KelpDAO’s LayerZero bridge was exploited on April 18, 2026, making it the largest DeFi hack of 2026 so far. It happened at 17:35 UTC when an attacker was able to mint 116,500 unbacked rsETH tokens worth approximately $292 million due to a critical misconfiguration with the bridge.
What is KelpDAO, and how did the attacker get in?
Kelp DAO is an Ethereum-based liquid restaking protocol. Users deposit ETH, Kelp routes it through EigenLayer for additional staking rewards, and issues rsETH, a tradeable token representing the staked position. rsETH circulates across more than 20 blockchain networks including Arbitrum, Base, Linea, and Scroll, with LayerZero’s Omnichain Fungible Token standard handling cross-chain movement. Kelp’s bridge holds the central ETH reserve backing wrapped rsETH on all those other networks. That reserve was the target.
The attack exploited a single configuration decision with catastrophic consequences. Kelp’s rsETH bridge adapter was set to require only one Decentralized Verifier Network attestation to approve any cross-chain message. With no backup validators, one forged attestation was enough. The attacker called LayerZero’s EndpointV2 contract with a fabricated cross-chain packet, convinced the system a legitimate instruction had arrived from another network, and the bridge released 116,500 rsETH to an attacker-controlled wallet. Preparation dated back roughly ten hours earlier, when the attacker funded wallets through Tornado Cash’s 1-ETH mixer to obscure the trail. Kelp’s emergency pause activated 46 minutes later. Two follow-up attempts to drain another 40,000 rsETH were blocked.
How Aave became the exit door
Rather than dumping the stolen rsETH on the open market, which would have crashed its price immediately, the attacker deposited it into Aave V3 as collateral and borrowed approximately $236 million in wrapped ether against it. Because the collateral was minted from nothing, those positions cannot be liquidated through normal mechanics. Aave is now holding between $177 million and $200 million in bad debt, concentrated almost entirely in the rsETH-WETH pair, the dominant collateral pairing on Aave’s Ethereum book.
Your completely free resource hub designed to boost your knowledge of cryptocurrencies
Aave’s own smart contracts were not compromised. Founder Stani Kulechov confirmed the exploit was entirely external. But the structural damage was immediate: Aave’s WETH pool hit 100% utilization as users scrambled to exit. At full utilization, there is no idle liquidity in the pool, meaning suppliers cannot withdraw until new deposits arrive or Aave’s Umbrella backstop settles the deficit. Users who staked aWETH in the Umbrella vault now face automatic slashing to cover the losses, the first real-world test of the mechanism since it replaced Aave’s legacy Safety Module in late 2025.
Price reaction: tokens and TVL take the hit
The market reaction was swift and broad. AAVE dumped 17% from $111 to $92 within hours of the exploit becoming public. ZRO, LayerZero’s native token, dropped 12% in the same window as questions mounted over the bridge infrastructure at the centre of the attack. KERNEL fell 16%.
A whale holding a leveraged ZRO long on Hyperliquid was liquidated for $2.88 million. Aave’s total value locked collapsed from $26.3 billion to approximately $20.085 billion, more than $6 billion erased in under 48 hours, according to DeFiLlama. The panic was amplified by high-profile exits: on-chain tracking by Lookonchain showed over $5.4 billion in ETH outflows from Aave, with TRON founder Justin Sun pulling 65,584 ETH worth approximately $154 million in a single transaction, and MEXC withdrawing a reported $431 million separately.
The contagion list grows
The freeze spread fast. Aave halted rsETH markets on V3 and V4. SparkLend and Fluid followed with their own rsETH freezes. Lido paused deposits into its earnETH product due to rsETH exposure. Ethena temporarily suspended its LayerZero OFT bridges from Ethereum mainnet as a precaution, despite confirming zero direct rsETH exposure. With rsETH circulating across more than 20 networks, holders on Layer 2 chains face deep uncertainty, the bridge backing their tokens remains paused and the reserve is gone.
Justin Sun, beyond withdrawing his own funds, publicly invited the attacker to negotiate on X, writing, “OK, Kelp DAO hacker, how much you want? Let’s just talk.” No response has been reported.
Where things stand
Kelp DAO confirmed it is working with LayerZero, Unichain, its auditors, and outside security specialists on a root cause analysis. LayerZero described the failure as a configuration issue rather than a core protocol bug, and said it remains in active remediation with the Kelp team. Neither party had published a post-mortem at the time of writing. Unconfirmed analyst estimates suggest bridged-chain rsETH holders could face a 15% to 20% haircut under a selective recovery plan.
Aave initially said its Umbrella reserve would be used to cover the bad debt. That language was later softened to “explore paths to offset the deficit”, a shift that did not go unnoticed. The KelpDAO breach is the fourth major DeFi exploit this month, following Drift Protocol, Rhea Finance, and CoW Swap. Combined losses from DeFi exploits in April 2026 alone now exceed $600 million. The incident has sharpened the industry debate over whether modular bridge security, without enforced minimum verification standards, is compatible with the billions in TVL it is now asked to protect.
