Annual Loss Rate Only 0.03%: Data Disassembles the Real Risk of DeFi Lending

marsbitPublicado a 2026-05-18Actualizado a 2026-05-18

Resumen

DeFi lending's real-world annual loss rate from hacks and exploits is approximately 0.03% of the Total Value Locked (TVL), excluding cross-chain bridge incidents. This analysis, based on data from DeFi Llama, shows that while lending protocols are frequent targets due to their concentrated assets, the actual financial impact relative to the sector's massive scale is minimal. The overall DeFi hack total of $77.51B is heavily skewed by cross-chain bridge breaches. Removing those, losses drop to $45.18B, with lending and AMM protocols being the most affected non-bridge categories. Risk has significantly improved as the ecosystem has matured. For the year leading to May 2026, net losses in EVM and Solana lending protocols were $30.1 million against an average daily TVL of $99.6 billion, resulting in the 0.03% loss rate. Notably, the industry's asset recovery capability, exemplified by the full recovery and surplus from the Euler Finance hack, mitigates net losses, with a ~20% recovery rate for non-bridge lending incidents. Attack scale follows a log-normal distribution, meaning most incidents are small, and catastrophic losses are rare. This demonstrates that diversification across protocols is an effective risk mitigation strategy. The data indicates that DeFi lending has evolved into a measurable, compartmentalized, and relatively low-risk sector within the broader digital asset landscape.

Written by: Alex McFarlane

Compiled by: Chopper, Foresight News

Every disruptive financial technology is bound to experience growing pains, and decentralized finance (DeFi) is no exception. In the early days, lending markets launched rapidly and expanded dramatically. The industry was hit by various security attacks in the open market one after another, then gradually explored ways to improve code security, collateral risk control, oracle mechanisms, liquidation logic, and governance systems.

Past risk cases have reference value, but they can no longer represent today's mature DeFi ecosystem. After all, those who only review history often fail to seize current opportunities.

Excluding security incidents related to cross-chain bridges, the estimated annual loss rate caused by theft and malicious attacks for DeFi lending operations on Ethereum Virtual Machine (EVM) and Solana chains is about 0.03% of the total value locked (TVL) in lending. This analysis data is all integrated from hacker attacks and vulnerability theft events annotated on the DeFi Llama platform.

The core standard for judging security risk is: how significant is the actual loss from exploited vulnerabilities relative to the amount of funds in the market?

The loss rate of three ten-thousandths is roughly equivalent to the probability of an American citizen dying from an accidental slip and fall. This shows that, setting aside the widespread market panic, the actual security risk of DeFi lending business is actually quite low.

Breakdown of DeFi Security Incidents

As of May 16, 2026, DeFi Llama statistics show that the total amount stolen across all categories of DeFi protocols reached $7.751 billion. This statistical scope is extremely broad. The overall data includes cross-chain bridges, decentralized exchanges, derivative protocols, blockchain game-related projects, digital wallets, underlying infrastructure failures, and non-lending DeFi businesses.

Among them, cross-chain bridges are the hardest hit area: after removing security incidents related to cross-chain bridges, the total theft loss in the DeFi field is reduced to $4.518 billion.

Code execution strictly follows written instructions, not the developer's ideal expectations, which is the root cause of frequent vulnerabilities. It is meaningful to categorize risks well: DeFi is not a single sector with unified risks. Cross-chain bridge theft, DEX oracle manipulation, wallet phishing scams, and collateral asset vulnerabilities in lending markets are all completely different types of risks.

Among all DeFi protocols, lending markets are attacked most frequently, for a very straightforward reason: large amounts of assets are locked in smart contracts for extended periods, making them primary targets for hackers.

Lending protocols and automated market makers (AMMs) are sectors with high incident rates. Their core commonality is the need to pool large amounts of assets into smart contracts. Apart from cross-chain bridges, the vast majority of security incidents are concentrated in these two types of protocols. This article will focus on the lending and capital borrowing sector for analysis.

Fund Loss Rate Has Greatly Improved

Today, the overall TVL of DeFi is far higher than in the early stages of frequent vulnerabilities, especially in the lending sector. Projects have more mature risk control systems, more comprehensive code audits, and increasingly sophisticated real-time network-wide risk monitoring. Excluding cross-chain bridge incidents, the actual annualized theft loss proportion for lending businesses in EVM and Solana ecosystems has significantly decreased.

Euler even set a classic risk handling case by successfully recovering all stolen assets. In 2023, Euler was hacked for $197 million, not only fully recovered but also ended up with $240 million due to asset price fluctuations, achieving a positive surplus. This also widened the gap between book losses and actual recovery amounts in the industry.

Taking May 16, 2026 as the cut-off point and summarizing data from the past year:

Total book loss from thefts in non-cross-chain lending businesses on EVM and Solana: $30.9 million
Actual net loss after deducting asset recoveries: $30.1 million
Average daily locked capital size in the lending sector: $99.6 billion
Book fund loss rate: 3.1 basis points
Actual net loss rate: 3 basis points

Converted, the annual capital loss remains stable at about 0.03% of the total lending TVL.

Advantages of Asset Diversification

DeFi security incidents show a clear polarization characteristic: a very small number of extremely high-value theft incidents account for the vast majority of the industry's publicly disclosed total losses. Charting the scale of incidents on a logarithmic scale reveals that the scale of various theft events roughly follows a log-normal distribution. Visually, the vast majority of security incidents result in relatively small losses, with high-value thefts concentrated in only a few extreme cases.

Although ChatGPT expressed a different opinion, I believe this data strongly proves that portfolio diversification is an excellent method to prevent crime.

From the perspective of risk transfer and commercial insurance, this data model also provides reasonable support for industry security insurance businesses. Insurance institutions can set single-claim limits for different protocols and conduct underwriting business in an orderly manner.

Furthermore, the vast majority of theft incidents have limited impact, far from enough to shake the entire capital pool of the lending sector. Moreover, the larger the overall size of the sector, the smaller the impact a single security event has on the whole.

Note: For some theft incidents where the loss amount appears to exceed the project's own TVL, such cases are uniformly counted as 100% loss. There are two main reasons for this data discrepancy: first, there is a time lag between the TVL statistics time and the security incident occurrence time, causing asset volumes to change; second, DeFi Llama's TVL statistical scope is inconsistent with the actual standards for assets at risk exposure.

Although this measurement method is not absolutely perfect, it clearly reflects the industry's current state: the vast majority of vulnerability attacks only affect a single business module within a lending protocol; it is extremely rare for the entire asset pool to be compromised, especially for large-scale leading projects. This research data also provides key basis for DeFi industry risk hedging and asset security custody businesses.

Asset Recovery Capability is Crucial

Asset recovery has also greatly optimized the actual risk performance of the DeFi lending sector. Based on DeFi Llama's all-category DeFi theft data, the overall industry asset recovery amount accounts for about 8% of the total book loss. However, after excluding cross-chain bridge incidents, the asset recovery ratio for the EVM and Solana lending sector is even higher, reaching about 20% of the book loss.

Asset recovery success rates are generally higher for theft cases occurring in regions with well-established legal systems and mature regulatory governance. This phenomenon also hints at industry insights related to access permissions.

Positive Industry Outlook

Today, the security risks in the DeFi lending sector have become quantifiable and classifiable, with the actual fund loss ratio continuously declining. Data proves the industry has entered a mature development stage: actual vulnerability theft losses are extremely low relative to the sector's massive existing capital, various risks are clearly identifiable, and risk boundaries are increasingly transparent.

In conclusion, there's no need to be swayed by external bearish rhetoric; data and facts are sufficient to confirm the true risk level of the DeFi lending sector.

Preguntas relacionadas

QWhat is the annual estimated loss rate due to theft and malicious attacks in EVM and Solana DeFi lending, excluding cross-chain bridge incidents, according to the article?

AThe annual estimated loss rate is about 0.03% of the total value locked (TVL) in DeFi lending on EVM and Solana, excluding cross-chain bridge incidents.

QWhy are lending markets and AMMs highlighted as high-risk categories for security incidents in DeFi?

ALending markets and Automated Market Makers (AMMs) are high-risk because they require large amounts of assets to be pooled and locked in smart contracts, making them prime targets for hackers.

QWhat key improvement does the article mention regarding the handling of the Euler Finance hack in 2023?

AThe Euler Finance hack resulted in the successful full recovery of the stolen assets. Not only were the initial $197 million recovered, but price fluctuations led to the return of $240 million, creating a positive surplus.

QHow does the distribution of hack sizes in DeFi lending affect risk, according to the article's analysis?

AThe hack sizes follow an approximate log-normal distribution, meaning the vast majority of security incidents result in relatively small losses, with only a few extreme cases accounting for the largest portions of total losses. This supports the effectiveness of portfolio diversification as a risk mitigation strategy.

QWhat is the asset recovery rate for EVM and Solana lending sector hacks, excluding cross-chain bridge incidents?

AExcluding cross-chain bridge incidents, the asset recovery rate for hacks in the EVM and Solana lending sector is about 20% of the账面 (book value) losses.

Lecturas Relacionadas

From 'Old Dogs' to 'New Darlings': How AI is Revaluing Old Infrastructure, from Dell to Nokia

"Old Dogs" Become AI's New Darlings: Revaluing Legacy Infrastructure The AI investment narrative is shifting. Beyond the spotlight on core chipmakers like Nvidia, a new wave of interest is rising for legacy tech companies—Dell, HPE, Nokia, Cisco, Corning, Western Digital—once labeled as slow-growth, outdated stories. This resurgence stems from AI's evolution from model development to real-world deployment, creating massive demand for physical infrastructure. As AI moves into data center construction and enterprise adoption, the focus turns to who can actually build and deliver complex systems. These established players hold decades of experience in supply chains, integration, networking, and enterprise delivery—assets now critical for scaling AI. The revaluation can be grouped into three key infrastructure areas: 1. **Servers & Integration (e.g., Dell, HPE):** They are becoming essential system integrators, transforming GPUs into full-scale AI servers with networking, power, and cooling, then delivering them to clients. Strong recent earnings and AI-specific revenue/order growth for Dell and HPE underscore this shift. 2. **Networking & Connectivity (e.g., Corning, Nokia, Cisco):** As AI clusters grow, high-speed data transfer becomes paramount. Corning benefits from fiber demand for data center links, Nokia is exploring AI-integrated wireless networks (AI-RAN), and Cisco sees surging orders for data center switches—all critical for efficient AI operations. 3. **Storage (e.g., Western Digital, Seagate):** The AI data explosion requires vast capacity. Beyond high-speed memory (HBM), there's growing need for high-capacity HDDs to store training data, logs, video, and cold/archival data cost-effectively. This revaluation, however, is not a blanket endorsement. True reassessment requires concrete proof: AI-driven orders and revenue growth, upward revisions to company guidance, and sustainable improvements in profit quality, not just top-line sales. In essence, AI is not turning all old tech firms into high-growth stocks; it is selectively re-pricing the "old assets" of companies that are mission-critical for building the new AI infrastructure, transforming their legacy capabilities into renewed growth engines.

marsbitHace 6 min(s)

From 'Old Dogs' to 'New Darlings': How AI is Revaluing Old Infrastructure, from Dell to Nokia

marsbitHace 6 min(s)

The Bitcoin Roadmap To $500,000: Analyst Shows How Price Will Get There

An analyst projects Bitcoin could reach $500,000 based on technical chart analysis, mapping out a multi-phase roadmap within a long-term ascending channel. The analyst, Crypto Tice, states Bitcoin has completed the first phase ("First touch") of the pattern and is entering a second phase that could trigger its strongest rally yet, potentially driving a more than 693% increase from current levels above $63,000. This would be followed by a final pullback. This outlook comes as Bitcoin faces significant selling pressure, having fallen 17% over three days to around $61,300, erasing roughly $250 billion in market cap. The downturn has also impacted other major cryptocurrencies like Ethereum. Despite the crypto market decline, U.S. equities remain near highs, creating a notable divergence that some suggest could indicate market manipulation or crypto front-running a potential stock market correction.

bitcoinistHace 18 min(s)

The Bitcoin Roadmap To $500,000: Analyst Shows How Price Will Get There

bitcoinistHace 18 min(s)

Expected $1 Billion Crypto Windfall Shrinks To Fraction In Israel Disclosure Program

Israel's voluntary crypto disclosure program has seen a much weaker response than expected, with only 58 individuals coming forward. Tax authorities had projected up to $1 billion in revenue from the initiative, but early reports indicate declared crypto capital totals only about $50 million. The program offered immunity from criminal charges for correcting past reporting errors, but its lack of an anonymous option reportedly deterred many holders who feared putting their names on record. With an estimated $1 billion in digital assets held by Israeli residents, the disclosures so far represent only a small fraction of the market. The filing window, which has specific conditions and runs until August 2026, remains open.

bitcoinistHace 30 min(s)

Expected $1 Billion Crypto Windfall Shrinks To Fraction In Israel Disclosure Program

bitcoinistHace 30 min(s)

Breaking News! Anthropic Calls for a Universal Pause in AI Research

Anthropic warns of AI self-evolution, reporting that over 80% of its internal code is now written by its AI, Claude. Productivity has surged, with engineers merging 8x more code than in 2024. Claude's performance on complex, open-ended tasks jumped from 26% to 76% success in six months, nearing human parity. The company introduces a new metric: "AI task duration." In 2024, AI handled 4-minute tasks; by 2026, it manages 16-hour tasks, with capability doubling every 4 months. Claude also reviews code, catching bugs that previously caused outages, and significantly outperforms humans in research tasks like optimizing code (52x speedup) and conducting AI safety experiments. Anthropic outlines three potential futures: 1) Progress plateaus, 2) AI accelerates but humans remain in control, or 3) AI achieves full recursive self-improvement (RSI), designing its own successors. This final path could revolutionize fields like medicine but also risks catastrophic alignment failure if control is lost. The call echoes similar concerns from OpenAI. Anthropic proposes a coordinated pause on AI development—if a verifiable mechanism to ensure all labs comply can be established.

marsbitHace 35 min(s)

Breaking News! Anthropic Calls for a Universal Pause in AI Research

marsbitHace 35 min(s)

Probability in the Price: How World Cup Odds Are Calculated

**The Probability in the Price: How World Cup Odds Are Calculated** Two major systems released their "championship probabilities" before the 2026 World Cup, and they disagreed on the favorite. Prediction market aggregators listed France at around **17%**, while the Opta supercomputer gave European champion Spain **16.1%**. These numbers look similar, but their production methods are fundamentally different. The market's **17%** is the **price** that clears after hundreds of millions of dollars in trading across platforms like Polymarket and Kalshi, where contracts trade between 0 and 100 cents, directly representing implied probability. This liquidity is provided by crypto-native market makers like Wintermute, though the market still has "the liquidity profile of an early-stage" asset class. In contrast, Opta's **16.1%** is a **simulated frequency**. Its model uses team data (including betting market odds as an input) to estimate match probabilities, then runs **10,000 full tournament simulations**, counting how often each team wins. Which is more accurate? There is **no rigorous, cross-tournament academic study** directly comparing their track records. However, a persistent **longshot bias**—where low-probability outcomes are systematically overvalued—observed in traditional betting for nearly a century, has also been found in modern crypto prediction markets. Research shows low-price contracts on Kalshi/Polymer less likely to pay out than their implied odds suggest. Unlike traditional bookmakers, prediction markets operate on **public blockchain ledgers**, making every transaction auditable and enabling such research. However, price formation is also influenced by **regulatory uncertainty**, as seen in recent US state-level bans and legal battles over jurisdiction. In summary, the "probability" you see is either a **market-clearing price** subject to behavioral biases and liquidity constraints, or a **model-simulated frequency** that partially incorporates market data. The question of which method is more reliable remains open, highlighting the importance of asking: **How was this number produced?**

marsbitHace 35 min(s)

Trading

Spot

Futuros