genuine relationships with Drift team members at real crypto conferences. They exchanged business cards, shared meals, and earned trust over time. Once that trust was established, they sent malicious links and code repositories for team members to run on their own machines — ultimately gaining control of admin private keys. With those keys in hand, the attackers completed the withdrawal in under 12 minutes.

Wasabi Protocol lost $4.5 million due to suspected exploit or admin key compromise. Users interacting with the protocol may be exposed, and funds held in the protocol may be at risk.

Existing assets may face fund loss if the protocol remains compromised. Continued interaction can expose user funds to protocol-level control risk, compromised contracts, or unsafe admin authority.

• Avoid interacting with the affected protocol.
• Do NOT deposit funds into the protocol.
• Withdraw assets if possible.
• Monitor official announcements before taking further action.

Many platforms in Web3 are described as “decentralized.” But in practice, control is often more concentrated than users expect. A recent incident involving Drift Protocol on Solana highlights a critical risk: when...

1. What this means In Web3, many websites will ask you to “connect your wallet.” This is not just a login. It is a permission request.