- Attacker drains 116,500 ETH worth $293 million then deposits rsETH on Aave as collateral.
- Nine protocols freeze markets including Aave, SparkLend and Euler simultaneously.
- KelpDAO multisig took 46 minutes to freeze contracts with no public statement for three hours.
A single exploit on KelpDAO’s rsETH cross-chain bridge has frozen nine major DeFi protocols, created bad debt on Aave, and sent shockwaves through the liquid restaking sector.
The attacker drained 116,500 ETH worth approximately $293 million from KelpDAO’s bridge in a coordinated operation. Within minutes, the stolen rsETH was deposited into Aave as collateral to borrow ETH, creating bad debt that the protocol now has to absorb. The attacker’s wallets were funded through Tornado Cash, the privacy mixer, indicating pre-planned execution rather than opportunistic theft.
KelpDAO’s emergency multisig froze the protocol’s core contracts 46 minutes after the drain completed. The team did not post any public statement for nearly three hours after the incident began.
The Cascade Nobody Wanted
The single exploit hit nine protocols simultaneously:
- Aave V3 — froze rsETH markets, potential bad debt exposure
- SparkLend — markets paused
- Lido Earn via Mellow strategy meta-vault — frozen
- Fluid — markets paused
- Compound — markets paused
- Euler — markets paused
- Upshift — paused High Growth ETH and Kelp Gain vaults
- Pendle PT and YT tokens — affected
- Beefy strategies — possibly Yearn and LayerZero as well
The interconnected nature of DeFi’s liquid restaking infrastructure meant that one compromised asset rippled instantly across every protocol that accepted rsETH as collateral or integrated with KelpDAO’s vaults.
Where Things Stand
Aave confirmed that rsETH on Ethereum mainnet remains fully backed and that exposure to the incident is capped. WETH reserves remain frozen across Ethereum, Arbitrum, Base, Mantle and Linea while the team validates information and assesses resolution options.
Bitget confirmed it is monitoring the situation closely and warned users about heightened volatility in related tokens.
KelpDAO said it is working with LayerZero, Unichain, auditors and security experts on a root cause analysis. The investigation is ongoing.
Related: Analyst Flags Weekend Shakeout, Says $72K Could Fuel Bitcoin Upside
The Critical Line Nobody Can Cross
OneKey founder Yishi laid out the recovery framework. His priority list starts with negotiating a 10 to 15% bounty with the attacker to recover the bulk of funds. If that fails, he believes the LayerZero ecosystem fund should cover the majority of losses given its deeper resources and longer-term stake in DeFi’s credibility.
KelpDAO, which he described as the weakest party in this situation, should compensate users through tokens and future revenue sharing, or consider selling the entire project to LayerZero or another acquirer. But one line, he argued, cannot be crossed under any circumstances.
“WETH depositors absolutely cannot take a haircut,” Yishi said. Any loss imposed on WETH depositors would trigger repricing cascades across Morpho, Spark, Fluid and Euler simultaneously, effectively blacklisting the entire liquid restaking token sector and setting DeFi back by years.
Related: Trump Signals Ceasefire Doubt, Markets Turn Volatile
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
Source: https://coinedition.com/nine-defi-protocols-frozen-after-293-million-kelpdao-rseth-exploit/