Aave founder defends protocol after $8.45B DeFi bank run
Aave founder Stani Kulechov defended the decentralized lending protocol after an $8.45 billion wave of withdrawals following a major DeFi incident tied to the April KelpDAO exploit. Speaking at Proof of Talk in Paris, Kulechov said Aave stayed operational even as the broader market was hit and emphasized that Aave’s V3 infrastructure has already handled multiple volatility cycles.
Within 48 hours of the KelpDAO-linked disruption, roughly $8.45B left Aave, creating one of DeFi’s largest liquidity shocks. The Aave DAO and Kulechov provided emergency support—25,000 ETH from the DAO plus another 5,000 ETH personally—to stabilize liquidity.
Security researchers later traced the underlying attack to RPC-spoofing and DDoS targeting LayerZero verifier nodes connected to KelpDAO. Kulechov argued that this was not a flaw in Aave’s core smart contracts, but a wider external-dependency risk. However, not all assessments were aligned: LlamaRisk reported attackers used the exploit to create worthless collateral, estimating about $123.7M bad debt in Aave V3. Another analysis pointed to weaknesses in DeFi insurance and compared the dynamics to traditional bank-run pressure.
Looking ahead, Aave Labs is preparing the V4 upgrade, moving from liquidity pooling to a modular “hub-and-spoke” framework to isolate risky collateral and reduce contagion. At the same time, Aave Labs is expanding regulated operations, citing UK FCA approvals and EU MiCA authorization.
Neutral
This is likely neutral for traders. Short-term, the $8.45B withdrawal event reinforces that DeFi can still experience bank-run-like liquidity shocks when external dependencies (bridges/oracles/verifier infrastructure) are attacked, which can keep risk premiums elevated and raise volatility around lending tokens/ETH exposure. Aave survived operationally, but reported outcomes like bad debt estimates (e.g., ~$123.7M) show that “survival” does not mean “no losses.”
Long-term, Kulechov’s focus on Aave’s resilience plus the planned V4 move toward modular isolation of collateral targets contagion risk—the same type of systemic spread that traders feared in prior DeFi incidents tied to bridging and cross-protocol dependencies. The added regulatory approvals (FCA/MiCA) can marginally improve institutional comfort, which may support sentiment. Net effect: resilience + upgrades are constructive, yet the demonstrated ability for external exploits to propagate means downside tails remain, so the trading stance should be cautious rather than outright bullish.