Aave Faces Up to $230M Bad Debt After KelpDAO Bridge Exploit
Aave could suffer up to $230 million in losses from the KelpDAO bridge exploit, as an attacker used fraudulently minted rsETH as collateral to borrow $190 million. Withdrawals surged by $6 billion as the protocol froze markets pending resolution.
Quick Take
Attacker minted 116,500 rsETH via forged cross-chain message.
Deposited 89,567 rsETH on Aave to borrow $190M.
Aave froze markets, set LTV to zero, lost $6B in TVL.
Bad debt could be $124M or $230M depending on loss allocation.
Market Impact Analysis
BearishSignificant potential bad debt on a major lending protocol threatens DeFi confidence and could lead to further capital flight and lower asset prices.
Speculation Analysis
Key Takeaways
- Aave could face up to $230 million in bad debt after an attacker borrowed $190 million using fraudulently minted rsETH as collateral.
- The exploit allowed the minting of 116,500 unbacked rsETH through a forged cross-chain bridge message on KelpDAO's system.
- Aave froze rsETH markets and set loan-to-value ratios to zero, triggering a $6 billion withdrawal from the protocol.
- The final loss hinges on KelpDAO's decision: spreading losses across all holders caps Aave's exposure at $124 million, while isolating to L2s pushes it to $230 million.
What Happened
An attacker exploited a weakness in KelpDAO's cross-chain bridge to forge transfer messages, minting 116,500 rsETH without backing. The fraudulent tokens were then deposited into Aave as collateral, enabling the attacker to borrow approximately $190 million in ETH and related assets across Ethereum and Arbitrum. Aave's team moved quickly, freezing rsETH markets and halting new borrowing within hours. The protocol's total value locked plunged by $6 billion as users withdrew funds, leaving Aave exposed to significant bad debt if the collateral proves worthless. The severity of the loss now depends on how KelpDAO allocates the shortfall.
The Numbers
Out of 116,500 fraudulent rsETH minted, 89,567 were deposited into Aave as collateral. The attacker borrowed $190 million, leaving the protocol with undercollateralized positions. If losses are socialized across all rsETH holders, a 15% depeg would result in $124 million in bad debt for Aave. However, if losses are isolated to Layer 2 networks like Arbitrum, the bad debt could soar to $230 million. The $6 billion deposit flight reflects market alarm and highlights the potential for contagion across DeFi lending platforms.
Why It Happened
The root cause was flawed cross-chain message verification in KelpDAO's bridge, which relied on LayerZero. The attacker forged a valid-seeming transfer message, tricking the system into issuing rsETH on the destination chain without locking tokens on the source chain. This created unbacked tokens that were accepted at face value by Aave. The incident exposes the fragility of bridges and the cascading risks they pose to lending protocols. Even without a direct hack of LayerZero, the exploit leveraged systemic trust assumptions that turned out to be dangerous.
Broader Impact
The event shook confidence in cross-chain DeFi. Aave's rapid containment limited immediate damage, but the $6 billion exodus signals fear of unbacked collateral. Other lending platforms may tighten risk parameters for bridged assets. KelpDAO's $181 million treasury faces pressure to cover losses, but discussions are ongoing. The exploit also raises questions about whether Liquid Restaking Tokens introduce hidden leverage points, prompting a re-evaluation of security practices across the ecosystem.
What to Watch Next
- KelpDAO's decision on loss allocation and potential use of its treasury to backstop the depeg.
- AAVE token price volatility and overall DeFi lending activity as markets digest the risk.
- Protocol audits and policy changes governing collateral acceptance, especially for bridged assets.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
