Kelp DAO rsETH Exploit $292M Leaves $195M Bad Debt at Aave

Kelp DAO’s rsETH bridge was exploited for roughly $292 million. The attacker used the stolen assets as collateral on the Aave lending protocol, producing about $195 million in unresolved bad debt and triggering large withdrawals across DeFi markets.

On-chain analysts tracked a nearly $8 billion decline in total value locked across affected markets over a 48-hour period as users moved funds away from exposed positions. Aave teams modeled multiple bad-debt scenarios while protocol participants assessed exposure and options to contain losses. A substantial portion of the bridge-linked ETH was frozen on Arbitrum, and other stolen tokens began moving across blockchains after the freeze slowed transfers.

Curve founder Michael Egorov wrote on X, “WTF? Are we industry of clowns?” expressing frustration with failures tied to centralized points within some infrastructure.

Blockchain analysts and security executives described the exploit as a sequence of failures: a bridge compromise that created collateral risk, which then produced stress in lending markets and prompted rapid withdrawals. Wenzhao Dong, a blockchain analyst at CertiK, noted many teams still treat security as an overhead rather than a core operational priority and argued that protocols must treat counterparty risk as a primary factor. Brian Trunzo of Succinct Labs warned that trust-heavy validator models are risky and urged broader adoption of proof-based systems such as zero-knowledge techniques, calling single-signer assumptions insufficient.

Other industry figures highlighted weaknesses in shared-pool lending models when a single compromised asset becomes overused as collateral. Sergej Kunz, co-founder of 1inch, pointed to how a single bad asset can drive full utilization and trap user funds. Matthew Pinnock, COO at Altura DeFi, noted how quickly withdrawals accelerated once collateral assumptions failed.

Some participants praised the coordination that limited further outflows. Taylor Monahan, a wallet security expert, called the Arbitrum emergency freeze an effective emergency response that prevented additional transfers. Haseeb Qureshi of Dragonfly compared the episode to prior market failures and said the sector has repeatedly tightened practices after major incidents. Neil May, CEO of defi.com, focused on user experience, arguing that mainstream adoption depends on products that reduce security burdens for end users and offer clearer recovery paths.

Lukas Schor, president of the Safe Ecosystem Foundation, warned that nation-state-linked actors have increased attack frequency and that artificial intelligence is amplifying reconnaissance and social-engineering risks. He said even established protocols face elevated threats and urged stronger defenses.

The Kelp incident adds to a recent run of losses in decentralized finance. Industry figures reported total reported losses in recent weeks in the hundreds of millions of dollars, including a roughly $285 million exploit at Drift and other incidents with revised loss estimates in the low millions. The episode shows how bridges, wrapped tokens and lending markets can transmit shocks across interconnected protocols while teams continue to evaluate technical, governance and operational responses.