KelpDAO: $292M Gone in 4 Minutes. Smart Contracts. Dumb Settings.
North Korean KPI hit, 50+ project hacked, 0 people say kim is fat
On April 18, someone minted 116,500 rsETH out of thin air, deposited it as collateral on Aave, borrowed $236M in real ETH, and walked out. The whole thing took four minutes. The smart contracts worked perfectly. The settings were just stupid.
This is the full breakdown of what happened, how North Korea pulled it off, who got hurt, why Aave now has a $196M problem with no solution, and what Fluid did that was quietly the smartest move of the entire weekend.
What’s in here:
Jump to whatever you care about, or read the whole thing. Either way, buckle up.
1. What Happened {#what-happened}
KelpDAO runs a cross-chain bridge for rsETH (their liquid restaking token) built on LayerZero. LayerZero’s architecture lets protocols choose how many verifiers -- called DVNs (Decentralized Verifier Networks) -- are required to sign off on a cross-chain message before it executes. You can set it to 2-of-3, 3-of-5, whatever you want for redundancy.
KelpDAO set theirs to 1-of-1.
One verifier. No backup. No timelock. No second opinion. $292M sitting behind a single signature.
When that single signature got forged, the bridge did exactly what it was told to do: it minted 116,500 rsETH -- 18% of the entire circulating supply -- and sent it to the attacker. Not a bug. Not an exploit in the code. The protocol worked as configured. The configuration was just reckless.
The timeline:
11:18-14:03 UTC: Attacker funds 9 wallets via Tornado Cash (0.1 ETH each -- pocket change for a $292M job)
17:31 UTC: Forged verifier attestation hits the bridge
17:35 UTC: 116,500 rsETH minted and delivered. Done.
17:37-18:01 UTC: Attacker fans out to 7 wallets. Deposits rsETH as collateral on Aave V3, Aave V4, Compound, and Euler. Borrows ~$236M in real WETH and wstETH. Consolidates into two hubs: 75.7k ETH on Ethereum, 30.8k on Arbitrum.
18:21 UTC (T+46 min): KelpDAO hits the pause button. Two more drain attempts revert. At least ~$100M was saved by the pause.
18:52 UTC: Aave freezes all rsETH markets across chains.
Four minutes from forged signature to $236M borrowed. Forty-six minutes before anyone hit the brakes.
Blame split? About 80% KelpDAO for choosing 1-of-1 DVN against LayerZero’s explicit recommendation. About 20% LayerZero for not enforcing a minimum floor. You can hand someone a loaded gun with the safety off, but you probably shouldn’t.
2. How North Korea Actually Pulled It Off
LayerZero published their post-mortem on April 20 and attributed the attack to DPRK’s Lazarus Group (TraderTraitor). This is the same state-sponsored crew behind the $285M Drift exploit two weeks earlier and roughly a dozen other crypto hacks over the past few years. These aren’t script kiddies finding an unlocked door. This is a government with a cybercrime budget.
The attack was way more sophisticated than “forged a signature.” Here’s what they actually did:
Got the list of RPC nodes that LayerZero’s DVN uses to verify transactions
Compromised 2 independent RPC nodes on separate clusters (no connection between them -- redundancy didn’t help)
Swapped the binaries on those nodes with custom malware that lied ONLY to the DVN and told the truth to every other IP address. So all monitoring tools, all security dashboards, all health checks saw normal activity. Only the verifier got the fake data.
DDoS’d the uncompromised RPC nodes to force the DVN to fail over to the poisoned ones
DVN “verified” a transaction that never happened on the source chain
After the drain, the malware self-destructed -- deleted itself, its logs, and its configs
Imagine being this smart and your reward is you still live in North Korea.
LayerZero’s position: KelpDAO chose 1-of-1 DVN against their explicit recommendation. The protocol’s modular security design worked -- zero contagion to any other LayerZero application. RPC poisoning is a risk for any offchain service (bridges, exchanges, oracles -- all of them). And going forward, LayerZero’s DVN will no longer sign messages for any 1-of-1 configuration. Permanent policy change.
Fair enough. But someone should probably audit the other 47% of LayerZero OApps that are currently running 1-of-1 DVN configs. More on that later.
3. Who Got Hurt -- The Full Damage Map
Aave (primary victim)
This is where the real carnage happened. The attacker deposited fake rsETH as collateral and borrowed real ETH against it. When the rsETH was revealed as unbacked, the collateral became worthless but the borrowed ETH was already gone.
Result: somewhere between $177M and $341M in bad debt, depending on how L2 rsETH gets resolved. Aave’s TVL dropped $6.6B -- from $38B to the low $30s. AAVE token fell 18% intraday, hitting $91.50. ETH utilization on Aave hit 100%, meaning WETH suppliers couldn’t withdraw. Their money was just... stuck.
Justin Sun pulled 65k ETH (~$154M) during the panic. Because of course he did.
rsETH
18% of the circulating supply got minted from nothing. But here’s the thing that surprised people: mainnet rsETH barely depegged. As of April 20 it was trading at 1.00177x the ETH peg. The underlying EigenLayer restaking positions are intact. The inflation happened on L2s via the bridge.
L2 rsETH is a different story. It’s stranded across 20+ chains with frozen redemptions. Effective value: somewhere between zero and par, depending entirely on recovery.
Token impact
Token 24h Change Why rsETH -8.6% 18% supply inflated from nothing AAVE -8% (intraday -18%) $177-341M bad debt ZRO -6.1% “No DVN floor” reputation hit EIGEN -0.8% Category fear only ETHFI -2.9% LRT repricing PUFFER -1.0% Barely moved
The market correctly priced this as Kelp-specific. EigenLayer, Ether.fi, Renzo, Puffer -- they all use native ETH, no OFT bridges, no 1-of-1 DVN exposure. Architecturally different, architecturally safer. “DeFi is dead” was trending but the data said otherwise.
Protocols that froze rsETH markets
Aave V3/V4, SparkLend, Compound V3, Euler, Fluid, Pendle, Upshift, Yearn, Beefy -- 9+ protocols hit the pause button within hours. Total DeFi TVL dipped ~$10B to $90B. Morpho, Sky, and JupLend saw secondary outflows from spooked depositors.
4. Aave’s $196M Problem
Here’s where it gets ugly. Not because of the exploit -- that part’s over. Because of the cleanup.
What Umbrella is (and why it’s not enough)
Aave replaced their old Safety Module with a system called Umbrella in late 2025. It’s their first real line of defense for bad debt:
→ Automatic: smart contract fires on its own, no governance vote needed
→ Per-asset, per-network: aWETH on Ethereum only covers WETH deficits on Ethereum
→ Stakers deposit aWETH, earn yield, accept slashing risk
→ 20-day cooldown to withdraw, funds remain slashable the whole time
Current WETH capacity on Ethereum: ~$50-56M. Arbitrum coverage: zero. No Umbrella vault exists there.
Umbrella was designed for routine bad debt -- it handled $400 total in its first month across all pools. It was never stress-tested against $196M. It covers about 25-28% of the deficit and then it’s empty.
The $146M gap nobody knows how to fill
Everything beyond Umbrella requires governance votes. There is no pre-built waterfall. No “break glass in case of $200M exploit” plan. The options:
Option Capacity Problem DAO treasury ~$65-85M liquid Drains operational runway stkAAVE slashing ~$30-50M Never been activated. Ever. AAVE issuance Unlimited Dilutive. Voters won’t vote to dilute themselves. WETH supplier haircut Covers remainder “Death of DeFi lending” optics Hacker bounty (10-15%) Recovers 85-90% if accepted Requires hacker cooperation KelpDAO/LayerZero contribution Unknown Reputational pressure only
Here’s the structural problem: stkAAVE holders vote on whether to slash themselves. AAVE holders vote on whether to dilute themselves. WETH suppliers -- the people bearing the most risk -- don’t even hold governance tokens. The people with the most to lose have the least say.
It gets worse
→ April 6: Chaos Labs, Aave’s risk manager for 3 years, quit. Disagreement on strategy and compensation.
→ April 9: LlamaRisk took over. Three days in, they raised the rsETH supply cap from 480K to 530K without a dedicated risk assessment.
→ January 2026: Governance pushed rsETH LTV to 93%. Competitors had it at 72%. The safety buffer went from 28% to 7%.
The risk manager left. The replacement raised limits blind. The limits were already too loose. Then the biggest bad debt event in Aave history hit.
The ETH price problem
The bad debt is denominated in ETH. Aave’s treasury is mostly stablecoins. Every tick up in ETH price widens the gap.
ETH Price Bad Debt (USD) Gap After Umbrella $2,317 (at exploit) ~$196M ~$146M $2,500 ~$211M ~$161M $3,000 ~$254M ~$204M $3,500 ~$296M ~$246M
If ETH runs to $3,000 before governance acts, the gap nearly doubles. No proposal has been filed. No vote has been scheduled. The clock is ticking and the debt is growing.
What Fluid Did -- The Smartest Move of the Weekend
While everyone was arguing about who’s paying the bad debt, Fluid actually did something useful.
The problem: Aave’s WETH pool hit 100% utilization after the exploit. If you were lending ETH on Aave, your money was stuck. You couldn’t withdraw. It felt like a bank run -- except the bank’s doors were literally locked.
Some of these stuck suppliers also had borrowed against their aWETH position (stables or more ETH). They couldn’t exit, couldn’t rebalance, couldn’t do anything except watch and hope.
What Fluid built: The aWETH Redemption Protocol. $1B capacity. Here’s how it works:
→ You give Fluid your stuck aWETH
→ Fluid gives you wstETH or weETH (2% cost)
→ Your Aave position stays intact -- same debt, different collateral
→ You can actually exit again
You’re still in an Aave position, but instead of ETH collateral with borrowed stables, you now have wstETH or weETH collateral with borrowed stables. The difference? wstETH and weETH aren’t affected by any of this. You have full control of your position again.
Why this is a win-win-win:
→ You (the stuck supplier): Regain liquidity, reduce liquidation risk, stop waiting for the rsETH governance drama to resolve
→ Fluid: Unwinds its own $144M looping position on Aave (Fluid’s Lite Vault was a mega-looper -- deposit wstETH/weETH, borrow ETH, loop). By buying your aWETH, they repay their own ETH debt and stop paying the spiked borrow APR
→ Aave/DeFi broadly: Leverage safely unwound, utilization pressure eased, systemic risk reduced
This isn’t charity. Fluid had $144M in looping positions on Aave and was paying through the nose on spiked borrow rates. Buying aWETH from stuck suppliers lets them unwind their own position while solving your problem. Both sides win. The market gets healthier. That’s just good business.
Credit to @smykjain and the Fluid team -- they shipped a fix while everyone else was still writing forum posts.
One caveat though: this solves the supply-side for aWETH lenders only. It gives stuck suppliers a clean exit route. It doesn’t fix the actual bad debt. The $196M hole, the underwater rsETH positions, the governance fight -- that’s all still there. Umbrella and governance still have to handle that part.
6. April 2026 -- $600M Gone in 18 Days
No coordination between these attacks. Different actors, different vectors, different protocols. Just an opportunistic wave hitting DeFi all at once.
The uncomfortable number nobody’s talking about enough: $44B in LayerZero OFT TVL sits across ~2,665 OApp contracts. According to Dune data flagged by @ChainLinkGod, 47% of those run a 1-of-1 DVN security floor. KelpDAO wasn’t an outlier -- it was the biggest target. How many others are sitting on the same config?
7. What to Watch + What You Should Actually Do
Current status
The attacker’s funds -- about 106,000 ETH split between Ethereum and Arbitrum -- have been sitting in lending protocol hubs with zero outflows since 9 hours after the exploit. The money is frozen. Recovery is technically possible. But it requires governance to act, and governance hasn’t even filed a proposal yet.
LayerZero’s new permanent policy: their DVN will no longer sign messages for any 1-of-1 configuration. They’re reaching out to all apps still running 1-of-1 to migrate to multi-DVN.
What to watch
→ Aave governance vote on bad debt coverage -- no ARFC filed yet, no vote scheduled. Every day of delay = more ETH-denominated debt if price moves up
→ Attacker wallet movement -- any movement means the recovery window is closing
→ ETH price -- every $100 up adds ~$9M to the bad debt
→ LayerZero/community audit of other 1-of-1 DVN configs across the $44B OFT ecosystem
What you should actually do
→ If you’re an Aave WETH supplier: Check the Fluid aWETH Redemption Protocol. You can swap into wstETH/weETH at a 2% cost and regain full control of your position. Better than sitting stuck at 100% utilization waiting for governance.
→ If you hold rsETH on L2: Understand that your position may take a haircut depending on how bad debt resolution plays out. Mainnet rsETH is a different story -- underlying EigenLayer positions are intact.
→ If you use any LayerZero-bridged asset: Find out whether your protocol runs a 1-of-1 DVN config. If it does, that’s worth knowing.
→ If you’re reading “DeFi is dead” takes: The restaking peers (EigenLayer, Ether.fi, Renzo, Puffer) are architecturally different -- native ETH, no OFT bridges, no 1-of-1 exposure. This was a config and governance failure at one protocol, not a structural collapse of the sector.
The smart contracts worked. The settings didn’t. And right now, $196M in bad debt is sitting on Aave with no plan, no vote, and a governance system where the voters are the same people who’d bear the losses.
That’s where we are. I’ll update this when something actually moves.
If you found this useful, subscribe for more research. You can also follow me on X @2lambro where I post shorter takes and breaking analysis.
This is not financial advice. Do your own research. But maybe also check your DVN configs.