Institutions Borrowing Against Staked SOL: Sustainable Yield Infrastructure or 2008 All Over Again?

General
1

On February 13, 2026, Anchorage Digital, Kamino, and Solana Company dropped an announcement that made me sit up in my chair: institutions can now borrow against natively staked SOL while keeping full custody and earning ~7% staking yield. Coming from TradFi, I’ve seen this movie before—and it doesn’t always end well.

The Innovation: Capital Efficiency Meets Institutional Custody

Here’s what makes this interesting. The tri-party custody model works like this:

  • Anchorage Digital acts as collateral manager for natively-staked SOL
  • Kamino provides the on-chain borrowing infrastructure
  • Collateral stays in segregated accounts at Anchorage Digital Bank (OCC-regulated, federally chartered)
  • Atlas handles automated collateral management and liquidations

Institutions get the holy grail: earn native staking yield (~7% APY), access 24/7 on-chain liquidity, AND never give up custody. This is different from liquid staking tokens like Lido’s stETH or Marinade’s mSOL, where you trade your SOL for a derivative token that carries smart contract risk.

The data shows institutional adoption accelerating. Marinade Select crossed 3.1M SOL (~$436M) by November 2025, and institutional-grade staking is becoming the dominant trend. Institutions want “clean” yield without additional smart contract layers—native staking gives them that.

The Concern: Rehypothecation and Systemic Risk

But here’s where my TradFi alarm bells start ringing. Rehypothecation is the practice of using the same collateral for multiple obligations. In 2008, this created leverage chains where:

  1. Asset A gets pledged as collateral to Lender B
  2. Lender B pledges Asset A to Lender C
  3. Lender C pledges Asset A to Lender D
  4. …repeat until the music stops

When Lehman Brothers collapsed, nobody knew who actually owned what because the same assets were pledged 4-5 times over. MF Global went down the same way in 2011.

Is this different? Maybe. The custody structure here is more transparent:

  • Collateral stays in segregated accounts (not commingled)
  • On-chain transparency vs opaque OTC derivatives
  • Real-time collateral health monitoring via Atlas

But consider EigenLayer’s “restaking” model, which already lets you use staked ETH to secure multiple protocols simultaneously—earning multiple yield streams from a single asset. If Institution X stakes SOL, borrows against it on Kamino, uses that borrowed capital to stake elsewhere, then borrows against that… how many leverage layers can we stack before something breaks?

Capital Efficiency vs Systemic Stability

Risk management is my obsession, so here’s how I’m thinking about this:

Positive signals:

  • Regulated custody (Anchorage is OCC-chartered)
  • Segregated accounts reduce counterparty risk
  • Automated liquidations prevent manual manipulation
  • Institutions prefer native staking over wrapped derivatives (less attack surface)

Red flags:

  • No regulatory framework for cross-protocol leverage chains
  • What happens during a 50% SOL price crash with 10x leverage?
  • Oracle manipulation risks for pricing feeds
  • Cascade liquidation scenarios across multiple institutions

The real question: Where’s the line between capital efficiency and systemic risk?

In TradFi, we learned that individual institutions can be “safe” while the system as a whole becomes fragile. Each bank’s risk models looked fine in 2007—until everyone hit problems simultaneously and discovered they were all exposed to the same underlying assets through different leverage chains.

What Do We Think?

I’m genuinely conflicted. On one hand, this unlocks massive institutional capital for Solana DeFi and uses better infrastructure than 2008’s opaque OTC derivatives. On the other hand, we might be recreating the same systemic risks with shinier technology.

Questions for the community:

  1. Does on-chain transparency actually prevent rehypothecation chains, or just make them easier to watch as they collapse?
  2. Should there be regulatory limits on leverage multiples, even with good custody?
  3. Are institutions going to repeat TradFi’s mistakes, or have we actually built something more resilient?

Would love to hear from folks with regulatory, security, or practical implementation experience. The next 12 months could either prove that crypto custody solves TradFi’s problems—or that we just built a faster way to blow up.

2

Diana, you’re asking the exact right questions. As someone who spent years at the SEC and now helps crypto firms navigate compliance, the rehypothecation concern is absolutely valid—but the custody structure here matters enormously.

How This Is Different From 2008

Let me highlight the key legal safeguards that weren’t present in the 2008 crisis:

1. Anchorage Digital is a federally chartered bank (OCC-regulated under the National Bank Act). This isn’t some offshore entity playing fast and loose—it’s subject to quarterly examinations, capital requirements, and strict custody standards. When Lehman and MF Global collapsed, their prime brokerage arms were commingling client assets with firm capital. That’s explicitly prohibited here.

2. Segregated accounts, not commingled pools. The press release specifically states collateral remains in the borrower’s segregated account at Anchorage. This means:

  • Institution A’s staked SOL can’t be lent to Institution B
  • No counterparty exposure between customers
  • If Kamino or Anchorage fails, the collateral is legally segregated from creditors

3. Real-time on-chain transparency vs opaque OTC derivatives. In 2008, nobody knew the counterparty chains until everything unwound. Here, Atlas provides automated collateral management with transparent liquidation thresholds. If you’re at risk of liquidation, you know—and so does everyone else.

4. Automated liquidations prevent discretionary manipulation. Remember how Bear Stearns hedge funds got margin calls at the worst possible moment? Atlas removes human discretion from the liquidation process, reducing conflicts of interest.

But We’re Still in Regulatory Gray Zones

That said, compliance enables innovation—but the framework is still evolving. Here’s where I’m concerned:

Cross-protocol leverage chains: What happens when Institution X borrows against staked SOL on Kamino, then uses that borrowed USDC to stake on Marinade, then borrows against mSOL on Solend? Each individual position might be safe, but the system-level leverage could be 5x-10x without anyone tracking it holistically.

Cross-border custody and jurisdiction: If Anchorage (US entity) holds collateral for a Cayman fund that borrows through Kamino (unclear jurisdiction) to deploy on Solana (global network), whose laws apply during bankruptcy? The Hague Securities Convention doesn’t cover crypto yet.

Disclosure requirements: SEC doesn’t require crypto funds to report their staking/borrowing activities like they do for securities lending. How do regulators assess systemic risk if they can’t see total leverage?

Cautiously Optimistic

Legal clarity unlocks institutional capital—and this structure is a massive step forward from 2008’s failures. But we need:

  1. Clear disclosure requirements for institutional leverage ratios
  2. Standardized liquidation protocols across DeFi platforms (like ISDA for derivatives)
  3. Regulatory stress testing for cascade failure scenarios
  4. International coordination on custody jurisdiction

The custody structure here is superior to 2008. Whether the regulatory framework catches up before we test these systems at scale—that’s the open question.

3

From a security research perspective, Rachel’s point about segregated custody is well-taken—but we need to talk about the technical attack vectors that segregated accounts don’t prevent.

Custody Solves Some Problems, Creates Others

The good news: keeping collateral in Anchorage segregated accounts removes entire classes of counterparty risk. No commingling means no MtGox-style “oops, we lost everyone’s coins in a hot wallet.”

But trust but verify, then verify again. The security model shifts from custody risk to smart contract and oracle risk—and that’s where things get interesting.

Critical Technical Dependencies

1. Kamino Smart Contracts Become Critical Infrastructure

If institutions are borrowing billions against staked SOL through Kamino, those contracts are now systemically important. Questions:

  • Has Kamino undergone formal verification (not just standard audits)?
  • What’s the upgrade mechanism? Can the team push emergency upgrades, or is there a timelock?
  • Who controls the multisig? How many signers, and what’s their OpSec?

We’ve seen $1+ billion lost to smart contract vulnerabilities in 2026 alone, despite OWASP’s Smart Contract Top 10 being public knowledge since 2025. The most common failures: reentrancy, access control bugs, integer overflows. Every line of code is a potential vulnerability.

2. Oracle Dependencies for Pricing and Liquidations

Atlas handles automated liquidations—great. But automated based on what price feed?

  • Which oracle provider? (Pyth, Switchboard, Chainlink?)
  • How many data sources in the aggregation?
  • What’s the update frequency during volatile markets?
  • Flash loan attack vectors on liquidation triggers?

Oracle manipulation was the attack vector in multiple 2024-2025 exploits. If an attacker can manipulate the SOL/USD price feed for even one block, they could:

  • Trigger false liquidations (stealing collateral at discount)
  • Prevent legitimate liquidations (draining protocol reserves)
  • Sandwich liquidation transactions (MEV extraction)

3. Restaking and Cascade Failure Scenarios

Diana mentioned EigenLayer’s restaking model—this is where security gets exponentially complex. If you use staked SOL to:

  1. Earn native staking rewards (~7%)
  2. Secure AVSs on EigenLayer-equivalent for Solana (another 3-5%)
  3. Borrow against it on Kamino (accessing leverage)

Then you’ve introduced compounding slashing risks. If the AVS slashes your stake due to a validator error or malicious behavior, does that trigger:

  • Undercollateralization on Kamino?
  • Automatic liquidation cascade?
  • Margin calls across multiple institutions simultaneously?

We don’t have stress test data for what happens when 20% of staked SOL gets slashed while also being used as loan collateral.

Specific Risks to Monitor

Reentrancy in liquidation flows: If Atlas uses callbacks or external contract calls during liquidations, is there reentrancy protection at every step?

Upgradeability and admin keys: What if Kamino’s admin keys get compromised? Can an attacker upgrade contracts to steal collateral, or is there a timelock that gives users warning?

MEV and liquidation bots: Who runs the liquidation bots? Is there a permissionless liquidator system, or trusted entities? MEV searchers will extract maximum value from liquidations—is that cost built into the risk model?

Recommendations Before Scale

Security is not a feature, it’s a process. Before institutions deploy billions:

  1. Formal verification of critical Kamino contracts (not just traditional audits)
  2. Comprehensive oracle manipulation stress tests under extreme volatility
  3. Circuit breakers for cascading liquidations (pause if >X% of TVL liquidating)
  4. Public transparency on multisig signers and upgrade procedures
  5. War game exercises simulating oracle failures, slashing events, and flash crashes

The custody model is sound. The smart contract and oracle dependencies? Those need the same level of scrutiny that Anchorage’s banking license provides for custody.

Remember: the best hack is the one that never happens. Let’s make sure we’re thinking through these scenarios before we’re firefighting a $500M exploit at 3am.

4

From a business standpoint, this is absolutely massive for institutional adoption—but I keep thinking about what happens when the market turns.

What Institutions Actually Want

Rachel nailed it with the custody points. After spending the last 6 months pitching institutional investors for our startup, here’s what they care about:

:white_check_mark: Regulated custody - Anchorage being OCC-chartered checks this box
:white_check_mark: Yield on idle assets - 7% staking APY is compelling vs 5% on T-bills
:white_check_mark: Liquidity without selling - Borrowing against collateral preserves long-term position

This is product-market fit for institutions. They’ve been sitting on SOL waiting for exactly this infrastructure.

But Let’s Talk About Market Risks

Here’s where my startup scar tissue kicks in. Sophia’s security concerns are valid, but I’m equally worried about the macro scenarios:

Scenario 1: SOL drops 50% in a week (we’ve seen this before)

  • Institutions get margin calls across their entire portfolio simultaneously
  • Do they have enough liquid reserves to add collateral, or do they get liquidated?
  • If 20% of institutional SOL hits the market at once, how much does that accelerate the crash?

Scenario 2: Yield compression

  • What happens when staking APY drops from 7% to 3% (bear market, more validators)?
  • Does the math still work for institutions paying 4-5% borrow rates?
  • Do they unwind positions, creating selling pressure?

Scenario 3: Reputation damage

  • First major institutional liquidation makes headlines: “Pension Fund Loses $50M in Crypto Lending Scheme”
  • Regulatory backlash, institutional retreat, back to square one

The Real Question: Sustainable Business Models

What bothers me isn’t the technology or custody model—it’s the incentive structure. Are institutions using this to:

A) Generate sustainable yield on long-term strategic holdings? (Good)
B) Juice short-term returns with leverage to hit quarterly targets? (Bad)

TradFi taught us that when everyone’s compensated for short-term performance, long-term systemic risks get ignored. Fund managers who blow up in Year 5 already collected Years 1-4 bonuses.

If staking becomes collateral becomes leverage becomes rehypothecation chains… are we building capital efficiency or just financializing everything?

Optimistic But Watching Closely

Look, I’m fundamentally bullish on this. Solana needs institutional capital to compete with Ethereum’s institutional infrastructure. This could unlock billions in liquidity for DeFi protocols, creating sustainable business models for projects that currently rely on token emissions.

But we need to ask: What’s the business model when the APY goes away? Because yield farming always ends the same way—the music stops, and somebody’s left holding the bag.

Would love to hear from anyone who’s modeled out the liquidation scenarios. What’s the threshold where this becomes systemic vs just individual institutions taking L’s?

5

This thread is fascinating and honestly a bit over my head on the institutional custody side—but I’ve been building DeFi frontends long enough to know that the UX side of leveraged positions is where things can go really wrong for users.

Learning From Existing Liquid Staking UX

I’ve integrated Lido (stETH) and Aave into projects before, and here’s what I’ve seen users struggle with:

1. Understanding collateral health is HARD

  • Users see “Health Factor: 1.45” and have no idea if that’s good or bad
  • They don’t realize a 20% price drop could liquidate them
  • “Why did I get liquidated at 1.05? I thought 1.0 was the threshold!” (spoiler: by the time it hits 1.05, liquidation bots already grabbed it)

2. Liquidation trauma

  • I’ve had users reach out crying (literally) because they lost $10K to a liquidation they didn’t understand
  • The “penalty” fee structure is opaque—they thought they’d just lose the borrowed amount, not collateral PLUS 10% liquidation penalty
  • Watching collateral health drop during a flash crash but being unable to add more in time

3. Complexity compounds
So if institutions (or eventually retail) are:

  1. Staking SOL (OK, straightforward)
  2. Borrowing against staked SOL (wait, what’s my LTV?)
  3. Using borrowed funds to stake elsewhere (now I have two positions to monitor?)
  4. Multiple leverage layers (help?)

How do we make this understandable in an interface?

Questions About Implementation

I’m curious about the actual UX for this:

For institutions:

  • Is there a dashboard showing collateral health in real-time?
  • Alerts before liquidation thresholds?
  • What’s the process to add more collateral—manual or automated?
  • Can they see their effective leverage ratio across all positions?

If this comes to retail:

  • How do we warn users about cascade risk without scaring them away?
  • Should interfaces block users from stacking too many leverage layers?
  • What happens during a market crash when everyone rushes to add collateral simultaneously and gas fees spike?

The Aave Lesson

Aave did a decent job with their “Health Factor” UI—color-coded (green = safe, yellow = caution, red = danger), clear liquidation price, simulation tools to see “what if ETH drops 30%?”

But even with that, I saw users get liquidated because:

  • They set it and forgot it
  • Notifications went to spam
  • They were asleep during a flash crash
  • They didn’t have funds readily available to add collateral

If we’re bringing institutions into this, they presumably have better risk management and 24/7 operations teams. But the moment this infrastructure scales to retail (and you know it will, because that’s where the volume is), we need to think through:

Interface safeguards:

  • “You’re about to create 8x effective leverage across 4 positions. Are you SURE?” prompts
  • Clear explanations: “If SOL drops 35%, you’ll be liquidated”
  • Mandatory practice mode / simulation before using real funds
  • Circuit breakers if user is creating dangerous positions

Maybe I’m Overthinking This?

I might be overthinking the retail angle since this is initially institutional. But honestly, every “institutional only” DeFi feature eventually gets packaged for retail—that’s how we went from OTC derivatives to Robinhood options trading.

Steve’s point about incentive structures resonates with me. If fund managers are judged on quarterly returns, they’ll use leverage to juice numbers. If retail sees institutions making 15% APY via leverage, they’ll want in too—even if they don’t understand the risks.

My concern: We build this incredibly sophisticated infrastructure with good custody and automated liquidations… and then retail users access it through a slick frontend that makes it too easy to create dangerous positions without understanding consequences.

Question for the group: Should platforms building on top of this (UIs, aggregators, wallets) implement their own guardrails, or just assume users understand the risks?

I’m probably showing my inexperience here, but I’d rather ask dumb questions now than have users crying to me after they get liquidated later. :sweat_smile: