Loading prices…
〽️NEUTRAL

GhostSwap Pushes Non-Custodial Swaps After $670M 2026 Hacks

The platform's wallet-to-wallet model sidesteps the pooled-custody attack surface that drained KelpDAO, Drift, and Grinex in a single quarter.

Non-custodial swap platform GhostSwap is leaning into the worst custodial hack quarter on record, citing over $670 million drained from centralized exchanges, bridges, and protocols in the first four months of 2026 alone. The platform frames its wallet-to-wallet routing model as a structural answer to that wave: user assets move directly from origin to destination address rather than sitting in a pooled hot wallet that a single key compromise could empty.

The hook is a string of high-profile incidents. KelpDAO lost $292 million on April 18 through a LayerZero bridge infrastructure exploit; Drift Protocol lost $285 million on April 1 via smart-contract and admin-key compromise; Grinex saw $13.7 million in USDT drained from 54 wallets on April 15; Step Finance lost $28.9 million through compromised executive credentials between January and February; Truebit lost $26.4 million to legacy "zombie code" on January 9; and ResolvLabs lost $25 million in March through an AWS KMS misconfiguration.

Why it matters

The through-line across those six incidents is shared custody. Each platform aggregated user funds into a wallet or contract controlled by a small set of keys, admin roles, or infrastructure dependencies, and each loss was bounded only by whatever happened to be sitting in that pool at the moment of compromise. GhostSwap's pitch is that removing the pool removes the target: no account database to breach, no routine KYC records to exfiltrate, and no shared wallet to drain in a single transaction. A dual-address swap flow, with a destination and a refund address, gives the system a defined recovery path when a route fails rather than leaving funds in limbo.

Market impact

The 2026 numbers are what make the timing land. A $670 million first-quarter toll across custodial venues resets the bar for what users will tolerate from centralized venues, and it pushes more flow toward non-custodial routing where the platform never holds a balance long enough to become a target.

Frequently asked questions

  1. How much was drained from custodial crypto platforms in early 2026?

    Over $670 million was stolen from custodial exchanges, bridges, and protocols in the first four months of 2026, according to the incidents cited in the GhostSwap post, including KelpDAO, Drift Protocol, Step Finance, Truebit, ResolvLabs, and Grinex.

  2. What is GhostSwap's non-custodial model?

    GhostSwap routes assets directly from the user's wallet to the destination address rather than holding pooled customer balances in exchange-controlled wallets, which it argues removes the large-fund target that custodial hacks typically exploit.

  3. Why does a refund address matter for non-custodial swaps?

    Providing both a destination and a refund address during a swap gives the system a predefined path to return funds if routing, liquidity, or another failure condition interrupts the transaction, reducing the chance assets get stranded.

  4. Which 2026 hack was the largest single incident?

    KelpDAO's $292 million LayerZero bridge exploit on April 18, 2026 was the largest single incident cited, followed by Drift Protocol's $285 million loss on April 1 from a smart-contract and admin-key compromise.

  5. Does GhostSwap's model eliminate all hack risk?

    No. GhostSwap states the model is not unhackable; it reduces the attack surface by eliminating pooled custody, account databases, and routine KYC data, but smart-contract, routing, and infrastructure risks still apply to any swap platform.

Source attribution
Aggregated from Crypto News · Verified · Last refreshed 1h ago
Open original →