Aave's Total Value Locked Drops by Nearly $8 Billion After Kelp DAO Exploit

The Kelp DAO hack reveals critical vulnerabilities in cross-chain bridges, impacting the stability of decentralized finance (DeFi) ecosystems.

• Aave's total value locked (TVL) fell by nearly $8 billion following a $293 million exploit of Kelp DAO's bridge.
• Hackers drained 116,500 rsETH tokens, using them as collateral to borrow approximately $195 million in wrapped Ether from Aave.
• Mass withdrawals ensued, with $431 million pulled from MEXC and $392 million from Abraxas Capital, leading to a liquidity crisis.

• Kelp DAO is a liquid restaking protocol that issues rsETH tokens and operates across multiple Layer 2 networks via LayerZero's bridge.
• Aave, the largest DeFi lending protocol, had recently implemented an "Umbrella" model for bad debt protection but faced challenges after parting ways with its risk provider.
• The exploit highlighted systemic risks in DeFi, particularly as restaking activities increase, raising concerns about the security of cross-chain transactions.

On April 18, 2026, an attacker executed a sophisticated exploit on Kelp DAO's LayerZero-powered bridge, minting and draining 116,500 unbacked rsETH tokens valued at $293 million. This exploit was executed through a single function call, showcasing the vulnerabilities inherent in cross-chain bridges. The attacker then supplied the drained rsETH to Aave v3 as collateral, borrowing approximately $195 million in wrapped Ether (wETH). This action created a significant liquidity issue as the rsETH token subsequently depegged, leading to bad debt on Aave.

As a result, Aave's total value locked (TVL) plummeted from $26.4 billion to $18.6 billion within a matter of days, according to DeFiLlama data. Major outflows included $431 million from MEXC and $392 million from Abraxas Capital, indicating a loss of confidence among users. In response, Aave froze the rsETH markets on both v3 and v4, as well as wETH reserves across multiple networks, including Ethereum and Arbitrum. This drastic measure was part of Aave's strategy to manage the fallout from the exploit and protect its remaining liquidity.

The incident also triggered a sector-wide crisis, with the total value locked in DeFi dropping over $13 billion in just two days. AAVE token prices fell nearly 20%, reflecting the market's reaction to the exploit and the subsequent liquidity crisis. The Aave DAO had previously approved the deployment of v4 on the mainnet, but the exploit raised questions about the robustness of its risk management strategies.

In the aftermath, protocols like Curve Finance and Ethena paused their LayerZero integrations, highlighting the broader implications of the exploit on the DeFi ecosystem. The incident serves as a stark reminder of the interconnected risks present in decentralized finance, particularly as the sector continues to evolve and expand.

• DeFi Users: Individuals who have invested in Aave or used its services are directly impacted by the liquidity crisis and potential losses.
• Investors in Kelp DAO: Those holding rsETH tokens face significant devaluation and uncertainty regarding their investments.
• Liquidity Providers: Entities providing liquidity to Aave and other DeFi protocols may experience reduced returns and increased risk exposure.

• Regulatory Responses: Watch for potential regulatory scrutiny on cross-chain bridges and DeFi protocols as authorities assess the implications of such exploits.
• Market Recovery Indicators: Monitor Aave's recovery efforts and user confidence as they implement new safeguards and liquidity measures.
• Security Enhancements: Keep an eye on how DeFi protocols adapt their security measures in response to this incident, particularly regarding cross-chain vulnerabilities.