Security | April 20, 2026
Kelp Exploit Spills Into Aave Liquidity
A forged rsETH bridge release pushed bad collateral into lending markets, freezing affected Aave pools and setting off billions in reported withdrawals.
Kelp DAO's rsETH bridge exploit moved from one restaking token into Aave's lending markets within minutes.
Blockscout data shows 116,500 rsETH moving from Kelp-linked bridge infrastructure to an attacker address at 17:35 UTC on April 18. Decrypt reported the tokens were worth roughly $291 million at the time. The attacker then used rsETH as collateral on Aave to borrow regular assets, forcing Aave to freeze markets tied to the token while Kelp paused rsETH contracts across Ethereum mainnet and several layer-2 networks.