Loading Search...
Aave lost over $6 billion in total value locked this week after a $290 million exploit on KelpDAO's rsETH bridge created roughly $177 million bed debt.
Author: Sahil Thakur
20th April 2026 – Aave lost over $6 billion in total value locked this week. A $290 million exploit on KelpDAO’s rsETH bridge created roughly $177 million in bad debt across the protocol.
High Signal Summary For A Quick Glance
Jeremy
@Jeremybtc
This is what has happened in the last few hours since the KelpDAO exploit. $AAVE dumped 17% from $111 to $92 in hours. $ZRO dropped 12% and $KERNEL dropped 16% in the same window. Aave's TVL collapsed from $26.3B to $20.085B over $6B wiped out. Aave's ETH utilization hit https://t.co/h90Fnb34fl
03:57 PM·Apr 19, 2026
kook 🏝️
@KookCapitalLLC
aave tvl is nuking down over -$6bn since the exploit 🤯 very dark days for defi https://t.co/XAY44PV4Vt
01:41 PM·Apr 19, 2026
Anndy Lian
@anndylian
It is highly unlikely that @aave will collapse entirely, but it is currently facing its most severe existential test since inception. 1/ Aave’s TVL sits at approximately $27.3 billion. The debt of $177 million represents roughly 0.65% of the total assets managed by the protocol. https://t.co/aVb1eCI5hk
OK — Kelpdao hacker, how much you want? Let’s just talk. With KelpDAO’s help, of course. It’s simply not worth it to sacrifice both Aave and KelpDAO and let them go down over this hack. You can’t spend $300 million anyway.
09:31 AM·Apr 19, 2026
High attention and emotional sentiment detected.
The attack took place on April 18. It targeted a vulnerability in KelpDAO’s LayerZero-powered cross-chain rsETH bridge. An attacker forged a LayerZero message through a single-DVN (Decentralized Verifier Network) configuration.
That forged message allowed the minting of 116,500 unbacked rsETH tokens, roughly 18% of total circulating supply.
Aave’s smart contracts did not suffer a breach. Instead, the damage came from the attacker depositing worthless rsETH as collateral and borrowing real assets against it.
KelpDAO is a liquid restaking protocol built on EigenLayer. It issues rsETH tokens that represent staked ETH positions. The protocol uses LayerZero’s OFT (Omnichain Fungible Token) standard for cross-chain transfers.
In a single transaction (tx: 0x1ae232da…), the attacker exploited a weakness in KelpDAO’s bridge configuration. The rsETH OFT Adapter on Ethereum mainnet relied on just one DVN for message verification. Only LayerZero Labs served as the verifier, creating a single point of failure.
According to Crypto Briefing, the attacker forged a lzReceive call. That call released 116,500 rsETH from escrow to an attacker-controlled address. None of these tokens had underlying ETH backing.
The root cause reportedly traces to a compromised peer contract on a source chain like Unichain. It may link to a private key leak, according to Phemex analysis.
KelpDAO’s operations multisig paused rsETH contracts across Ethereum and multiple L2s within about 46 minutes. By then, the attacker had already converted roughly $250 million of the stolen rsETH into ETH. Some funds moved through Tornado Cash.
rsETH served as an approved collateral asset on Aave V3 and V4, on both Ethereum and Arbitrum. The attacker supplied the unbacked rsETH as collateral and borrowed real assets against it.
On Ethereum, the attacker borrowed about 52,834 WETH against the full 116,500 rsETH position. On Arbitrum, the attacker took an additional 29,782 WETH and 821 wstETH. Smaller positions also appeared on Compound V3, Euler, SparkLend, and Fluid before those protocols froze their markets.
Because the rsETH collateral had no real backing, these positions could not face liquidation. DeFi Prime estimates the resulting bad debt at between $177 million and $196 million.
Crypto Briefing cites figures as high as $236 million across all affected WETH reserves. The damage concentrated in WETH pools: roughly $113 million on Ethereum and $67 million on Arbitrum.
Src: DefiLlama
The bad debt triggered a crisis of confidence in Aave. According to DefiLlama data, Aave’s TVL fell from about $26.4 billion to $20.7 billion. That represents a decline of $6 billion to $6.6 billion (21-25%).
Whales moved quickly. On-chain analysts reported that Justin Sun pulled about 65,000 ETH from the protocol. Other large depositors followed suit across multiple chains.
WETH and ETH lending pools hit 100% utilization. Depositors could not withdraw their funds. This liquidity crunch amplified the panic.
Broader DeFi TVL dropped roughly $10.5 billion (10.6%) across more than 20 chains.
The AAVE token price fell between 12% and 20%. Most reports cite a decline of 16-19%.
Loading chart...
Aave’s Umbrella backstop module, designed for this type of scenario, activated on Ethereum. The waWETH vault held about $56 million in coverage.
That proved insufficient against the scale of the bad debt. Estimates suggest a shortfall of roughly $120 million after the backstop payout. Arbitrum had no backstop coverage at all.
This gap raised concerns about losses spilling over to stkAAVE holders, Aave governance, or depositors. The protocol earns $140 million in annual revenue and holds $83 million in its treasury. Both figures now factor into discussions about covering the remaining deficit.
Aave acted within hours of the exploit. The team froze rsETH markets on both V3 and V4. That move prevented new deposits or borrowing power against rsETH.
The team also froze WETH reserves on affected markets across Ethereum, Arbitrum, Base, Mantle, and Linea.
Founder Stani Kulechov confirmed on X that “Aave’s contracts have not been exploited.” He called the incident “an exploit related to rsETH” from the KelpDAO bridge. He added that the team would “explore paths to offset the deficit.”
In a later update, Kulechov noted that “rsETH on Ethereum mainnet is fully backed.” Still, the team kept markets frozen out of caution. Aave risk partners Chaos Labs and governance contributor Marc Zeller both confirmed no Aave contract compromise.
Aave governance has opened a forum thread for emergency proposals to address the deficit.
Governance may propose using Umbrella assets first. Treasury funds, protocol revenue, and AAVE token adjustments could follow to cover the remaining shortfall. Post-mortems on LRT collateral risk may lead to tighter loan-to-value ratios.
Justin Sun publicly offered to negotiate with the hacker for a potential fund return. Meanwhile, liquidity workarounds are emerging. Fluid introduced aWETH redemption into wstETH and weETH to ease withdrawal pressure.
The Aave rsETH exploit exposed a critical vulnerability in DeFi’s interconnected architecture. A single misconfigured bridge setting on KelpDAO cascaded into a protocol-wide crisis at Aave, the largest DeFi lender. Aave’s quick freeze limited further damage, but the $6 billion TVL drop remains a major stress test for the ecosystem.
KelpDAO’s investigation remains ongoing. All rsETH contracts stay paused. The AAVE token and broader DeFi markets may face continued volatility as governance proposals take shape.
This article is for informational purposes only and does not constitute financial advice (NFA). Always do your own research before making investment decisions.
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
Aave
$92.94
