Ripple Chief Technology Officer, David Schwartz, has issued a fresh warning to the decentralized finance (DeFi) sector, cautioning that widely used cross-chain bridges may be vulnerable to the same structural weaknesses that enabled the recent KelpDAO exploit.
The KelpDAO exploit became one of the largest crypto hacks of 2026, with early estimations linking the $292 million lost from the platform to the North Korean Lazarus Group. On X, the Ripple CTO said he had reviewed several DeFi infrastructures, focusing solely on security and risk. His remarks come days after the breach reignited concerns about the security of cross-chain infrastructure. Based on his research, he determined that most DeFi systems include top-tier security tools, but the very mechanisms designed to prevent KelpDAO-style attacks are treated as optional.
Ripple CTO urges DeFi platforms to prioritize security
According to the Ripple CTO, incidents like these occur because teams don’t want to bear additional operational complexity costs. He wrote, “They generally in effect recommended not bothering to use the most important security mechanisms because they have convenience and operational complexity costs.” Schwartz said his concerns emerged during evaluations of bridge systems for Ripple’s planned RLUSD stablecoin.
While many protocols appear robust in design, he argued that real-world deployments often fall short because teams prioritize convenience and rapid expansion over strict security practices. In his post, the Ripple CTO also highlighted that the rush to scale across chains has created a growth-first, safety-second culture in which the most important safeguards are being ditched.
He asserted that most platforms’ selling points emphasize easy integration, with the unspoken expectation that the most robust security tools wouldn’t actually be used. Additionally, he said the KelpDAO attack reflects a dangerous pattern in which teams opt for convenience over the best-in-class security already available to them— similar to what he observed during his DeFi evaluations.
He stated, “I have a funny feeling part of the problem is going to be something like KelpDAO choosing not to use key LayerZero security features out of convenience.” More recently, some analysts also sounded the alarm that Wrapped XRP (wXRP) on Solana could be the next domino to fall, since it relies on third-party issuers, and it carries the same counterparty risks that just cost KelpDAO $292 million.
XRP Ledger validator, VET on X, wrote, “wXRP is an issued asset; it doesn’t come close to holding native XRP via self-custody from a risk POV.” However, some cross-chain protocols have already started putting up defenses. Flare, for instance, temporarily suspended FXRP bridging activity, holding off any token redemptions. Schwartz had also commented soon after the KelpDAO exploit. He described the attack as sophisticated and noted that it exploited KelpDAO’s lack of oversight.
