{"id":8456,"date":"2026-04-19T10:41:15","date_gmt":"2026-04-19T10:41:15","guid":{"rendered":"https:\/\/dailystreetchronicle.com\/index.php\/2026\/04\/19\/aave-hit-with-5-4-billion-in-eth-withdrawals-after-kelp-dao-rseth-exploit\/"},"modified":"2026-04-19T10:41:15","modified_gmt":"2026-04-19T10:41:15","slug":"aave-hit-with-5-4-billion-in-eth-withdrawals-after-kelp-dao-rseth-exploit","status":"publish","type":"post","link":"https:\/\/dailystreetchronicle.com\/index.php\/2026\/04\/19\/aave-hit-with-5-4-billion-in-eth-withdrawals-after-kelp-dao-rseth-exploit\/","title":{"rendered":"Aave Hit With $5.4 Billion in ETH Withdrawals After Kelp DAO rsETH Exploit"},"content":{"rendered":"<p>The post <a href=\"https:\/\/coinpedia.org\/news\/aave-hit-with-5-4-billion-in-eth-withdrawals-after-kelp-dao-rseth-exploit\/\">Aave Hit With $5.4 Billion in ETH Withdrawals After Kelp DAO rsETH Exploit<\/a> appeared first on <a href=\"https:\/\/coinpedia.org\">Coinpedia Fintech News<\/a><\/p>\n<p>A nearly $300 million exploit targeting Kelp DAO&#8217;s rsETH cross-chain bridge has triggered a mass withdrawal event at Aave, with over $5.4 billion in ETH leaving the protocol as users rushed to pull funds following concerns about bad debt accumulating on the platform.<\/p>\n<p>The attacker deposited rsETH into Aave to drain ETH, leaving the protocol holding exposure it cannot easily unwind. The consequence was immediate. Aave&#8217;s ETH utilization rate climbed to 100%, meaning every available ETH in the lending pool is now borrowed and the protocol has no liquidity buffer remaining.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-the-whale-exodus\">The Whale Exodus<\/h2>\n<p>The scale of the withdrawal was driven by large holders acting quickly. Justin Sun alone removed 65,584 ETH worth approximately $154 million from Aave in a single move, a transaction that on its own would have been headline news on any other day.<\/p>\n<p>According to on-chain tracking by Lookonchain, the broader exodus of $5.4 billion reflects a wider panic among sophisticated users who understood what bad debt at Aave means for depositors unable to withdraw at will.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-what-actually-happened\">What Actually Happened<\/h2>\n<p><a href=\"https:\/\/x.com\/WuBlockchain\/status\/2045670628993433767\" rel=\"nofollow\">Kelp DAO paused rsETH <\/a>contracts across mainnet and multiple Layer 2 networks shortly after identifying suspicious cross-chain activity. The team said it was working with LayerZero, Unichain, auditors and security experts to determine the root cause.<\/p>\n<p>On-chain analysis from D2 Finance pointed to a private key leak on the source chain as the root cause, creating a trust issue with OApp nodes that allowed the attacker to manipulate the bridge.<\/p>\n<p>A further nuance was added by investigators following the forensics. Two possible failure paths exist. If a legitimate source transaction exists for the relevant nonce, the compromise originated from the source-side OApp key. If no source transaction surfaces, the failure is on the DVN side, compounded by Kelp&#8217;s configuration of a single point of failure using LayerZero Labs as the sole verifier.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-what-comes-next\">What Comes Next<\/h2>\n<p>Kelp DAO&#8217;s contracts remain paused while the investigation continues. Aave&#8217;s ETH utilization at 100% creates a situation where depositors cannot withdraw until borrowed ETH is repaid or new liquidity enters the pool.<\/p>\n<p>The bad debt question is the more pressing concern. If the exploited rsETH positions cannot be recovered, Aave will need to determine how losses are distributed across the protocol, a process that has historically been contentious and slow.<\/p>\n<p>Full forensics and an attacker cluster map are still being compiled. Official updates are expected through Kelp DAO&#8217;s verified channels as the investigation progresses.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The post Aave Hit With $5.4 Billion in ETH Withdrawals After Kelp DAO rsETH Exploit&hellip;<\/p>\n","protected":false},"author":1,"featured_media":8457,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8456","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-investing"],"_links":{"self":[{"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/posts\/8456","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/comments?post=8456"}],"version-history":[{"count":0,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/posts\/8456\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/media\/8457"}],"wp:attachment":[{"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/media?parent=8456"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/categories?post=8456"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dailystreetchronicle.com\/index.php\/wp-json\/wp\/v2\/tags?post=8456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}