A four-layer risk management application of the Crypto XVA framework to the problem of tokenised assets gaining wide acceptance as collateral across a composable financial stack. Companion to "The Bridge That Wasn't There."
By David Martin · April 21, 2026
The framing
The honest starting point is that you cannot fully control against a tokenised asset gaining wide acceptance as collateral across a composable stack, because wide acceptance is what composability means. Eliminate it and you eliminate the thing that makes the system valuable — capital efficiency, instant plug-in, permissionless innovation. So the goal is not to prevent wide acceptance; it is to make wide acceptance survive stress without setting the forest on fire.
That shifts the question from "how do we stop this?" to "where do we install controls, and who bears the residual risk?" The answer lives at four layers: issuer, venue, system, and pricing. Each does work the others cannot. None is sufficient alone.
1. At the issuer
The first line of defence is making the tokenised asset itself harder to forge and easier to verify in real time. The Kelp bridge exploit would have been far less destructive — possibly impossible — with controls the industry already knows how to build.
Trust-minimised bridges. ZK light-client bridges (Succinct, Polyhedra) cryptographically verify the source chain's state rather than trusting a committee of signers. If Kelp's bridge had required a validity proof of the ETH deposit on chain A before minting rsETH on chain B, the forgery could not have been constructed.
Continuous, on-chain proof of reserves. Not an auditor's attestation once a quarter, but a contract-level invariant that compares rsETH.totalSupply() against the verifiable ETH backing, updated each block. Any divergence beyond a tolerance freezes the contract.
Mint-side rate limits and timelocks. No cross-chain message results in immediate minting of a material fraction of supply. A delay of even fifteen minutes between bridge finalisation and token availability would give automated monitoring time to flag anomalies.
Redemption mechanisms that remain functional under stress. The deliberately slow unstaking queue at Kelp is defensible as a yield-strategy constraint, but it becomes the mechanism by which credit stress converts into behavioural cascade. A standing short-term redemption facility — even at a punitive discount — keeps the front door open when the side door is the only alternative.
2. At each lending venue
The second line is what each protocol does when it lists the asset. Here the industry has many of the tools; the question is whether they are used with enough humility.
Supply and borrow caps, per asset, per protocol. Aave already has these. They are the single most effective control against cascade, because they cap the absolute magnitude of any one protocol's exposure regardless of how pretty the LTV math looks. A $500M supply cap on rsETH at Aave would have capped the bad debt at a fraction of what it was.
Isolation mode. An asset listed in isolation cannot be combined with other collateral, cannot feed into composed positions, and typically has its own debt ceiling. It prevents a failure in one asset from cascading into unrelated borrower positions in the same account.
Redemption-linked pricing. For tokenised claims on an underlying, the oracle should price the collateral at the minimum of (DEX market price, TWAP, issuer-reported redemption rate). In the Kelp case, the redemption rate — backed ETH divided by circulating rsETH — would have collapsed the moment the forgery was detected on-chain, triggering liquidations ahead of the TWAP-smoothed market price. Protocols that relied only on market-price oracles saw the slow thermometer; protocols that also checked backing would have seen the fever.
Proof-of-reserves as an oracle input. Chainlink and others have introduced feeds that go beyond price to report the reserves backing a wrapped or tokenised asset. Consuming those feeds, and halting new borrows or triggering haircuts when reserves diverge from supply, is a direct architectural control against exactly this failure mode.
Cooldowns on deposit-then-borrow. A simple delay — you cannot borrow against collateral deposited within the last X blocks — makes the forty-six-minute exit window impossible. It also interferes with the "short your own collateral" dynamic because it forces the holder to commit before the market has time to react. Unpopular with power users, effective against panic.
Dynamic risk parameters. LTV and liquidation thresholds that tighten automatically as utilisation spikes, as volatility rises, or as off-chain signals of stress emerge. Static parameters assume the world is stationary. The world is not stationary.
3. At the system level
The third line is visibility. Today, each protocol knows its own exposure to rsETH; no one sees the aggregate exposure across the stack. A shared asset visible on four venues with $1B supply each is not a $1B risk, it is a $4B risk coupled by the same exits. This is information that does not exist anywhere in usable form.
A public cascade dashboard. Cross-protocol exposure for major collateral assets, updated continuously, showing the total supply accepted as collateral across all major DeFi venues, with concentration and correlation metrics. DeFiLlama does some of this; no one does it with the granularity and framing a risk manager needs.
Industry risk scoring. Moody's recent stablecoin methodology is a preview of where this is going: an independent framework that rates tokenised assets on issuance integrity, backing quality, redemption mechanics, and composability exposure. For liquid restaking tokens in particular, a public rating with bridge-security and backing-verification subcomponents would give every integrator a shared reference point.
Disclosure norms. Every protocol that lists a given asset should publish its exposure, its risk parameters, and the oracle it uses. The data is already on-chain, but assembling it is work. Making the disclosure canonical and comparable shifts the market: lenders who accept impaired assets bear reputational cost in real time.
4. The pricing layer — where Crypto XVA earns its keep
Even with every control in place, residual risk remains. The honest response is not to chase it to zero but to price it — and this is where the Crypto XVA framework earns its keep.
A lender that accepts rsETH as collateral is, whether it acknowledges the fact or not, writing an option. It is long the good-case outcome (rsETH performs as advertised, fees accrue) and short several tail risks: bridge exploit, issuer insolvency, oracle failure, cascade risk from other lenders that accept the same asset. In derivatives language those are the ingredients of a valuation adjustment — an XVA — and the market is not charging for them.
Concretely, a Crypto XVA treatment of an rsETH collateral position would book adjustments for:
- Bridge and issuer risk. The probability-weighted loss from a Kelp-level failure, derived from bridge security posture, auditor coverage, concentration of validator keys, and historical incident rates across comparable infrastructure.
- Composability risk. An additional adjustment reflecting the fact that other lenders accept the same asset and that their depositors will share the exits. This term is zero when you are the only venue; it rises sharply with the number of parallel lenders and their aggregate exposure.
- Oracle and liquidation risk. The gap between the price the protocol uses for liquidation and the economic value under stress — the slow-thermometer premium.
A protocol that charges borrowing rates net of these adjustments, or applies them as haircuts to collateral value, is compensated for the risk it is carrying. A protocol that does not is effectively subsidising borrowers with its depositors' money until the day the adjustment becomes payable in full. That day is April 18.
The Bagehot point
The deeper answer is that Walter Bagehot already wrote the playbook. A central bank, he argued, should lend freely in a crisis, but at a high rate, against good collateral. The three clauses are not optional: freely prevents the run, the high rate prices the risk, and the collateral test forces honest underwriting before the crisis, not during it.
Translated to this stack: composability is freely; risk-adjusted pricing is the high rate; supply caps, proof-of-reserves, isolation mode, redemption-linked oracles, and XVA haircuts are the collateral test. Do the first without the other two and you get an April. Do the collateral test properly and you can keep the composability that makes the system worth having.
You cannot stop a tokenised asset from achieving wide acceptance. You can make sure that every protocol accepting it has capped the exposure, linked the price to the backing, and priced the residual risk into the rate. That is the control system. There is no other one.
Summary table
Layer | Who acts | What they do | What it protects against |
Issuer | Kelp, LST/LRT issuers, bridge operators | ZK bridges, on-chain PoR, mint rate limits, redemption facilities | Forgery, insolvency at source |
Venue | Aave, SparkLend, Fluid, Upshift | Supply/borrow caps, isolation mode, redemption-linked oracles, PoR feeds, cooldowns, dynamic parameters | Single-protocol blast radius |
System | Data providers, rating agencies, industry bodies | Cross-protocol cascade dashboards, asset ratings, disclosure norms | Hidden correlation and aggregate exposure |
Pricing (XVA) | Each protocol's risk team | Bridge/issuer XVA, composability XVA, oracle/liquidation XVA — priced into rates and haircuts | Residual risk that controls cannot eliminate |
Controls cap the blast radius. Pricing ensures the risk-bearer is compensated. Neither alone is enough.
By David Martin · Crypto XVA Research.
For the underlying framework, see the SSRN working paper — Crypto XVA: A Conceptual Framework (link to be added at publication).
Subscribe for new research — email capture form to be configured in Super.