Kelp rsETH Bridge Exploit Drains $293M, Triggers DeFi Contagion
Kelp said it suffered an exploit affecting its rsETH token operations on Saturday. Security firm Cyvers reported the attacker targeted the rsETH bridge adapter contract, causing about $293M in losses in a short window.
The stolen funds were routed through Tornado Cash, and Cyvers estimated roughly $250M was converted to ETH across networks. After detecting unusual cross-chain activity, Kelp paused rsETH smart contracts on the mainnet and several Layer-2 systems. No confirmed recovery has been announced.
The incident triggered cross-protocol contagion. At least nine protocols with rsETH exposure took risk-reduction steps, including pausing or restricting rsETH-related actions. Aave confirmed it froze rsETH markets on Aave V3 and V4.
For traders of rsETH, the near-term read-through is higher smart-contract and counterparty risk. Liquidity around rsETH and dependent DeFi markets may tighten, putting downward pressure on rsETH valuations until stability returns. The broader backdrop remains concerning, with crypto hacks and scams totaling about $482M in Q1 2026.
Bearish
This is a direct rsETH bridge adapter exploit that has already led to large, fast-moving losses and immediate protocol-wide risk controls. With Kelp pausing rsETH contracts and Aave freezing rsETH markets on both Aave V3 and V4, market access is reduced and liquidity is likely to tighten. Cross-protocol contagion risk suggests additional downstream venues may further restrict rsETH activity, which can amplify sell pressure and widen spreads in the short term. Longer term, rsETH sentiment depends on whether security reviews, bridging/adapter fixes, and potential fund recovery (if any) restore trust; until then, the likelihood of lingering de-risking remains higher than the probability of quick normalization.