Aave hit with $200M bad debt after KelpDAO rsETH exploit

On April 18, attackers withdrew 116,500 rsETH from KelpDAO’s bridge and deposited the tokens on Aave V3 as collateral to borrow wrapped ether (WETH). That activity generated an estimated $177 million to $200 million in bad debt, pushed Aave’s WETH pool to full utilization and preceded roughly $5.4 billion in withdrawals from Aave’s ETH and WETH markets.

KelpDAO paused rsETH contracts after the bridge exploit, which emptied the collateral value of rsETH for loans. With rsETH frozen, positions backed by the token could not be liquidated in a meaningful way, leaving outstanding WETH borrow balances that protocols could not recover through normal liquidation mechanics.

The protocol communicated on its X account that its own smart contracts were not breached and that rsETH markets on Aave V3 and V4 had been frozen. Borrowing power against rsETH was removed and loan-to-value ratios were set to zero on affected deployments.

On X the project wrote, “Aave’s contracts have not been exploited,” and Aave founder Stani Kulechov wrote that “rsETH has been frozen on Aave V3 and V4, the asset does not have any borrowing power as a measure due to KelpDAO bridge exploit that happened outside of Aave. Both Aave V3 and V4 does not have further exposure to rsETH.”

Market reaction led to heavy liquidity withdrawals as users pulled funds from ETH and WETH pools. Reports show about $5.4 billion exited those markets within hours, driving WETH utilization to 100 percent on several deployments. At full utilization, pools hold no idle liquidity for suppliers to redeem, which caused some withdrawals to fail or be delayed. Stablecoin pools, while not directly exposed to rsETH, faced pressure as broader outflows thinned liquidity and caused rate spikes and temporary pauses on linked platforms.

Estimates place the total borrowed value tied to the exploited rsETH across Aave and smaller exposures on Compound and Euler at up to $200 million. Aave’s Umbrella mechanism, the protocol’s automated backstop, is expected to be used to cover confirmed bad debt. Umbrella can draw on protocol reserves and, depending on the resolution, may involve slashing staked AAVE to cover any deficit. The exact effects for depositors and staked holders are under review.

Aave’s total value locked declined from about $26.4 billion to roughly $19.776 billion, a drop of 24.11 percent. The AAVE token fell about 17.7 percent on April 19. Other lending platforms and liquidity providers tied to shared markets reported spike in borrowing rates and temporary pauses as funds rebalanced away from affected markets. As of April 19, there were no reports of additional exploits beyond the initial KelpDAO bridge theft.

Aave’s stated next steps include completing a bad debt assessment, issuing an official Umbrella resolution and monitoring whether outflows stabilize and liquidity returns. Until the Umbrella decision or a restoration of idle liquidity, full withdrawal access in affected pools may remain limited.