DeFi Hacked Again for $292 Million, Is Even Aave No Longer Safe?
- Core Viewpoint: The second-largest liquid staking protocol, Kelp DAO, suffered a major security breach. Its rsETH bridging contract based on LayerZero was attacked, resulting in the loss of assets worth approximately $292 million. The root cause of the incident was the compromise of the source chain private key, and it may cause massive bad debt for lending protocols like Aave.
- Key Elements:
- The attacker exploited a vulnerability in Kelp DAO's rsETH bridging contract, stealing 116,500 rsETH (worth about $292 million) by calling LayerZero's lzReceive function.
- Security analysis indicates the fundamental cause of the attack was "source chain private key compromise," and the bridging contract was secured by only one validator, posing an extremely high single point of failure risk.
- The hacker deposited the stolen rsETH as collateral into lending protocols like Aave and Compound, borrowing over $236 million in WETH, potentially causing massive bad debt.
- Aave has frozen the relevant markets and activated its security module "Umbrella" (with approximately $50 million in funds) to address potential bad debt, but its native token AAVE price dropped nearly 10% in the short term.
- This is the second nine-figure security incident this month following the $280 million hack of Drift Protocol in early April, highlighting the severe security situation in DeFi.
Original | Odaily (@OdailyChina)
Author|Azuma (@azuma_eth)
On April 19th, Beijing time, DeFi security suffered another major blow.
On-chain data shows that around 1:35 AM this morning, the rsETH bridge contract of the second-largest liquid staking protocol, Kelp DAO, based on LayerZero, was suspected to have been exploited by hackers, resulting in a loss of 116,500 rsETH, valued at approximately $292 million.
Further tracing the on-chain records reveals that the attacker's address received an initial funding of 1 ETH from the mixing protocol Tornado Cash about 10 hours before the incident. Subsequently, this address called the `lzReceive` function on the LayerZero EndpointV2 contract. This call triggered Kelp's bridge contract, transferring 116,500 rsETH to another attacker-controlled address.
Approximately two and a half hours after the incident, Kelp DAO officially confirmed the attack on X: "Earlier today, we detected suspicious cross-chain activity involving rsETH. While investigating, we have paused the rsETH contracts on Mainnet and multiple Layer 2s. Our auditors are working with security experts from LayerZero and Unichain and are closely monitoring the situation. We will keep you updated, please follow official channels."
Following the incident, various DeFi projects and security agencies analyzed the cause. An analysis by D2 Finance was widely cited within the community — LayerZero Scan marked the source counterparty as Kelp DAO, indicating the message originated from a legitimately deployed counterparty contract by Kelp itself, and this path had 308 prior message nonce records. Therefore, the root cause of this attack lies in "the compromise of the source chain's private key."
Steven Enamakel, a developer at TinyHumans AI, added that the contract was secured by only a 1/1 validator set (DVN), meaning a single erroneous transaction from the validator was sufficient to cause the issue.
Hacker Escapes via Aave, Suspected Bad Debt Incurred
Due to the limited trading liquidity of rsETH itself, the hacker's chosen escape strategy was to route through lending protocols like Aave, using the stolen rsETH as collateral to borrow wETH, which has better trading liquidity.
Monitoring by PeckShield Alert shows that as of 4:30 AM this morning, the hacker's address had deposited the stolen rsETH into lending protocols including Aave V3, Compound V3, and Euler, borrowing a large amount of WETH, with a total debt exceeding $236 million — of which Aave alone accounted for $196 million, Compound $39.4 million, and Euler only $840,000.
After the incident, Aave promptly froze the rsETH markets on Aave V3 and V4. The team later issued an official statement on X: "Aave contracts have not been exploited. The exploit is related to rsETH. Freezing rsETH is to prevent new rsETH deposits and borrowing against it while the situation is assessed. We are reviewing the rsETH borrows that occurred on Aave post-exploit and will share more details as soon as possible."
Shortly after the initial statement, Aave updated the post, adding at the end: "If the protocol accrues bad debt from this event, we will explore avenues to cover the deficit."
As of the time of writing, the specific amount of bad debt caused by this incident remains unclear.
monetsupply.eth, Head of Strategy at Aave's direct competitor Spark, stated that if rsETH experiences a 19% discount (the stolen amount represents 19% of rsETH's total supply), Aave could incur over $100 million in bad debt due to highly leveraged recursive borrowing.
However, Marc Zeller, founder of the representative Aave governance group Aave Chan Initiative (ACI) (who has announced his departure from Aave in July due to governance disagreements), offered a different perspective. Initially, Zeller advised users to withdraw WETH from Aave V3 as soon as possible to avoid losses and confirmed that the USDC and USDT markets on Aave were unaffected. In response to another user's speculation that "bad debt could reach hundreds of millions," he stated: "Far less than that."
But Marc Zeller also mentioned that it's time to test Umbrella in a real production environment. Umbrella refers to Aave's automated safety module, essentially a capital pool designed to handle bad debt. Users can deposit assets into it for higher incentives, but the pool also bears potential losses when the protocol incurs bad debt.
Aave protocol data shows that the Umbrella currently holds approximately $50 million worth of WETH that could be used to address potential bad debt from this incident, but it's uncertain if this will be sufficient to cover the shortfall.
Affected by this event, AAVE's price briefly plummeted nearly 10%, currently trading at around 104.6 USDT at the time of writing.
Another Hundred-Million-Dollar Security Incident in April
This is not the first massive security incident this month.
As early as April 1st, the Solana ecosystem derivatives trading protocol Drift Protocol was attacked, suffering losses as high as $280 million (see "An April Fool's Joke? Drift Protocol Loses Over $280M, Potentially Becoming Solana's Second-Largest DeFi Heist").
Afterwards, Drift Protocol directly blamed "North Korean hackers" for the theft. Fortunately, institutions like Tether have pledged $147.5 million for user compensation, giving users some hope for reimbursement.
Just over ten days later, another, even larger-scale hack has erupted. How will this one be resolved?
Is There Any Safe Place Left in DeFi?
Security issues in DeFi are intensifying.
On one side, there are continuous hacking incidents; on the other, there are persistent security threats posed by AI like Mythos (refer to "Odaily Interview with Yu Xian: How Does the Leak of Anthropic's Nuclear-Grade New Model Affect Crypto Security Offense and Defense?"). For DeFi users, the previous coping strategy was to concentrate funds in well-audited, reputable top-tier protocols. But now, even top-tier protocols like Aave, which retail users subconsciously consider extremely unlikely to have problems, have been indirectly affected. Where can users move their funds?
Personally speaking, it's currently not advisable for users to keep large amounts of funds on-chain. If there is a genuine need, please ensure proper diversification and isolation of positions.
As of the time of writing, many details regarding this incident remain unclear. Odaily will continue to follow the developments. Please stay tuned.
