On April 18, 2026, attackers compromised the KelpDAO interchain bridge and mined 116,500 rsETH—18% of the circulating supply of that liquid restaking token—equivalent to $292 million.
It was the largest hack of a DeFi (decentralized finance) protocol of the year. But the theft was only the beginning of a chain reaction that would end up hitting other platforms, with especially notable damage to Aave.
The bitcoin (BTC) and cryptocurrency exchange, Bitfinex, published this April 24 a analysis in which he describes the episode as a textbook example of the systemic vulnerabilities of the DeFi ecosystem. According to the firm, what happened with Kelp is not only the story of a compromised bridge: it is a warning about how failures spread in DeFi and about where the risks that the markets do not monitor are hidden.
What happened to Kelp DAO and how did it affect Aave?
Before moving on to Bitfinex’s reflections, it is necessary to fully understand how the hack occurred. Kelp DAO issues rsETH, a token representing staked ether (ETH). To move that token between cryptocurrency networks, the protocol used LayerZero’s messaging infrastructure with a 1-of-1 Decentralized Verifier Network (DVN) setup: a single verifier responsible for validating cross-chain messages.
The attackers did not target Kelp restaking contracts. They went against the infrastructure that fed the verifier. They compromised two RPC nodes that the DVN was using, replaced them with versions reporting false data, and launched a denial of service (DDoS) attack against the remaining clean nodes, forcing the verifier to read only the poisoned sources.
The result: the system accepted a forged message instructing to release rsETH on Ethereum as if the token had been burned on the source network. It hadn’t been.
The bridge contract complied and released the funds. Within hours, rsETH with no real backing was circulating freely.
Bitfinex explains: “within hours, the stolen tokens were being used as collateral in some of the largest DeFi lending protocols, protocols that had nothing to do with the original attack.”
The attacker deposited the tokens as collateral in Aave—the world’s largest decentralized lending protocol—and borrowed approximately $190 million in wrapped ether (WETH).
Aave was not hacked. Their contracts operated exactly as designed. Even so, he was exposed to guarantees that no longer represented what the market assumed.
The reaction was immediate. As CriptoNoticias explained, the ETH utilization rate on Aave reached 100%. The protocol froze rsETH markets and preemptively blocked WETH markets.
AAVE token fell 20% in 24 hours. In two days, $8 billion had left the protocol, according to DefiLlama data. Bad debt losses are estimated at more than $100 million.
rsETH, a fully accepted token
As Bitfinex rightly points out, rsETH was not a fringe token. “It was integrated into multiple protocols, accepted by risk frameworks, valued by oracles and used by depositors in various leveraged strategies.” It was, in every visible sense of the market, a legitimate asset.
That is precisely what makes the failure dangerous. The composability of DeFi —the ability for the output of one protocol to be the input of another—is commonly presented as a strength of the ecosystem. The Kelp case shows that also can function as a vector of contagion: “when an input fails, the damage inevitably spreads through the same connections.”
Arbitrum, one of the affected layer 2 networks, froze 30,766 ETH linked to the attack through its Security Council. That intervention, Bitfinex points out, illustrates another problem: once the fault propagates, the result “no longer depends solely on the code, but also on governance and emergency intervention”, something “very controversial in systems that call themselves decentralized.”
Once that infrastructure fails, the damage does not remain local. It spreads through interconnected markets, reaching places that were never directly attacked, and then being influenced by sometimes questionable governance decisions.
Bitfinex, cryptocurrency exchange.
Bitfinex’s conclusion points beyond DeFi. With the tokenization of bonds, deposits, and real-world assets gaining institutional traction, the structural warning is direct: «the weakest point may not be in the visible market, but in the infrastructure hidden beneath the surface».
Every tokenized asset implies a promise: that that token actually represents the underlying asset. That promise only holds if the infrastructure linking token and backing remains intact. In the case of rsETH, that link was broken without the token ceasing to appear as valid in the accounting record.
“The credibility of rsETH depended on infrastructure that regular market checks failed to detect,” Bitfinex writes. The token had liquidity, price, and integration with leading protocols. What it was missing was redundancy in the layer that determined whether the ETH it represented actually existed.
Regardless of how the consequences are managed, one of the key lessons is that once bad assets enter the mainstream market, the end result is no longer limited to just code.
Bitfinex, cryptocurrency exchange
Kelp and LayerZero still publicly dispute responsibility. LayerZero claims to have warned KelpDAO about the risks of a single verifier setup. KelpDAO responds that that configuration was consistent with the official LayerZero documentation and quickstart guide. Since then, LayerZero stated that it will stop signing messages for any application that operates with a single verifier.
The debate about responsibilities matters. But it doesn’t change the central fact: unbacked rsETH continued to look valid, continued to circulate, and the damage continued to spread.
How many other fragilities will DeFi hide beneath its surface?
DeFi has been building layers upon layers of financial sophistication for years, but this episode exposed that the robustness of that entire architecture may ultimately depend on infrastructure decisions that seemed reasonable at the time they were made, but were not so wise.
If this can happen to a token embedded in major ecosystem protocols, valued by oracles and accepted by institutional risk frameworks, the uncomfortable question is how many other similar fragilities are waiting, unseen, in the DeFi infrastructure? Perhaps more than the market is willing to admit before they fail.