An exploit targeting Kelp DAO's $rsETH cross-chain bridge resulted in drained assets and widespread DeFi operational pauses. The attacker minted 116,500 $rsETH (18% of total supply) by exploiting a LayerZero-based bridge vulnerability that allowed creation of unbacked tokens via a forged cross-chain message.
The perpetrator used the fraudulently minted $rsETH as collateral on Aave V3 to borrow $ETH, resulting in $177 million in bad debt. Aave V3 responded by freezing its $rsETH and $wrsETH markets. Aave Guardian confirmed the flaw was external to Aave, residing in the $rsETH asset. This triggered the first activation vote for Aave's $400 million Safety Module in 72 hours, a rare event. The protocol also saw $5.4 billion in $ETH exit.
Borrow rates on Aave surged to 9%, prompting liquidations of looped $ETH positions. Spark Protocol, which deprecated $rsETH in January, saw $ETH deposit APY spike to 130% during Aave's freeze before settling at 18%. f(x) Protocol paused its LayerZero OFT bridge from Ethereum mainnet, confirming no $rsETH exposure on Aave V3. TermMaxFi confirmed zero $rsETH exposure.
$rsETH dropped 3.8% to $2473.67 in 24 hours. $AAVE, Aave's governance token, fell 19.8% to $90.79 over the same period. LayerZero ($ZRO), the exploited bridge's underlying technology, saw an 18.9% price drop in 24 hours.