KelpDAO Hit by a Hack Wave: How Aave Locked 80% of $200 Million in Bad Debt

April 18, 2026 UTC 17:35, attackers exploited KelpDAO’s LayerZero-based rsETH cross-chain bridge, stealing approximately 116,500 rsETH over about 46 minutes, worth around $292 million. The critical flaw in the attack was not a traditional smart contract code vulnerability—since rsETH’s liquidity was insufficient to support large sell-offs—but rather that the stolen assets were used as collateral in lending protocols like Aave V3, Compound V3, and Euler to borrow about $236 million in real WETH/ETH.

The root cause of this incident was not a flaw in the smart contract code itself, but a misconfiguration at the deployment parameter level. KelpDAO adopted a 1/1 DVN (Decentralized Validation Network) configuration in its LayerZero V2 cross-chain solution—requiring only a single validator node to confirm cross-chain messages. Once this DVN node was compromised, the attacker gained the ability to forge arbitrary cross-chain messages, effectively “minting” tokens out of thin air. More alarmingly, according to Dune Analytics, at the time, 47% of LayerZero OApps used the same 1/1 DVN setup, involving assets exceeding $4.5 billion. This indicates that the KelpDAO incident exposed not just an isolated project issue, but a systemic security flaw across the entire cross-chain infrastructure layer.

How the chain of events from lending collateral to bad debt accumulation operates

After forging rsETH, the attacker deposited it into multiple lending protocols, with Aave V3 bearing the largest exposure. On-chain data shows approximately 89,567 rsETH (about $221 million) was used as collateral in Aave, with about 82,650 WETH (roughly $191 million) borrowed. Since the rsETH involved was minted out of thin air at the source, these false assets, once used as collateral, invalidated the basis for liquidation—there was no legitimate underlying asset backing the loans.

However, strictly speaking, Aave’s code was not compromised. The protocol’s lending logic remained operational; the problem lay in the collateral’s underlying value—these rsETH assets’ backing was broken after the cross-chain bridge theft. Aave immediately froze all rsETH markets, set the Loan-to-Value (LTV) ratio to zero, and urgently adjusted the interest rate model. But by then, the bad debt was already a fait accompli. According to an incident report from Aave’s service provider and risk management firm LlamaRisk, based on different loss-sharing schemes, Aave faced bad debt between $124 million and $230 million. The widely cited $200 million gap reflects the core net loss caused by the event.

Why single-point validation vulnerabilities are a systemic blind spot in industry security

The key difference between the KelpDAO incident and other DeFi security breaches is that there were no auditable vulnerabilities in the source code. The problem was not in the .sol files but in a configuration parameter—specifically, the DVN threshold—set during protocol deployment. This parameter is outside the scope of static analysis tools like Slither or Mythril, which detect known code vulnerabilities such as reentrancy. These tools offer little coverage for configuration-level risks. When “smart contract audits” focus solely on code correctness, deployment parameters like DVN configurations become a red blind spot in the security matrix.

LayerZero V2’s design philosophy delegates security decision-making to the application layer, ostensibly respecting flexibility. But in practice, project teams often choose the most extreme 1/1 mode for convenience. Once security mechanisms can be “configured away,” the scope of audits must expand accordingly. The KelpDAO incident reveals a core contradiction: cross-chain protocols offer multi-layer verification capabilities, yet projects often deliberately forgo these redundancies for ease of use. Currently, the industry lacks a standardized process for configuration security audits to bridge this gap.

How market panic and liquidity runs are amplified

Following the news, market panic rapidly turned into actual capital flight. As of April 27, 2026, data from Gate.io shows significant volatility in related tokens, with the DeFi sector under pressure. Within 48 hours of the incident, Aave experienced approximately $8.45 billion in net deposit outflows, with total value locked (TVL) dropping from about $26.4B to roughly $17.9B. The overall DeFi ecosystem’s total locked value declined by approximately $13.21 billion, from around $99.5B to about $86.3B.

It’s important to note that a decline in TVL does not equate to an equivalent loss of assets. Some analyses suggest that a significant portion of the outflows resulted from leveraged liquidations and risk-averse withdrawals by institutional funds, not asset destruction. Nonetheless, the event exposes a deeper issue: when a major lending pool is drained and utilization approaches 100%, normal withdrawal demands from ordinary users cannot be met. Aave was not the origin of the risk, but because its collateral included a high proportion of rsETH, it was pulled into the crisis vortex.

Technical details of money laundering paths and Arb freezing actions

After exploiting KelpDAO, the attacker quickly engaged in multi-layered money laundering operations. Initial funds originated from Tornado Cash; about 10 hours before the attack, the attacker received 1 ETH from a mixer. Post-attack, the attacker moved the stolen funds across multiple lending protocols and into cross-chain channels.

On April 20, the Arbitrum Security Council used emergency powers to identify approximately 30,765 ETH (about $71.5 million at the time) held by the attacker and executed a technical transfer to a secure address, freezing those assets. This marked a milestone in on-chain asset tracking: it demonstrated that Layer 2 security councils have governance authority to intervene in asset movements under certain conditions. But the attacker responded swiftly—within hours of the freeze, about 75,700 ETH (roughly $13B) was dispersed into two new wallets. On-chain investigators further found that about $1.5 million was transferred via Thorchain from Ethereum to Bitcoin, with additional funds obscured through privacy tools like Umbra. This indicates the attacker’s attempt to fully move the stolen funds out of the traceable Ethereum ecosystem.

Community rescue efforts and the path to covering the $200 million bad debt

Facing a roughly $200 million bad debt gap, Aave’s founders led the creation of an industry recovery fund called DeFi United. As of April 26, data from Arkham shows DeFi United has raised over $160 million, covering about 80% of the shortfall. The largest contributors are the Mantle and Aave communities, jointly donating 55,000 ETH, valued at approximately $127 million at current prices.

Aave founder Stani Kulechov personally donated 5,000 ETH; organizations like Golem Foundation, Ether.fi, and Lido DAO pledged additional contributions. More importantly, Aave Labs, together with KelpDAO, LayerZero, Ether.fi, and Compound, submitted a constitutional-level proposal to the Arbitrum DAO to unfreeze the 30,765 ETH (about $71.5 million) previously frozen by the Arb Security Council and inject it into DeFi United. If approved, the total size of DeFi United could exceed $236 million, fully covering the current bad debt.

This governance process is expected to take about 49 days, and several large commitments are still pending DAO votes, so nothing is finalized yet.

Cross-chain security and the governance paradox in DeFi

The KelpDAO incident prompts deeper industry reflection: cross-chain bridge security remains a fundamentally unresolved systemic issue. Before the attack, 47% of LayerZero-connected dApps used the 1/1 DVN configuration. This is not an isolated choice by KelpDAO but a systemic pattern of neglecting security redundancies in favor of convenience. In cross-chain scenarios, trust depends not only on smart contract code but also on the deployment parameters and operational security of validator networks—areas often beyond the scope of standard audits.

Simultaneously, the Arbitrum Security Council’s asset freeze action highlights a long-standing paradox: a “decentralized” layer-2 network that, once equipped with code-level “backdoors” for intervention, resembles a centralized custodian. If user assets can be locked on-chain by a security council, the fundamental promise of “trustless” DeFi is compromised.

This event is no longer just a project-specific security crisis but a collective stress test of DeFi’s institutional foundations.

Summary

The KelpDAO hack is the largest DeFi security incident of 2026, with losses around $292 million. Its ripple effects include an $8.45 billion outflow from Aave within 48 hours and a TVL drop of over $130 billion across DeFi. The root cause was not a smart contract code flaw but a misconfiguration in cross-chain bridge deployment—specifically, the single validator setup still prevalent in many protocols.

Through the DeFi United recovery fund, over $160 million has been raised, covering about 80% of the bad debt, with proposals to unfreeze assets and restore confidence. As of April 27, 2026, the process is ongoing, awaiting multiple governance approvals. Regardless of how the $200 million bad debt is ultimately resolved, the KelpDAO incident marks a watershed moment—shifting DeFi from “code is law” to “governance is security.”

FAQ

Q: What is the fundamental vulnerability in KelpDAO?

The core issue is not a bug in the smart contract code but a configuration problem in LayerZero’s cross-chain DVN setup. KelpDAO used a 1/1 single validator node configuration, allowing an attacker to forge cross-chain messages by compromising that node, effectively minting rsETH out of thin air. This systemic security event results from the failure of the cross-chain trust model combined with deployment misconfiguration.

Q: How much did Aave actually lose in the incident?

Aave was not directly attacked, but because rsETH was used as collateral, the attacker borrowed large amounts of WETH. The estimated bad debt ranges from $124 million to $230 million, with industry often citing around $200 million. As of April 27, over $160 million has been raised to cover about 80% of the shortfall.

Q: Can the stolen funds still be recovered?

Some funds have been frozen. The Arbitrum Security Council successfully froze about 30,765 ETH (roughly $71.5 million). However, the attacker moved approximately 75,700 ETH (~$175 million) into new wallets and bridged funds via Thorchain to Bitcoin, complicating recovery efforts.

Q: Are other LayerZero-based protocols safe?

Not necessarily. Data from Dune Analytics shows that before the attack, 47% of LayerZero OApps used the same 1/1 DVN configuration, involving assets over $4.5 billion. Protocols need to review and possibly upgrade their DVN configurations, moving toward multi-validator setups to enhance security.