KelpDAO $292M Exploit Triggers Aave Bank Run, DeFi in Crisis
A $292 million exploit of KelpDAO's LayerZero bridge sent shockwaves through DeFi, leaving Aave with $196M in bad debt and triggering a bank run. The incident underscores the systemic risk of liquid restaking tokens as collateral, prompting a full-scale reassessment of lending protocol security.
Quick Take
$292M KelpDAO bridge exploit allowed minting of unbacked rsETH, used as collateral on Aave.
Aave now holds $196M bad debt; AAVE token fell 30% and TVL dropped $6.2B in a day.
Bank run dynamics emerged as depositors borrowed stablecoins to exit, spreading to other protocols.
DeFi lending protocols must reassess LRT collateral security; trust may take long to rebuild.
Market Impact Analysis
BearishMajor exploit causes $196M bad debt on Aave, bank run dynamics, and widespread trust erosion in DeFi, likely depressing AAVE, ETH, and related tokens.
Speculation Analysis
Key Takeaways
- A $292M exploit on KelpDAO's bridge minted 116,500 unbacked rsETH tokens, then used as collateral on Aave to drain real assets.
- Aave absorbed $196M in bad debt, its token crashed 30%, and TVL fell $6.2B within 24 hours as rsETH collateral was frozen.
- Borrowers triggered a bank run by taking out stablecoin loans against deposits to exit Aave, while SparkLend, Fluid, and Lido froze rsETH exposure.
- DeFi lending protocols face a reckoning over liquid restaking tokens as collateral; rebuilding user trust could take months.
What Happened
A single crafted message exploited KelpDAO's LayerZero bridge on Saturday at 17:35 UTC. The bridge accepted the message and minted 116,500 rsETH鈥攚orth $292M and 18% of total supply鈥攄irectly to an attacker's wallet. No ETH was locked on the source chain. The attacker deposited the unbacked tokens into Aave as collateral and borrowed real wrapped ETH, then likely swapped into other assets. Aave's contracts were never breached, but its whitelisting of rsETH as ETH-correlated collateral proved catastrophic. The result: $196M in bad debt that Aave must now absorb.
The Numbers
The $292M exploit is the largest DeFi hack of 2026. Aave's TVL plunged from $26.4B to around $20B in a single day, marking a $6.2B drop. The AAVE token fell 30%. Total DeFi TVL shrank by $13B as panic cascaded. On Aave, depositors rushed to borrow stablecoins against their positions, triggering a classic bank run. rsETH holders across 20+ chains now face tokens of uncertain backing.
Why It Happened
The root cause: a bridge that trusted a malformed message without verifying actual ETH transfers. Liquid restaking tokens like rsETH introduce cross-chain complexity and opaque backing assumptions. Aave's risk parameters treated rsETH as equivalent to ETH, ignoring bridge exploit vectors. This incident exposes a systemic flaw in using LRTs as lending collateral. The DeFi ecosystem has not stress-tested these assets against bridge failures, and the $600M in recent exploits underscores accelerating risk.
Broader Impact
The fallout forced SparkLend, Fluid, and Lido to freeze rsETH exposure immediately. Aave's contagion spread across multiple chains, leaving rsETH with uncertain value. Trust in DeFi's safety mechanisms has eroded sharply. Lending protocols now face pressure to reassess all LRT collateral, and regulators may intensify scrutiny of bridges and liquid staking derivatives. Rebuilding user confidence will likely take months, if not longer.
What to Watch Next
- Aave governance will likely propose a bad debt repayment plan; monitor AAVE token for further volatility.
- Liquid restaking token protocols, including rsETH, may face delisting from major lending markets.
- On-chain investigators will trace the stolen funds; partial recovery via Tornado Cash deanonymization is possible.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
漏 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
