rsETH Bridge Hack Drains $292M, Aave Freezes Markets
Kelp DAO suffered an rsETH bridge hack on Apr 18, draining about $292M (116,500 rsETH) via a LayerZero messaging exploit. On-chain investigators said the attacker triggered an unauthorized “lzReceive” transfer and routed funds into lending protocols. On Aave V3/V4, Compound V3, and Euler, the stolen rsETH collateral enabled borrowing of wrapped ETH, creating over $236M in debt positions and reportedly more than $280M of bad debt across protocols.
In response to the rsETH bridge incident, Kelp DAO paused rsETH deposits and withdrawals using an emergency multisig. Aave said its contracts were not compromised, but froze rsETH markets on Aave V3 and Aave V4 and reviewed rsETH-backed loans opened after the exploit. Other risk controls followed: SparkLend and Fluid reportedly applied similar freezes, Lido paused further earnETH deposits due to rsETH exposure, and Ethena temporarily paused its LayerZero OFT bridge (no rsETH exposure) for about 6 hours. Aave’s token reportedly fell ~10% on the news. The event is seen as the largest DeFi exploit year-to-date, adding to ongoing cross-chain bridge security concerns after prior major breaches (e.g., Drift Protocol).
Bearish
A large rsETH bridge hack is directly associated with major DeFi protocol risk actions (Aave market freezes and debt/bad-debt concerns across Aave/Compound/Euler). That combination typically pressures the affected token’s sentiment and liquidity in the short term (e.g., reported AAVE drop), and the need to review rsETH-backed positions can extend uncertainty for days to weeks. In the longer term, faster pause/freeze mechanisms may limit further contagion, but cross-chain bridge trust damage and ongoing settlement/recovery risk keep risk premiums elevated rather than neutral.