Full Post-Mortem of the KelpDAO Incident: Why Did Aave, Which Was Not Compromised, End Up in Crisis Situation?

Original Title: The Kelp DAO Exploit on rsETH Has Put Aave to Its 'Moment of Truth'
Original Author: Gianmarco Marzotto
Translation: Peggy, BlockBeats

Editor's Note: On April 18, a transaction involving approximately 116,500 rsETH tokens sent shockwaves through the entire DeFi ecosystem, presenting an unexpected stress test. The stolen assets quickly flowed into Aave V3, where they were used as collateral to borrow a significant amount of WETH. This sudden influx disrupted the previously stable lending system, pushing the ETH pool utilization to 100% and bringing the potential default amount close to $200 million. Within hours, funds were massively withdrawn, leading to a liquidity crisis.

Superficially, this may seem like another cross-chain bridge attack; however, the deeper issue lies in the fact that it did not occur within Aave's own code but rather infiltrated through an "ostensibly secure" external collateral asset. The failure of rsETH in the bridging, re-collateralization, and governance process rendered it economically non-redeemable, yet this change was inadequately reflected in the lending system, ultimately resulting in a direct impact on the protocol's solvency.

In this article's perspective, the risk structure of DeFi is undergoing a transformation. The question of protocol security is no longer just about "contract vulnerability" but rather about "the reliability of the entire technical and governance chain behind the accepted collateral." As liquidity provisioning, re-collateralization, and cross-chain infrastructure stack on top of each other, the failure of any link could magnify into a systemic shock through the collateral chain.

In hindsight, this was a typical case of "yield backfiring": what was once considered nearly risk-free re-collateralization yield transformed overnight into liquidity depletion and default exposure. For Aave, this was a true test of governance and risk management; for the entire DeFi ecosystem, it may serve as a clearer reminder that in a highly composable system, risk has never disappeared but rather been redistributed and delayed.

The following is the original article:

Introduction: The Day rsETH Was No Longer 'Risk-Free'

On April 18, 2026, DeFi experienced a moment that completely distanced "theory" from "reality": the Kelp DAO's rsETH cross-chain bridge was exploited, with approximately 116,500 rsETH tokens (roughly $2.92 billion to $2.93 billion) being attacked, marking the largest DeFi hack of the year to date.

These stolen tokens did not stay put but were swiftly moved to Aave v3 as collateral and borrowed WETH. This action directly triggered a liquidity crisis, resulting in a bad debt of over $170 million to $200 million in the protocol.

In contrast to many past attack events, this was not due to a vulnerability in Aave's own code. The issue stemmed from an "external" source—a collateral price feed that was originally considered reliable but lost credibility in a short period of time.

This article will outline the specific evolution of this event, explain why it resembled more of a liquidity crisis than a security vulnerability at the Aave level, and further discuss what this event means for risk management in an increasingly interconnected DeFi ecosystem.

What are Kelp DAO and rsETH (and Why They Caught Aave's Eye)

Kelp DAO is a liquid restaking protocol that allows users to convert ETH and various liquidity staked tokens (such as stETH, cbETH, etc.) into a liquidity token called rsETH, which is pegged to the underlying asset restaked on the EigenLayer.

As such, rsETH's value is derived from a basket of underlying assets locked in the restaking system. While these underlying assets themselves have limited liquidity, rsETH as a token can still freely circulate throughout the DeFi ecosystem, being used as collateral or participating in various yield farming strategies.

From the perspective of a lending protocol like Aave (a money market), rsETH is "theoretically" almost an ideal collateral: it has strong collateral support, additional revenue sources, and is embedded in a "blue-chip" ecosystem like EigenLayer. It is for this reason that rsETH was listed on the Aave v3 and v4 markets, allowing users to use it as collateral to borrow more liquid assets (such as WETH).

However, this integration also brought about a shift in the risk paradigm: Aave's ability to repay on the ETH side now depends not only on its own protocol's design and security but also on external components—including the secure operation of cross-chain bridges and the entire restaking technology stack supporting rsETH.

Attack Path: From Kelp's Cross-Chain Bridge to Aave v3

According to on-chain preliminary analysis and reports from multiple crypto media, the incident originated from the Kelp DAO's LayerZero-based rsETH cross-chain bridge.

The attacker exploited a vulnerability in the bridge's cross-chain message mechanism (lzReceive in EndpointV2) to withdraw approximately 116,500 rsETH from the adapter/bridge, corresponding to a scale of around $2.92 billion to $2.93 billion at the time of the attack.

After obtaining these tokens, the attack strategy was highly "rational" in economic terms:

· Deposit rsETH into Aave v3 as collateral

· Borrow as much WETH as possible against this position (utilizing the fact that rsETH was still fully recognized by the protocol as a valid collateral asset at that time)

· Move or cash out the borrowed WETH to extract real liquidity value

· Leave the risk within the Aave ecosystem, waiting for the collateral's value to collapse subsequently

Upon detecting the anomaly, Kelp DAO promptly announced the suspension of the rsETH contracts on the mainnet and several L2s to investigate the attack, essentially freezing the normal circulation and redemption paths of rsETH.

Simultaneously, Aave also urgently paused the rsETH and wrsETH markets on v3 and v4, emphasizing that its smart contracts themselves were not breached, and the issue was limited to that particular asset.

However, the core issue is this: the rsETH serving as collateral has now "failed" on an economic level.

The bridge was drained, the redemption path is uncertain, and the price discovery mechanism is in disarray—while the previously borrowed WETH based on the collateral still physically exists.

Liquidity Crisis on Aave: Peak Utilization and a "Nine-Digit" Default

The freeze of rsETH by Kelp DAO has rendered positions collateralized with this token unable to be liquidated in an orderly manner. Specifically, the WETH borrowings associated with these collaterals can no longer be recovered with sufficient value through the disposal of rsETH, causing the protocol's mechanism as the "lender of last resort" to fail on these positions.

Preliminary estimates indicate:

· Approximately 116,500 rsETH was stolen and deposited into Aave v3

· The scale of WETH borrowings directly related to these positions is estimated to be between $177 million and $236 million

· Considering the cascading exposures to other protocols, the potential default scale could reach up to around $200 million

·Aave's ETH pool utilization rate briefly reached 100%, with almost no available liquidity for users to withdraw (unless they front-run)

A panic ensued, with over $5.4 billion being rapidly withdrawn from Aave in a matter of hours, including over $150 million from Justin Sun, a key whale in the protocol.

Aave's Total Value Locked (TVL) plummeted from around $45.8 billion to $35.7 billion in a very short period, while its token AAVE fell approximately 17% to nearly 20% in a single day.

An ironic outcome was that for users lending stablecoins or other assets, the yield soared — due to the shortage of lendable funds, the APY for stablecoin deposits surged to around 13%-14%, a typical signal of the market entering "crisis mode."

Insights into On-Chain Risk Management from this Event

The rsETH–Kelp DAO–Aave event was not just a typical attack but rather a prime example revealing how risk propagates from one protocol to another in a highly composable DeFi financial system.

Several key takeaways include:

Lending protocols do not exist in isolation
Even if Aave's smart contracts were not breached directly, accepting rsETH as collateral meant being directly exposed to external risks — including the security of cross-chain bridges and the re-collateralization system behind it.

When "redeemability" breaks down, oracle pricing is insufficient
Even if on-chain prices technically remain "valid," once an asset loses redeemability or liquidity (e.g., due to a pause, attack, or freeze), it ceases to be economically viable collateral. Risk management needs to encompass infrastructure integrity and governance factors, not just the price dimension.

An emergency pause mechanism is a double-edged sword
The Kelp DAO froze the rsETH contract, a reasonable move from the perspective of controlling the attack, but it exacerbated the issue for Aave: collateral became illiquid, making liquidation more challenging.

"Distributed collateral" may evolve into systemic risk concentration
Each new LRT, LST, or complex derivative asset introduces new risk vectors. Once these assets are accepted as collateral by multiple protocols (such as Aave, Compound, Euler, etc.), a single cross-chain bridge attack could trigger a cascading effect across the entire ecosystem.

For on-chain risk managers, this event has essentially become a "template": so-called "collateral whitelisting" is no longer just about assessing price fluctuations, but now requires measuring the complexity and vulnerability of the entire technical supply chain supporting the asset.

Outlook: How Aave (and DeFi) May Change Post-rsETH Incident

Within hours of the attack, the Aave team and Guardian reassured that the liquidity pool was still functioning normally, with the incident only affecting rsETH-related assets. They are collaborating with Kelp, LayerZero, and other stakeholders to minimize the impact.

But the real work is just beginning: how to handle bad debt, whether to activate the Safety Module/Umbrella mechanism, and how to update asset listing strategies will all be critical governance stress tests.

Several directions that this event may accelerate include:

· Adopting more conservative onboarding parameters for LRT/cross-chain assets: lower LTV, stricter limits, and multi-layered audit requirements, with specialized stress tests for cross-chain attack scenarios.

· Building a quantification framework to measure "bridge risk" and "restaking stack risk," akin to current modeling of price volatility and asset correlation.

· Placing greater emphasis on collateral concentration issues: setting limits not only by individual asset but also by "risk category" (e.g., derivative assets from the same LRT provider or messaging infrastructure).

· Driving the evolution of the Safety Module role: including AAVE staking, an insurance fund, and a backstop liquidity pool, transitioning from the "last line of defense" to part of daily systemic risk management.

For users, this event also sends a clear signal: using complex composite tokens as collateral can indeed boost returns, but it also means exposing oneself to a series of often overlooked risks—including cross-chain bridge vulnerabilities, restaking governance issues, and upstream protocol emergency shutdown mechanisms.

A Reminder About the Nature of DeFi Yield

The attack on rsETH did not breach Aave's code, but it did reveal a crucial issue: when collateral is built on complex liquidity pledging, restaking, and cross-chain bridge structures, the sensitivity of lending protocols to external shocks significantly increases.

What seemed like “risk-free” returns in the past few months turned into a liquidity crisis with over $10 billion in outflows in just one day, as well as potential defaults of up to around $200 million.

If there is one key lesson to be learned, it is this: in DeFi, yield is always priced with risk — it's just that this risk is often underestimated before the first systemic event occurs.

[Original Article]