Within 48 hours, investors pulled more than USD 15 billion from the entire DeFi sector after attackers compromised the liquid restaking protocol KelpDAO. They made off with 116,500 rsETH worth roughly USD 292 million. As a result, the theft accounts for about 18 percent of the total rsETH circulating supply.
LayerZero attributes the KelpDAO hack to North Korea's Lazarus Group, specifically the TraderTraitor subunit. The same actor is suspected of stealing USD 285 million from the Solana protocol Drift on 1 April 2026. Therefore, the suspected Lazarus losses from DeFi protocols in the first four months of 2026 add up to nearly USD 600 million.
Subscribe to our newsletter
The best articles of the week, directly delivered into your mailbox.
Cross-chain bridge as the weak point
The attack did not target smart contract flaws at KelpDAO itself, but rather the LayerZero infrastructure. The attackers compromised two RPC nodes in the LayerZero verifier network and swapped the software for manipulated versions. In addition, a simultaneous DDoS attack on the remaining nodes forced a failover to the tampered systems. Wallet funding took place roughly ten hours before the hack via Tornado Cash.
Subsequently, the attackers minted unbacked rsETH tokens through the LayerZero bridge and deposited them as collateral on Aave V3. As a result, they were able to borrow around USD 195 million in WETH. Because rsETH runs on more than 20 networks, including Base, Arbitrum, Linea, Blast, Mantle and Scroll, orphaned positions remained on various chains.
KelpDAO responded quickly and paused the rsETH contracts on Ethereum and all L2 networks within 46 minutes of the initial mint. At least nine protocols took emergency measures. For example, SparkLend, Fluid, Upshift, Compound and Euler froze their rsETH markets. Ethena preemptively paused all LayerZero OFT bridges, while Lido Finance halted earnETH deposits due to rsETH exposure.
Dispute over DVN configuration
A public dispute over who was to blame erupted immediately between LayerZero and KelpDAO. In its official statement, LayerZero points out that KelpDAO used a 1-of-1 DVN configuration. This amounts to a single point of failure. Only a single Decentralized Verifier Network node had to be compromised to sign fraudulent messages. According to LayerZero, a multi-DVN configuration would have required consensus across several independent verifiers and neutralised the attack.
KelpDAO counters that the compromised DVN was LayerZero's own infrastructure. Moreover, the LayerZero quickstart guide and the GitHub defaults themselves showed a 1/1 DVN configuration. The breadth of the problem is striking: according to KelpDAO, around 40 percent of all protocols on LayerZero use the same configuration. LayerZero then announced that, going forward, it would no longer sign messages from applications with a 1/1 DVN setup. As a result, a wave of configuration updates is on the horizon for many protocols.
Aave: from collateral breach to bank run
The market leader in DeFi lending lost nearly USD 9 billion in TVL within 48 hours, sliding from USD 26 billion to USD 17 billion. Consequently, Aave briefly lost its top spot as the largest DeFi protocol. The AAVE token gave back 16 to 17.7 percent and broke through the USD 100 mark.
The Aave exposure traces back to governance proposal 434 from January 2026. At that point, the DAO raised the maximum loan-to-value ratio for rsETH in LST E-Mode from 92.5 to 93 percent. Anyone who deposited USD 100 in rsETH could borrow USD 93 in WETH. This turned rsETH into attractive yield-loop collateral. According to the Aave incident report, 89,567 of the 116,500 stolen rsETH ended up in seven attacker-controlled wallets. The largest single position in the Aave Ethereum core market comprised 53,000 rsETH and 52,460 WETH (around USD 121 million). The remainder was spread across Aave's Arbitrum deployment.
100 percent utilisation: ETH holders with no exit
Once it became known that Aave had accepted unbacked rsETH as collateral, whales began making massive withdrawals. Tron founder Justin Sun alone pulled 65,584 ETH worth around USD 154 million. MEXC and other large addresses followed. In total, more than USD 6 billion left the protocol within hours.
The ETH market was the first to hit 100 percent utilisation. Shortly afterwards, USDT and USDC followed. In sum, around USD 10.7 billion in ETH, USDT and USDC reserves were locked up. As a result, users with no rsETH connection whatsoever could no longer withdraw their deposits. This affected roughly USD 3 billion in USDT and USD 2 billion in USDC. The pattern matched a classic bank run: as soon as borrows reach supply, Aave automatically locks further withdrawals.
ETH depositors sold their aETH receipts for wETH on Uniswap, some at a noticeable discount to face value. Stablecoin holders took a detour: they borrowed GHO, DAI or USDe once again against their own trapped USDT and USDC deposits at loan-to-values between 75 and 90 percent. According to Spark strategist monetsupply.eth, additional loans of around USD 300 million against USDT collateral emerged within 24 hours. Furthermore, the cascade amplified illiquidity in other markets.
Bad debt: USD 124 to 230 million outstanding
Attackers deposited worthless rsETH and borrowed real WETH against it. Because the rsETH collateral no longer has backing after the bridge exploit, it cannot be liquidated. Instead, the damage lands directly in the WETH reserves.
The Aave incident report of 20 April outlines two scenarios. In the first scenario, KelpDAO distributes the loss across all rsETH holders. This would depeg rsETH by around 15 percent and generate roughly USD 124 million in bad debt at Aave. In the second scenario, KelpDAO isolates the damage on the L2 networks. Then L2 rsETH backing drops to 26.46 percent, a haircut of 73.54 percent. In this case, the damage rises to USD 230 million and concentrates on Mantle (USD 77.7 million), Arbitrum (USD 88.4 million), Base (USD 47.5 million) and Ink (USD 13.9 million). Ethereum core would remain untouched.
The liquidation mechanics worsen the situation. Because the free WETH balances on every affected chain sit below USD 20, liquidators receive aWETH receipts instead of WETH. As a result, the capital stays locked in the reserve pool, and throughput falls. In a simulated 50 percent drop in the ETH price, the report calculates another USD 100.8 million in residual damage on Ethereum alone, plus smaller positions on Arbitrum, Base, Linea and Mantle.
Umbrella module under stress
Aave activated its Umbrella safety module, which was introduced in June 2025 as an automatic buffer against bad debt. In the event of a deficit, Umbrella depositors (aWETH stakers) are automatically slashed without a governance vote. However, Umbrella covers only Ethereum core reserves. In the less favourable scenario 2, where the damage concentrates on L2s, the module would not kick in at all.
In addition, the module is smaller than the potential damage. Umbrella manages around USD 50 million compared with bad debt of between USD 124 and 230 million. Even more uncomfortable: of 23,507 aWETH in the module, 18,922 (80 percent) are already in the 20-day unstaking cooldown. Service providers therefore recommended an immediate pause of the WETH Umbrella module. This would block deposits, withdrawals and slashing. Coverage would then have to be arranged manually through governance votes.
The protocol initially announced that Umbrella would cover the damage. By late Saturday, the team had softened the pledge to "explore paths to offset the deficit". The stkAAVE pool, which backstops the Umbrella reserve, sits at the centre of the question of who ultimately carries the gap. According to the report, as of 20 April the Aave DAO held a treasury of USD 181 million, of which USD 62 million in ETH-correlated assets, USD 54 million in AAVE tokens and USD 52 million in stablecoins. Operating cash flow came to USD 149 million in 2025 and USD 40 million so far this year.
Chain reaction beyond Aave
The impact reached far beyond Aave. Total DeFi TVL fell by USD 13.21 billion within 48 hours, reaching around USD 85 billion on 21 April 2026, the lowest level in a year. Compared with the start of 2026 at around USD 110 billion, this amounts to a decline of roughly 25 percent. The lending sector took the hardest hit.
Morpho lost USD 1.7 billion in deposits, Sky USD 600 million. On Solana, Kamino saw around USD 280 million pulled since 18 April. The Ethereum DeFi sector recorded a monthly decline of nearly 18 percent. Ethena preemptively paused all of its own LayerZero OFT bridges without direct rsETH exposure. Lido Finance halted earnETH deposits because of indirect rsETH dependency. Consequently, the contagion spread to protocols without direct exposure, driven by loss of confidence rather than actual positions.
Collateral, bridge, validator: the DeFi risk chain reassessed
DeFi composability, the ability to use tokens across protocols as collateral, has significantly amplified the damage. Stolen rsETH became unbacked loan capital on Aave, which now sits on the books as bad debt. The 40 percent estimate for 1/1 DVN configurations suggests that many LayerZero integrations carry the same risk. Yearn developer banteg documented that LayerZero's own V2 OApp quickstart uses the 1/1 setup as the reference configuration across Ethereum, BSC, Polygon, Arbitrum and Optimism.
Lending protocols therefore face a new pricing problem: collateral whose backing rests on an external bridge is only as safe as that bridge's security configuration, over which the lender has no influence. The risk chain no longer runs only from the issuer to the lender, but extends through the bridge infrastructure to the validator setups of individual messaging protocols. Treasury managers and DeFi funds that previously treated LRTs as blue-chip collateral will examine DVN setups, audit depth and oracle resilience much more closely going forward.
LayerZero has replaced the affected RPC nodes, brought the DVN back online and, according to its own statement, is working with law enforcement agencies. The 1/1 DVN default configuration will no longer be signed going forward. How quickly the affected DeFi protocols switch their configurations will determine whether the KelpDAO hack remains an isolated case or marks the beginning of a wave.
