DeFi users are no longer the same crowd that chased triple-digit yields through Ethereum in 2021. The market has survived Terra, FTX, bridge hacks, toxic token emissions, regulatory pressure, and the slow death of the “number go up” liquidity-mining era. Yet DeFi has not disappeared. It has changed shape. The current DeFi user is less likely to be a yield farmer rotating through food-themed tokens and more likely to be a stablecoin mover, onchain trader, lending borrower, points hunter, restaking participant, perp trader, or institution testing tokenized assets. The sector’s all-time highs tell one story. The user behavior underneath tells another.

DeFi’s First ATH Was About Liquidity, Not Mainstream Adoption

The first great DeFi all-time high came in 2021, when total value locked became the industry’s favorite scoreboard. In November 2021, DeFi reached roughly $220 billion in total value locked, while the broader dapp industry hit a then-record of around 2 million daily active wallets. That was the moment when DeFi looked like it might become crypto’s first mass-market financial application. In reality, it was still a capital-heavy but user-light ecosystem. A relatively small group of sophisticated users moved large amounts of money across lending markets, automated market makers, derivatives protocols and liquidity farms.

The 2021 user was highly motivated by yield. Protocols paid users in native tokens to deposit liquidity, borrow assets, stake LP tokens, bridge to new chains and bootstrap ecosystems. The model worked as a growth hack, but it was expensive. Many protocols bought activity with emissions rather than earning loyalty through product-market fit. When token prices fell, yields collapsed, and much of the user base vanished with them.

That does not mean 2021 was fake. It proved that smart contracts could coordinate trading, lending, collateral, liquidations and market making at global scale. But it also showed that “TVL” could be misleading. TVL measured assets sitting in contracts, not necessarily healthy demand, active users, retained revenue or durable financial utility.

The Second ATH Was Stranger: More Users, More Chains, Less Euphoria

By 2024 and 2025, DeFi had entered a different phase. The sector was no longer the only growth engine in crypto. Gaming, AI dapps, social apps, NFTs, memecoins, restaking and infrastructure competed for attention. Yet user activity across the broader dapp industry reached levels that made 2021 look small. DappRadar reported that the dapp industry averaged 24.6 million daily unique active wallets in 2024, while DeFi activity grew sharply and ended the year with about 7 million daily unique active wallets and 32% market dominance.

That was a major shift. DeFi no longer lived almost entirely on Ethereum mainnet. Users had moved to Solana, Base, Arbitrum, BNB Chain, Optimism, Avalanche, Polygon, Sui, Aptos, and newer app-specific environments. Fees were lower, wallets were easier, stablecoins were more liquid, and trading interfaces were less intimidating than in the early Uniswap and Compound era.

But the mood was different from 2021. The market was more cynical. Users had learned that high yields often came with hidden risk. Airdrop farming became a dominant behavior. Many wallets were active not because users loved the product, but because they expected future token rewards. This made raw active-wallet data harder to interpret. A single human could control many wallets. A bot could mimic users. A points campaign could create activity that disappeared after the snapshot.

The result was a paradox: DeFi had more users than ever, but less innocence.

The 2025 Capital ATH Showed DeFi’s Maturity and Its Weakness

The most important recent milestone came in Q3 2025, when DappRadar reported that DeFi TVL hit a record $237 billion across blockchains and protocols. At the same time, the broader dapp industry’s daily unique active wallets fell 22.4% quarter-over-quarter to 18.7 million. In other words, capital was rising while user activity was cooling.

That divergence matters. It suggests DeFi was becoming more institutional and capital-efficient, but not necessarily more consumer-driven. Bigger pools, lending markets and tokenized assets can push TVL higher even if fewer humans are clicking through dapps every day. A market maker, fund, DAO treasury or stablecoin issuer can move more value than thousands of small wallets.

By October 2025, DappRadar reported that DeFi TVL had fallen to $221 billion, down 6.3% month-over-month, while the broader dapp industry averaged 16 million daily active wallets. The direction was clear: the sector was no longer in a simple expansion phase. It was rotating, correcting and becoming more selective.

That is the current DeFi reality. The sector can set records in capital, volume or users, but not always at the same time. The old bull-market assumption that everything rises together no longer holds.

The Current Situation: Smaller TVL, Stronger Infrastructure

As of late May 2026, DeFiLlama’s dashboard showed roughly $79.7 billion in DeFi TVL, a much lower snapshot than the highs reported during 2025. Methodologies vary across data providers, and TVL can shift sharply depending on whether liquid staking, restaking, synthetic assets, bridged assets and double-counted collateral are included. Still, the direction is useful: DeFi has cooled from the 2025 peak, and the market is now more focused on real usage than headline TVL.

Stablecoins are the clearest sign that onchain finance is not dead. DeFiLlama showed total stablecoin market capitalization at about $320.8 billion, with USDT holding roughly 58.8% dominance. Stablecoins are no longer just casino chips for crypto traders. They are becoming settlement assets, dollar access tools, exchange collateral, DeFi liquidity, and cross-border payment rails.

This matters for DeFi users because stablecoins are the sector’s base layer. When users borrow on Aave, provide liquidity on Curve, trade on Uniswap, move funds across chains, or settle perpetual positions, stablecoins are often involved. The rise of stablecoins makes DeFi more useful even when speculative farming is weak.

The lending market also shows a more mature user profile. Aave remains one of the most important DeFi protocols, with DeFiLlama showing active loans above $10 billion in its current dashboard data, while separate Token Terminal reporting said Aave’s average active loans in March 2026 were $16.55 billion, up more than 47% year-over-year. That gap reflects different snapshots and reporting windows, but the broader signal is consistent: lending is still one of DeFi’s strongest product categories.

The New DeFi User Is a Trader First

The strongest user trend is the rise of onchain trading, especially perpetual futures. In 2021, DeFi’s flagship activity was spot swaps and lending. By 2025, perps had become one of the sector’s biggest growth engines. DefiLlama data cited by Cointelegraph showed onchain perp DEX volume reaching $1.36 trillion in October 2025 before falling to $699 billion in March 2026 after five straight monthly declines.

That decline sounds bearish, but the scale is still remarkable. Even after cooling, onchain perpetual exchanges were processing volumes that would have been unimaginable for DeFi a few years earlier. Hyperliquid’s current DeFiLlama page shows cumulative perp volume above $4.5 trillion and open interest above $9.5 billion, placing it at the center of the new onchain trading economy.

This changes the identity of the DeFi user. The most active user is increasingly not a passive liquidity provider. It is a trader using leverage, chasing execution, comparing fees, managing margin, and moving between centralized and decentralized venues. That user cares about speed, liquidity, funding rates, liquidation engines and mobile access. They are less ideological and more performance-driven.

Spot DEXs Are Becoming Financial Infrastructure

Uniswap remains the symbol of spot DeFi. DeFiLlama shows Uniswap cumulative DEX volume above $3.68 trillion, with 24-hour volume around $1.4 billion in the current snapshot. That makes Uniswap less like a speculative experiment and more like standing market infrastructure.

The user experience has also changed. In the early DeFi era, swapping onchain meant paying high Ethereum gas fees, approving tokens manually, worrying about slippage and hoping the transaction would not fail. Now many users interact through aggregators, mobile wallets, chain-specific front ends, intent-based systems and low-fee networks. The complexity has not disappeared, but it has been abstracted.

The next phase will likely be even less visible. Users may not know they are using DeFi at all. A wallet, neobank, trading app or AI agent may route liquidity through decentralized venues in the background. In that future, DeFi user growth will not necessarily look like more people visiting protocol websites. It may look like more financial apps silently using DeFi rails.

RWAs Are Bringing a Different Kind of User

Real-world assets are one of the most important trends for DeFi’s next cycle. RWA.xyz currently shows tokenized U.S. Treasuries at about $10 billion in total value, with nearly 59,000 holders. This is not a retail degen market. It is a yield, collateral and treasury-management market that appeals to institutions, fintechs, DAOs and sophisticated crypto users seeking onchain exposure to traditional assets.

RWAs may not produce the same daily-active-wallet explosion as memecoins or airdrop farms, but they can deepen DeFi’s capital base. Tokenized Treasuries can become collateral in lending markets, backing assets for stablecoins, settlement instruments for institutions, or cash-management tools for crypto-native funds.

The risk is liquidity. Tokenizing an asset does not automatically make it trade actively. Academic research on RWAs has warned that many tokenized assets still suffer from limited secondary markets, regulatory gating, whitelisting and low transfer activity. That means RWA growth is real, but it should not be confused with fully open, liquid, permissionless DeFi.

The Security Problem Has Improved, But It Has Not Gone Away

DeFi users have become more security-aware, but the ecosystem remains dangerous. Immunefi reported that industry-wide DeFi protocol losses fell about 80% from the 2022 peak of $2.62 billion to $534 million in 2024, before rebounding to $680 million in 2025 because of a small number of large incidents. The median loss per incident fell from $6 million in 2022 to $1.5 million in 2025.

That is meaningful progress. Audits, bug bounties, formal verification, monitoring systems, circuit breakers and better risk teams have helped. But DeFi’s composability remains a double-edged sword. Protocols depend on oracles, bridges, collateral assets, liquidity pools, governance systems and external integrations. A failure in one component can move through the stack.

Research has also challenged how DeFi measures itself. Some academic analyses have found that TVL calculations are not always easy to verify and often rely on non-standard methods. Other research has argued that TVL can be inflated through double-counting, wrapping and leverage. This is important for users because a large TVL number can create false confidence.

Where DeFi Users Go Next

The next DeFi cycle will not be defined by one user type. It will split into several layers.

At the retail edge, DeFi will look like mobile trading, memecoin speculation, perp markets, social finance, stablecoin payments and airdrop hunting. These users will care less about decentralization as a philosophy and more about speed, rewards, entertainment and access.

At the professional edge, DeFi will look like structured lending, delta-neutral strategies, market making, collateralized stablecoin loops, basis trades, tokenized Treasuries and onchain derivatives. These users will care about risk engines, liquidity depth, capital efficiency and regulatory clarity.

At the institutional edge, DeFi may become a backend rather than a destination. Banks, fintechs, asset managers and payment companies may use stablecoins, tokenized funds and public-chain settlement while shielding end users from wallets, seed phrases and gas fees.

The most likely prediction is that DeFi user numbers will grow, but the definition of “user” will become harder to measure. Wallet counts will remain noisy. TVL will remain incomplete. Volume will be increasingly dominated by bots, market makers and professional traders. The more meaningful metrics will be retained users, real fees, net protocol revenue, stablecoin settlement, active borrowers, open interest, collateral quality and integrations into mainstream financial apps.

Prediction: DeFi’s Next ATH Will Be Less Loud, But More Important

The next DeFi ATH probably will not feel like 2021. It may not be driven by retail users discovering yield farms on Twitter. It is more likely to arrive through a combination of stablecoin expansion, onchain derivatives, tokenized assets, institutional collateral, better wallets and invisible routing through consumer apps.

TVL can return to and exceed the 2025 highs if crypto asset prices recover, stablecoin supply continues growing, and tokenized assets become more deeply integrated into lending and trading markets. But the healthier sign would be not just a higher TVL number. It would be more real borrowers, more organic trading, more stablecoin settlement, more sustainable protocol revenue and fewer hacks relative to assets secured.

The future DeFi user may not describe themselves as a DeFi user. They may be a trader opening a perp position from a mobile app, a freelancer receiving stablecoins, a fund parking cash in tokenized Treasuries, a borrower using tokenized collateral, or an AI agent executing payments through smart contracts. That is the real direction of the market.

DeFi’s first era was about proving that decentralized financial applications could exist. Its second era was about scaling users across chains. The next era will be about hiding the complexity so effectively that DeFi becomes infrastructure. When that happens, the sector’s most important all-time high may not be TVL. It may be the moment users stop noticing they are using DeFi at all.

The latest Uniswap phishing campaign did not require a protocol exploit, a bridge vulnerability, or a smart contract bug. It needed something far simpler: a sponsored Google result that looked convincing enough for users to click. According to on-chain analyst b-block and Web3 marketer Stacy Muur, scammers impersonating Uniswap through malicious Google ads have drained at least $400,000 from crypto users, once again exposing one of the industry’s most stubborn security failures. In DeFi, users are trained to fear malicious contracts. But the more immediate danger may be the fake link sitting above the real one.

The reported campaign followed a familiar pattern. A user searches for Uniswap, sees what appears to be a legitimate sponsored result, lands on a polished clone of the real interface, connects a wallet, and signs what looks like a routine transaction. Behind the scenes, the site is designed to drain assets. By the time the victim realizes what happened, the funds have moved. In this case, two flagged addresses were reported to hold roughly 146 ETH, worth about $306,000 at the time of the initial reports, while the broader haul attributed to the scam was estimated at at least $400,000.

The Scam Was Simple Because the User Habit Is Predictable

The most uncomfortable part of this attack is how ordinary it is. Many users do not type full protocol URLs. They do not rely on bookmarks. They search for “Uniswap,” click the first familiar-looking result, and assume Google has already filtered the worst threats.

That assumption is dangerous in crypto.

Search engines were built for discovery, not custody. In normal web browsing, clicking a bad ad might lead to spam, a fake store, or malware. In crypto, clicking a bad ad can lead directly to an irreversible transfer of assets. The browser becomes the attack surface. The sponsored result becomes the lure. The wallet signature becomes the point of no return.

This is why phishing through Google Ads has become such a persistent crypto threat. Attackers do not need to compromise Uniswap itself. They only need to intercept users before they reach it.

Why Uniswap Is Such an Attractive Target

Uniswap is one of DeFi’s most recognizable brands. It is also a natural target for phishing because users arrive there with intent. They are not casually browsing. They are often ready to swap tokens, approve spending, provide liquidity, or interact with new assets.

That intent is valuable to attackers. A fake Uniswap page does not need to convince users that crypto is real or that DeFi is useful. The user already believes that. The scam only needs to mimic the final interface well enough to trigger a wallet interaction.

This is different from older phishing campaigns that asked victims to enter seed phrases. Modern drainers are more sophisticated. They often ask users to connect a wallet and sign a transaction that appears normal, but actually grants permissions or triggers transfers that benefit the attacker. The interface may look nearly identical to the real app. The domain may be visually close enough to pass a quick glance. The ad may even display a legitimate-looking URL while routing users through hidden mechanisms.

For experienced DeFi users, this creates a false sense of safety. They know not to share seed phrases. They know not to download random wallet software. But they may still sign a malicious approval if the site looks like the protocol they intended to use.

Google Ads Have Become a Crypto Phishing Layer

Security Alliance, known as SEAL, warned in April that phishing activity through Google Search had seen a significant uptick in March. The group said attackers were either paying for Google ads directly or compromising legitimate advertiser accounts to run fake sponsored results impersonating popular crypto protocols.

SEAL also reported blocking more than 356 malicious advertisement links, describing the campaign as part of a steady flow of attacker-deployed Google Ads that has continued for more than a year. Between March 13 and March 30 alone, SEAL attributed around $1.27 million in stolen funds to these campaigns.

The mechanics are disturbing. Attackers bid on keywords related to major DeFi platforms and wallets. They compete for sponsored placement above organic search results. In some cases, they use legitimate-looking URLs to pass automated checks while loading malicious content through hidden secondary frames. Victims are routed into cloned interfaces where wallet interactions are silently manipulated.

This makes the search ad not just a marketing placement, but an exploit delivery mechanism.

The Sponsored Result Problem

The crypto industry has spent years telling users to verify URLs, avoid suspicious links, and never trust random messages. That advice is still correct, but it underestimates the psychological power of search placement.

When a result appears at the top of Google, many users treat it as implicitly vetted. The word “Sponsored” may be visible, but it does not trigger the same danger response as a direct message from a stranger on Telegram or Discord. The ad looks institutional. The page title looks right. The brand name looks familiar. The user is already trying to reach that platform.

This is the exact environment attackers want.

Stacy Muur’s criticism was direct: fake links keep appearing above real ones, and users keep getting drained. Her frustration reflects a broader industry view that search platforms have failed to treat crypto phishing ads with the urgency they deserve.

For Google, scam ads are a moderation challenge. For crypto users, they are a custody threat.

The Attack Does Not Break DeFi. It Breaks Navigation.

What makes this incident important is that Uniswap itself was not hacked. The protocol did not fail. Its smart contracts were not the reported weakness. The exploit happened before the user reached the real application.

That distinction matters because it shows how security responsibility has shifted. In DeFi, the transaction path now includes the search engine, the ad network, the browser, the domain, the wallet, the front-end, the transaction simulation, and the smart contract. A user can interact with a secure protocol and still lose everything if the path to that protocol is compromised.

This is why phishing is so hard to eliminate. Protocol audits cannot solve malicious ads. Smart contract formal verification cannot stop a fake website. Hardware wallets can help, but only if the user understands exactly what they are signing. Wallet warnings can reduce risk, but attackers constantly redesign payloads to appear less suspicious.

The weakest link is no longer always code. It is context.

Why Wallet Signatures Remain the Critical Failure Point

Crypto users often think of signatures as logins, confirmations, or routine approvals. Attackers exploit that ambiguity. A wallet popup interrupts the user, displays technical data, and asks for confirmation. Many users approve because they believe they are completing the action they came to perform.

This is especially dangerous with token approvals. A malicious approval can grant a spender permission to move assets. A deceptive transaction can batch actions in ways that are hard for the user to parse. A fake site can guide the user through multiple steps while maintaining the illusion of a normal swap.

The industry has improved transaction simulation and wallet warnings, but the experience is still not good enough. Most users cannot reliably decode raw calldata. Many do not understand the difference between signing a message, approving a token, and executing a transaction. Attackers know this and design interfaces around that confusion.

A phishing site does not need to defeat cryptography. It only needs to make a user authorize the wrong thing.

The Pattern Is Bigger Than Uniswap

Fake crypto ads on Google are not new. Over the past several years, phishing campaigns have impersonated MetaMask, Phantom, PancakeSwap, Uniswap, Morpho, and other widely used crypto services. Security researchers have repeatedly documented attackers buying ad placements to outrank legitimate projects for high-intent search terms.

The same pattern has appeared outside crypto as well. Malvertising campaigns have targeted software downloads, AI tools, business platforms, and operating-system pages. Malwarebytes has reported fake ads on Facebook impersonating Microsoft promotions and directing victims to cloned Windows download pages carrying credential- and crypto-stealing malware. Kaspersky has also documented phishing campaigns that use Google Ads to impersonate business tools and even Google’s own advertising services.

Crypto is uniquely vulnerable because the conversion from click to theft can be immediate. A fake productivity app may steal credentials that attackers later monetize. A fake DeFi app can drain a wallet during the session.

Why This Keeps Happening

The economics are simple. Crypto phishing through ads has high upside and low friction. Attackers can rotate domains, use compromised ad accounts, change keywords, clone interfaces quickly, and cash out through on-chain routes. If one ad is removed, another can appear. If one domain is flagged, another can replace it.

The defense stack is slower. Google must detect and remove malicious ads. Security teams must report domains. Wallets must flag dangerous contracts. Users must notice inconsistencies. Protocols must warn communities. By the time all of that happens, a campaign may already have generated meaningful losses.

There is also a mismatch between platform incentives and user risk. For ad platforms, crypto scams are one category among many. For a victim, one bad click can mean losing years of savings. The asymmetry is brutal.

The Industry Needs Better Defaults

The usual advice is still useful: bookmark official sites, avoid sponsored search results, verify domains carefully, use hardware wallets, revoke old approvals, and read wallet prompts. But advice alone is not enough. A security model that depends on every user being perfectly alert every time is not a security model. It is wishful thinking.

Protocols need stronger brand protection and faster reporting channels with ad platforms. Wallets need clearer warnings when users interact with suspicious domains, newly deployed contracts, or known drainer infrastructure. Search engines need stricter review for crypto-related ads, especially those impersonating financial applications. Browser extensions and security tools need to make domain reputation more visible before a wallet connection happens.

The most effective defense may be cultural: users should stop treating search as the default way to access financial applications. In crypto, bookmarks are not a convenience. They are a security practice.

What Users Should Do Now

Anyone using DeFi should assume sponsored search results are hostile until proven otherwise. That may sound extreme, but it is rational. Attackers are buying the exact placement users are trained to trust.

The safer pattern is to navigate from saved bookmarks, official social profiles, verified app directories, or known wallet integrations. Users should also review approvals regularly, especially after interacting with unfamiliar pages. If a wallet prompts for an unlimited approval or a transaction that does not match the intended action, the safest move is to reject it.

For larger wallets, the bar should be higher. Trading wallets should be separated from long-term storage. Hardware wallets should be used for meaningful balances. High-value accounts should avoid signing transactions from fresh browser sessions, unknown links, or search-driven navigation.

The best security habit is simple: never let a search ad become the gateway to your wallet.

The Real Lesson

The fake Uniswap ad campaign is not just another phishing story. It is a warning about the fragility of crypto’s user journey. DeFi protocols can be decentralized, audited, and battle-tested, yet users can still be drained by a centralized ad system placing a malicious lookalike above the real destination.

That is the contradiction at the center of modern crypto. The settlement layer may be trustless. The access layer is not.

Until wallets, protocols, browsers, and ad platforms close that gap, attackers will keep exploiting it. They do not need to break Uniswap. They only need to buy the first click.

The latest DeFi exploit did not hit a flashy yield farm, a thinly audited memecoin contract, or a bridge holding hundreds of millions in pooled liquidity. It hit something more uncomfortable: smart accounts that many crypto users treat as the safer side of on-chain custody. A third-party module labeled “SquidRouterModule” was reportedly exploited across Ethereum and Base, draining roughly $3.2 million from 86 Gnosis Safe wallets in about two hours. The attacker then converted the stolen assets into DAI through Uniswap V3, consolidating the proceeds while the market was still trying to understand what had happened.

The incident is a reminder that “multisig” does not automatically mean “immune.” Safe wallets are powerful because they allow teams, DAOs, funds, and sophisticated users to add rules around asset movement. But that same flexibility can become a risk when external modules are granted execution power. The exploit appears to have targeted that extension layer, not the core Safe system and not Squid’s core router contract. That distinction matters. It means the failure was less about the base wallet architecture and more about the growing complexity of the smart-account ecosystem around it.

What Happened

Blockchain security firm Blockaid flagged an active exploit on May 25, reporting that 86 Gnosis Safe wallets had been drained across Ethereum and Base in roughly two hours. The losses were initially estimated at around $3 million and later reported by several outlets at approximately $3.2 million. The attacker converted the stolen tokens into DAI using Uniswap V3 pools, with reports indicating that the assets were consolidated into a single wallet holding a little over $3 million in DAI after the swaps.

Early reporting tied the exploit to a contract verified as “SquidRouterModule,” which created immediate confusion because Squid is also the name of a cross-chain routing protocol. Squid moved quickly to distance its core protocol from the incident, saying the exploit was unrelated to its core contracts and that Squid users and integrators were not affected. Safe Labs also characterized the issue as involving a third-party module rather than the Safe protocol itself.

The technical weakness appears to have been severe. Reports describe a flaw that allowed malicious transactions to execute without valid authorization, effectively letting the attacker impersonate approved execution paths and trigger arbitrary token movements from affected wallets. AMBCrypto, citing Blockaid, reported that the vulnerability involved the executeSameChainActions() function and enabled malicious transactions to impersonate authorized delegates.

Why the Word “Module” Matters

Safe wallets are often described as multisig wallets, but that description undersells what they have become. A Safe can be a treasury vault, a DAO operations account, a trading desk, an institutional custody layer, or an automated smart account. Modules are one of the mechanisms that make this flexibility possible. They allow additional contracts to perform certain actions on behalf of the Safe under predefined conditions.

That is useful. A team may want automated swaps, recurring payments, cross-chain execution, account recovery, spending limits, or integration with external protocols. Modules can make a Safe far more powerful than a basic wallet requiring manual signatures for every action.

But modules also expand the attack surface. A Safe may still require multiple human signatures for ordinary transactions, yet a module can have permissions that bypass the normal signing flow if it has been enabled and configured to execute specific operations. In a secure setup, that is intentional. In a vulnerable setup, it becomes a privileged backdoor.

The SquidRouterModule exploit appears to sit exactly in that danger zone. The attacker did not need to compromise every signer on every affected Safe. Instead, the reported flaw allowed execution through the module layer. That is a different class of risk from private-key theft. It is closer to software supply-chain risk: the core wallet can be sound, but an approved extension can still become the point of failure.

Why This Was Not Necessarily a “Safe Exploit”

The distinction between a Safe exploit and a third-party module exploit is not PR spin. It is central to understanding the event.

Safe’s core value proposition is that assets move according to defined permissions and signatures. If the core Safe contracts had been broken, the implications would be catastrophic across DeFi because Safe is widely used by protocols, funds, DAOs, and security-conscious users. Current reporting does not suggest that. The incident instead appears to have affected wallets that had interacted with or enabled the vulnerable third-party module.

That does not make the incident small. A $3.2 million drain from 86 wallets is serious. It also does not let the broader ecosystem off the hook. The reason Safe is so widely trusted is precisely because it has become infrastructure. When infrastructure becomes modular, users need better visibility into what they have installed, what permissions modules hold, and what latent execution rights remain active long after an integration is first used.

The lesson is not that Safe wallets are unsafe. The lesson is that a Safe wallet is only as secure as the full permission graph attached to it.

The Uniswap V3 Conversion Path

After draining the wallets, the attacker reportedly converted stolen assets into DAI through Uniswap V3. Several reports say the swaps were routed through attacker-controlled Uniswap V3 pools, which is a notable detail because it suggests the attacker may have structured liquidity to facilitate conversion and consolidation.

This is a familiar post-exploit pattern. Attackers often move quickly from heterogeneous stolen assets into a more liquid or more stable asset. DAI is useful for this purpose because it is widely supported across DeFi and easier to consolidate than a basket of volatile tokens. Speed matters. The first minutes after an exploit are when defenders, analytics firms, exchanges, bridge operators, and stablecoin issuers are still coordinating. By the time public alerts circulate, the attacker may already have swapped, bridged, split, or parked funds.

In this case, the two-hour window was long enough to drain dozens of wallets but short enough to create confusion about the exact root cause. That is why early security labeling matters. A contract name that includes “Squid” can create reputational blast radius for a protocol even if its core contracts were not impacted.

The Reputation Problem for Protocol Names

Squid’s public response highlights one of the messier realities of DeFi incident response. Contract labels, verified names, integrations, modules, and protocol branding do not always map cleanly to responsibility. A vulnerable contract can carry a name that points toward a project without the exploit necessarily affecting that project’s main protocol. In a fast-moving exploit, that nuance is often lost.

For users, the practical takeaway is simple: do not assume a brand-name integration is safe simply because the main protocol is known. For protocols, the takeaway is harsher: any external contract using your name, integrating your stack, or sitting adjacent to your ecosystem can become a reputational liability.

This is especially true for routing infrastructure. Routers, solvers, bridges, account modules, and intent systems often sit between users and execution. They are not always where users think their risk lives. The front-end may look familiar. The transaction may originate from a known wallet. The destination may involve a reputable DEX. But the dangerous permission may sit in a module approved weeks or months earlier.

The Bigger Issue: Smart Accounts Are Getting More Powerful

The exploit comes as the industry is moving toward account abstraction, intent-based execution, session keys, automated agents, and cross-chain smart accounts. This trend is broadly positive. Crypto wallets are still too hard to use, and smart accounts can make them more programmable, recoverable, and automated.

But every new convenience layer introduces a new trust boundary. Session keys can reduce signing fatigue, but they can also create delegated authority. Intents can improve execution, but they can expose users to solver risk. Modules can automate operations, but they can retain permissions users forget about. Cross-chain routing can improve liquidity access, but it can multiply the number of contracts involved in a single action.

The SquidRouterModule incident is therefore not just a one-off exploit. It is a preview of the security model DeFi now needs. The industry is no longer securing isolated contracts. It is securing interconnected permission systems.

What Users and Teams Should Learn

For retail users, the immediate lesson is to review token approvals and wallet permissions regularly. But for Safe users, that is not enough. They also need to understand enabled modules. A dangerous ERC-20 approval can let a spender move a token. A dangerous Safe module may be able to initiate broader wallet actions depending on its permissions.

For DAOs and teams, module management should become part of treasury operations. Any enabled module should have an owner, a reason for existing, a risk rating, and a review cycle. If a module is no longer needed, it should be removed. If a module is experimental, it should not be attached to a treasury holding meaningful assets. If automation is required, teams should consider spending limits, isolated operational Safes, and staged permissions rather than attaching broad execution rights to a primary vault.

The best treasury setups increasingly look like segmented systems. A cold Safe holds strategic assets. A smaller operational Safe handles routine activity. A hot execution account interacts with DeFi. Automation modules, if used, should sit as far away as possible from the deepest pool of funds.

Why Base and Ethereum Were Both Hit

The exploit affected wallets across Ethereum and Base, which is unsurprising given how users now operate. Many teams use the same tooling across multiple chains. Modules, routers, and account abstractions are deployed into several ecosystems to provide a unified experience. That cross-chain consistency is useful, but it also means a single vulnerable pattern can replicate across networks.

Base’s lower fees and growing DeFi activity make it an attractive execution environment. Ethereum remains the settlement and treasury layer for many protocols and teams. When a vulnerable module exists on both, the attacker can target both. This is one reason cross-chain security is so difficult: the blast radius is not limited to one chain if the same contract logic or permission assumptions appear elsewhere.

The Strength of Safe Still Depends on Operational Discipline

Safe remains one of the most important pieces of crypto custody infrastructure. It is widely used precisely because it gives users more control than an externally owned account. Multisig approvals, policy-based execution, and smart-account programmability are all valuable.

But Safe is not a magic shield. A team can still approve a malicious token. A signer can still be phished. A front-end can still be compromised. A module can still be dangerous. A governance process can still approve the wrong integration. The security benefit comes from discipline, not from the label “multisig” alone.

The SquidRouterModule exploit should push teams to treat modules as privileged software, not passive plugins. In traditional enterprise security, anything with administrative access is monitored, reviewed, logged, and periodically removed if unnecessary. Crypto treasuries need the same mindset.

The Weakness in DeFi’s Integration Culture

DeFi loves composability, but composability often creates unclear accountability. A wallet integrates a module. A module interacts with a router. A router touches a DEX. A DEX pool converts assets. A bridge may later move them. Each component may be secure in isolation, but the combined path can contain assumptions no single team fully owns.

That is the weak point attackers keep exploiting. They look for the seam between systems: the place where one contract assumes another contract validated a condition, where one module assumes a delegate is legitimate, where one front-end assumes a user understands a permission, or where one protocol name creates false confidence around another contract.

The reported arbitrary-execution flaw in SquidRouterModule is a textbook example of why integration security cannot stop at audits of core contracts. The glue code matters. The adapters matter. The modules matter. The permission checks matter most of all.

Verdict: A Small Exploit With Large Implications

At roughly $3.2 million, this exploit is not the largest DeFi hack of the year. But its importance is bigger than the dollar figure. It targeted the permission layer around smart accounts, which is exactly where more crypto activity is heading.

Squid says its core router contract and user funds were not affected. Safe’s core protocol does not appear to have been the root cause. Those are important clarifications. But the incident still exposes a deeper risk: users increasingly rely on complex wallet extensions that can hold powerful execution rights, and many do not fully understand what those extensions can do.

The future of crypto custody will not be only about private keys. It will be about permissions, modules, intents, solvers, session keys, and automated execution. That future can be safer and more usable than today’s wallet model, but only if the industry treats every extension as part of the security perimeter.

The SquidRouterModule exploit is a warning shot. Smart accounts are becoming the operating system of on-chain finance. Now DeFi has to secure the plugins.