DeFi Shaken by rsETH Attack

As crypto continues to grapple with the latest DeFi exploit, the space is reckoning with an existential question: Is any DeFi application truly safe?

Over the weekend, crypto’s premier lending marketplaces were hit by this year’s largest DeFi exploit, involving a sophisticated attacker who compromised Kelp DAO’s LayerZero-powered bridge to illicitly mint 116.5k rsETH.

The newly minted (and unbacked) tokens worth approximately $290M were then deposited into Aave and other leading lending protocols, where they were used as collateral to borrow hundreds of millions of dollars in ETH, producing bad debt and triggering an industry-wide liquidity crisis.

What Went Wrong?

The attack unfolded rapidly in two phases, successfully exploiting weaknesses in Kelp DAO’s LayerZero-powered bridge before draining hundreds of millions of dollars from Aave via unbacked rsETH loans.

Phase 1: LayerZero Breach

Kelp DAO’s rsETH cross-chain bridge relied on LayerZero’s messaging infrastructure.

Critically, Kelp DAO configured its integration with the weakest possible security model, a 1-of-1 Decentralized Verifier Network (DVN) setup. This granted a single validator node, operated by LayerZero Labs, full authority to approve cross-chain messages.

While LayerZero’s incident post-mortem claims it cautioned against minimal security setups and recommended multi-verifier configurations for high-value bridges, its protocol still permits 1-of-1 deployments.

Further, an estimated 47% of protocols on LayerZero use the same configuration.

The attacker exploited this single point of failure, spoofing a valid cross-chain message to trick the LayerZero-operated bridge into minting 116.5k unbacked rsETH directly to attacker-controlled addresses.

While Kelp DAO’s multisig froze core contracts shortly afterward, it was already too late to reverse the damage that would follow…

Phase 2: Aave Drain

Armed with their misappropriated tokens, the attacker then immediately deposited their rsETH to Aave V3 (and to a lesser extent, other platforms like SparkLend and Fluid).

This fictitious collateral position then allowed the exploiter to borrow large amounts of WETH against their unbacked tokens, producing an estimated $262M+ of bad debt for Aave lenders in the transactions' wake.

Instead of waiting for this bad debt to accrue against their positions, savvy DeFi lenders made a fear-motivated rush for the exits over the weekend, draining over $7B in assets from leading protocols in the exploit’s aftermath, including $6.2B from Aave, or roughly 23% of the lending market's total value locked.

The panic has been so severe that utilization rates across many Aave V3 ETH, USDC, and USDT markets have spiked to 100%, effectively locking in liquidity and preventing users from making further withdrawals.

Current State of Affairs

With billions in assets now effectively trapped across crypto lending markets, risk is compounding.

Depositors are unable to actively manage positions as their collateral is already on loan, meanwhile, utilization-determined interest rates are spiking, placing additional pressure on borrower positions. As liquidity evaporates and panic spreads, fears are mounting around further bad debt accumulation and broader DeFi contagion.

In an effort to contain the damage, Aave governance has disabled rsETH markets across V3 and V4 deployments. Still, the move comes after the fact, and the protocol must contend with its hundreds of millions in outstanding bad debt before it can leave this ugly exploit saga behind.

Where to Next?

Aave’s V3 staking module holds $201M in stablecoins and $56M in WETH, capital that could be slashed to help absorb the rsETH-driven deficit. Beyond that, the protocol’s legacy safety module contains an additional $266M in AAVE tokens, which could be sold to cover any remaining shortfalls.

While the size of these backstops suggests Aave will be able to absorb this specific loss without going insolvent, the rsETH exploit episode raises deeper concerns about the resilience of decentralized lending markets.

A shock of this magnitude could deter users from lending capital – and even more so from backstopping risk via staking/safety modules – potentially undermining confidence in the unified liquidity strategy that underlies Aave V3.

Crypto economic systems were always intended to be built on resilient, trust-minimized foundations. Unfortunately, in the race toward a smoother UX or flashier feature set, some teams have taken shortcuts, introducing fragile points of failure as clearly evidenced by the breakdown of Kelp DAO’s 1-of-1 LayerZero bridge verifier.

Episodes like this underscore the risks of poorly designed, quasi-centralized systems and demonstrate the immense consequences of shortcut-driven design.

If crypto is to fulfill its promise, builders must abandon fragile architectures and return to security-first principles rather than relying on brittle multisigs or single-signer architectures.