DeFi的合理利率该是多少？低于这个数字不要存！

Original Author: Tom Dunleavy, Venture Capital Lead at Varys Capital

Compiled by Odaily (@OdailyChina);

Translated by Azuma (@azuma_eth)

One week ago, KelpDAO's rsETH bridge protocol, built on LayerZero, suffered a hacker attack resulting in losses of up to $292 million. Subsequently, these stolen rsETH were deposited into Aave as collateral, leaving roughly $196 million in bad debt on Aave's books, which in turn caused the total TVL of the entire DeFi market to evaporate by $13 billion.

Two weeks prior, Drift Protocol, a derivatives protocol on Solana, also lost $285 million due to a key leak incident stemming from a social engineering attack by North Korean hackers.

These two incidents within three weeks caused a permanent loss of $577 million. The USDC market on Aave saw utilization rates exceed 99.87% for four consecutive days, with deposit rates surging to 12.4%. Circle's Chief Economist, Gordon Liao, proposed a governance proposal to quadruple the borrowing limit, merely to alleviate the queue situation.

For users accustomed to depositing stablecoins at 4% - 6% APY in DeFi lending markets, a critical question now arises — Are these yields still reasonable? A few weeks before the Kelp DAO incident, Santiago R Santos raised this question on the Blockworks podcast, and it warrants a deeper exploration: Have we been adequately compensated for the DeFi risks we've undertaken, and what should a reasonable risk spread be in the future?

How Traditional Finance Prices Credit Risk

The yield of every corporate bond is a sum of various compensations. The most crucial formula in this analysis is — Yield = Risk-Free Rate + (Probability of Default × Loss Given Default) + Risk Premium + Liquidity Premium.

The risk-free rate (Rf) is benchmarked against US Treasury bonds of matching maturity; "Probability of Default × Loss Given Default" (PD × LGD) represents the expected loss, where LGD is calculated as "1 - Recovery Rate"; the risk premium compensates for the uncertainty of expected losses — even if two bonds have the same PD and LGD, they may be priced differently if the distribution of their outcomes is wider; the liquidity premium compensates for exit costs.

Moody's long-term data since 1920 provides a benchmark:

• US Speculative-Grade Default Rate: Long-term annual average of 4.5%, currently 3.2% over the past 12 months, expected to rise to 4.1% by Q1 2026;
• Unsecured High-Yield Bond Recovery Rate: Historically around 40%, implying LGD ≈ 60%;
• High-Yield Bond Expected Loss: 4.5% × 60% = 2.7%/year (long-term average);
• Private Credit Default Rate: KBRA estimates 3.0% for 2026;
• Private Credit Recovery Rate: Approximately 48% (KBRA 2023-2024 data); 
• Secured Leveraged Loan Recovery Rate: Historically around 65%–75%;

Current Traditional Finance Yield Ladder

Let's look at the current real-world data. The 10-year US Treasury yield is 4.29%. As of April 2026, the spreads for various ICE BofA credit assets are as follows.

The overall pattern is intuitive: yields increase as you move down the capital structure, from government bonds to investment grade, then to speculative grade and subordinated commercial real estate, compensating for the probability of default and severity of loss. Direct lending yields around 9%, not because default rates are significantly higher, but because the liquidity premium for holding illiquid private assets is very real.

Now, look at the USDC rate on Aave before the Kelp DAO incident, which was around 5.5%, falling between investment-grade and B-rated high-yield bonds. Meanwhile, yields on Morpho (with curator selection via curated vaults) were around 10.4%. These two numbers cannot simultaneously correctly reflect the same underlying risk.

DeFi Has "Defaults" That Don't Exist in Traditional Finance

Traditional credit defaults are relatively straightforward: a borrower defaults, and the creditor can accelerate debt maturity, proceed with restructuring, and liquidate assets. DeFi has no restructuring mechanism, only exploits, with three main failure modes.

Mode 1: Smart Contract Vulnerabilities

Code has flaws (re-entrancy attacks, input validation errors, lack of access controls, etc.), and attackers drain funds. Historical recovery rate: Around 5%–15% if white hats return the funds; almost 0% if it's North Korean hackers.

Poly Network (2021) attackers returning all $611 million is an extreme outlier. Losses from Ronin ($625 million) and Wormhole ($325 million) were covered by project teams/institutions, essentially shareholder bailouts, not recoveries.

Mode 2: Oracle Manipulation and Governance Attacks

Manipulating low-liquidity DEX pools to poison price feeds, or using governance attacks with malicious proposals to drain funds. Beanstalk lost $182 million this way in 2022. Such incidents are partially reversible, but claims often become claims on "worthless tokens".

Mode 3: Composability Contagion

This was KelpDAO's failure mode, and it's the most dangerous because it's the hardest to audit.

• Protocol A issues LST/restaking tokens;
• Protocol B accepts them as collateral;
• Protocol C handles cross-chain bridging;

If any single link fails, all downstream assets become "orphaned". The attacker didn't need to attack Aave; they only needed to attack rsETH.

The common thread across all three modes is that once a problem occurs, the collapse happens in minutes, not quarters. There is no negotiation, no restructuring, no buffer. Code is law, and a bug means near-total loss. Aave V3's rsETH bad debt went from 0 to $196 million in about 4 hours. In contrast, the median time from initial stress signals to restructuring for a traditional BB-rated default is 14 months.

What the Loss Data Reveals

Chainalysis's 2025 report noted an interesting phenomenon: although DeFi TVL grew from $40 billion in early 2024 to approximately $175 billion by October 2025, DeFi-specific attack losses were near 2023 lows. The $3.4 billion in crypto theft in 2025 was primarily from CEXs (Bybit alone accounted for $1.5 billion) and personal wallets (44%, compared to just 7% in 2022).

If you look only at this chart, you might conclude that DeFi is becoming safer. This is partially true. Smart contract audits have matured; bug bounty programs like Immunefi now protect over $100 billion in user funds; cross-chain bridge architectures are gradually incorporating time locks and multi-party verification.

But the reality of 2026 tells a different story. On April 1, Drift lost $285 million; on April 18, KelpDAO lost $292 million. Two nine-figure incidents in 18 days, both targeting the weak points of composability rather than core lending primitives. Based on average TVL, the annualized loss rate for DeFi in recent years is roughly as follows.

• 2024: ~$500 million DeFi-specific losses / $75 billion average TVL = 0.67% annualized loss rate;
• 2025: ~$600 million / $120 billion average TVL = 0.50% annualized loss rate;
• 2026 YTD (annualized): If Q2 loss figures are extrapolated for the full year, losses ~$577 million / $95 billion TVL * 4 = ~2.0% to 2.5%;

If we estimate a forward-looking annualized Probability of Default (PD) of 1.5% to 2.0% for high-quality DeFi lending, and a Loss Given Default (LGD) of 90% (average recovery rate of 5% to 15% for direct exploit attacks without an external balance sheet backstop), the expected loss is 1.35% to 1.80% per year.

This level is already higher than high-yield bonds (HY), and this doesn't even account for additional premiums related to uncertainty, illiquidity, regulatory asymmetry, and the contagious structure of composability itself.

Building a DeFi Risk Premium from Scratch

From this point, we apply the bond pricing methodology to attempt to price a reasonable yield for a high-quality DeFi stablecoin deposit — specifically, overcollateralized lending on Ethereum mainnet via Aave or Compound to retail and quantitative borrowers, denominated in USDC.

As shown in the chart above, we start from the 10-year US Treasury benchmark and build up the reasonable yield. The framework is based on the Duffie-Singleton credit spread decomposition, adapted for DeFi-specific failure modes.

The components of this pricing model are as follows:

• Risk-Free Rate (10Y UST): +4.30%;
• Technical Expected Loss (PD × LGD): +1.50%;
• Oracle Manipulation Risk: +0.75%;
• Governance / Admin Key Risk: +1.00%;
• Composability Cascade Risk (like Kelp DAO): +1.25%;
• Regulatory Asymmetry Risk: +1.25%;
• Stablecoin De-pegging Tail Risk: +0.50%;
• Liquidity Premium: +0.50%;
• Risk Premium (Model Uncertainty): +1.50%;

The final derived reasonable yield is at least 12.55%.

Therefore, for high-quality DeFi stablecoin supply on top-tier protocols, a reasonable rate should be no less than 13%. For positions explicitly covered by insurance (e.g., Nexus Mutual coverage, Umbrella-type protocol reserves), it can be lower; for long-tail protocols, newly deployed markets, or exposures involving restaking and cross-chain structures, it should be higher.

Conclusion

Ultimately, our conclusions are as follows.

First, demand reasonable compensation. If you're lending USDC in DeFi at 5%, you are essentially pricing risk at a BB-grade credit level while bearing risks technically and compositionally inferior to CCC-grade. The 9% to 12% yields on curated vault markets like Morpho are closer to a fair clearing price, although they themselves introduce manager selection and transparency issues.

Second, move up the capital structure. Overcollateralized lending based on high-quality collateral (ETH, wBTC, market-proven LSTs), with oracle redundancy, protocol-level insurance layers, and no cross-chain exposure, carries a significantly lower risk premium than the framework above. If directly accessible, this is the equivalent of "investment-grade assets" in DeFi.

Third, price tail risks correctly. The KelpDAO attack was not a black swan, but a predictable failure mode within multi-chain, restaking structures. The Drift incident is fundamentally the same, just with different actors. Q2 2026 has already generated $577 million in permanent losses. A DeFi portfolio yielding a composite 5.5% is exposed to catastrophic drawdown risk that this yield cannot possibly cover.

DeFi is not uninvestable, but it is mispriced at the top of the stack. Institutional-grade opportunities do exist, but only for capital allocators who either match the risk premiums of this framework or underwrite specific protocols one by one, akin to private credit. The so-called "lazy trade" — depositing stablecoins into a leading money market and accepting its advertised yield — is essentially a carry trade disguised as a risk-free rate.