Aave Leads $292 Million DeFi Rescue Effort After KelpDAO Exploit

Aave and several major crypto firms are coordinating a recovery effort to stabilize decentralized finance markets after a $292 million exploit left the sector's largest lender grappling with a large hole in collateral backing. The initiative, dubbed "DeFi United" and led by Aave service providers, is aimed at restoring the backing of rsETH, a yield-bearing derivative token of ether (ETH), that sits at the center of the exploit. The effort comes after the biggest crypto exploit of the year rattled DeFi lending markets, with total value of assets on Aave plunging by $10 billion following the incident. Think of it as the DeFi version of neighbors showing up with casseroles after a house fire—except the casserole is worth nearly $300 million and nobody can agree on the recipe.

The incident traces back to a vulnerability in KelpDAO's integration with LayerZero, where an attacker minted 116,500 unbacked rsETH tokens by exploiting the bridge's messaging system. Instead of dumping the tokens, the attacker deposited nearly 90,000 rsETH into Aave as collateral, borrowing about $190 million in ETH and other assets across Ethereum and Arbitrum. That left Aave with impaired collateral, triggering a run on deposits as lenders rushed to withdraw available funds. The total hole is estimated at more than 112,000 rsETH, according to Aave's incident report. It's the crypto equivalent of finding out your new roommate put their name on the mortgage but didn't actually move in any furniture.

The first among those offering aid was staking provider Lido Finance, whose Lido Labs Foundation put forward a proposal to allocate up to 2,500 stETH, worth roughly $5.7 million at current prices, into a dedicated relief vehicle. That was followed by EtherFi proposing a 5,000 ETH plan to "protect users and prevent bad debt" across DeFi. Aave founder Stani Kulechov also offered a 5,000 ETH contribution, saying in an X post: "Aave is my life's work and we're working nonstop to find the best possible outcome for users. I'm working to see this resolved and market conditions normalized as soon as possible." The cavalry arrived in the form of protocol aristocrats opening their treasuries, like crypto's version of passing the collection plate at church—except everyone's asking for receipts.

Before the DeFi United initiative, there were some early containment efforts. Earlier this week, Arbitrum's security council froze 30,766 ETH, worth roughly $71 million then, tied to the exploit. However, the remaining stolen funds were bridged and swapped into bitcoin via Thorchain, making recovery more complex. The current effort focuses less on clawing back funds and more on stabilizing the system with a coordinated bailout to recapitalize rsETH and mitigate losses. Aave said it plans to announce more commitments once formalized. Because sometimes in DeFi, chasing the hacker through seventeen bridges and a Bitcoin swap is less practical than just... printing new money and hoping nobody notices the gas fees.