Kelp $292M exploit hit rsETH collateral for DeFi lending

Kelp $292M exploit don make people dey look liquid restaking and DeFi lending collateral again after attacker reportedly use LayerZero bridge send crafted message and mint unbacked rsETH. Reports talk say 116,500 rsETH (about 18% of circulating supply) release go pre-funded wallet, but no equal ETH movement for the other side. After that, attacker deposit the unbacked rsETH for Aave as collateral make e borrow real WETH come commot. Aave no be say dem hack am, but reports talk say protocol take collect about $196M bad debt because rsETH dey whitelisted as correlated ETH collateral. Market waka quick: Aave TVL drop about 25% in one day (to around ~$20B), broader DeFi TVL fall about $13B, and AAVE reportedly drop ~30%. Days after the $292M exploit, plenty protocols make moves to contain risk. Aave reportedly see big withdrawals and dem freeze rsETH markets for few hours. SparkLend and Fluid pause rsETH exposure, and Lido pause earnETH say na because rsETH-related setup exposure. Later update show how cascading exposure fit hard to trace. One account claim over $6.2B comot from Aave within 36 hours, say protocols dey struggle to map indirect “yield stacking” paths across bridges, restaking, and liquidation mechanics in real time. The same analysis also criticize bridge design for relying on 1-of-1 verifier, creating possible single point of failure. For traders, main lesson from Kelp $292M exploit be say APY fit hide cross-protocol, cross-bridge risk—this one mean collateral quality checks and liquidity/exit assumptions for LRT-linked positions need higher standard.