$292M Kelp Exploit Highlights Fragility in DeFi Plumbing

A roughly $292 million weekend exploit has jolted crypto markets, underscoring weaknesses in decentralized finance (DeFi) infrastructure and stoking fears of spillovers across lending protocols. Investigations are ongoing, but early assessments indicate the incident revolved around Kelp’s rsETH token—a yield-bearing version of ether (ETH)—and the cross-chain mechanism used to move assets between blockchains. The attacker is believed to have abused that setup to mint large quantities of rsETH without adequate backing, then rapidly posted the tokens as collateral to borrow and siphon real assets from lending venues, largely from Aave AAVE $ 90.11, DeFi’s biggest lending protocol. The episode lands only weeks after the $285 million exploit of Solana-based protocol Drift, further denting confidence in a crypto sector valued near $90 billion. At a technical level, the exploit appears to have hit a LayerZero bridge component, according to Charles Guillemet, CTO of hardware wallet maker Ledger, in a note shared with CoinDesk. Bridges typically lock assets on one chain and mint equivalent tokens on another, a process that depends on a trusted confirmer—often called an oracle or validator—to verify deposits. In this case, Kelp effectively served as that verifier. Guillemet said the system used a single-signer design, allowing one entity to approve transactions. "It seems the attacker was able to sign a message … allowing him to mint large amount of rsETH," he said, adding it remains unclear how that access was obtained. Michael Egorov, founder of Curve Finance, pointed to the same configuration risk. "Things can happen when you trust one single party — whoever that would be." The setup meant tokens could be created without corresponding assets being locked on the source chain. After minting, the attacker quickly moved to monetize the position. The tokens were "immediately deposited” into lending protocols—mostly Aave—to borrow real ETH, Guillemet said. That turned an isolated bridge failure into a broader market problem: lending platforms may now be stuck with hard-to-liquidate collateral, while liquid assets have already been withdrawn. "Aave was left with rsETH which cannot be really sold and maxborrowed [sic] ETH, so no one can withdraw ETH," Egorov said. He warned that Aave and other protocols could be left with hundreds of millions of dollars in questionable collateral and bad debt, raising the risk of a "bank run" dynamic as users rush to pull funds. Following the incident, Aave saw about a $6 billion drop in assets on the protocol as users withdrew funds. The protocol’s token fell about 15% over the past 24 hours of trading. A central unresolved issue is how the validator was compromised. The system reportedly relied on LayerZero’s official node, leaving open whether it was hacked, misconfigured, or deceived. "Was it hacked? Was it fooled? We don't know," Egorov said. The attacker remains unidentified, though Guillemet said the scale points to an advanced operator. "Clearly not some script kiddies," he said. Beyond immediate losses, the incident is a reminder that as DeFi becomes more interconnected, failures at one layer can cascade rapidly. Egorov argued that non-isolated lending models—where pools share risk—can magnify the impact. He also criticized how new assets are onboarded to lending platforms, saying configurations like Kelp’s 1-of-1 verifier design should have been flagged earlier. Egorov still sees a silver lining. "Crypto is a harsh environment which no bank would have survived — yet we are working with that," he said. "I think DeFi will learn from this incident and become stronger than before." Even so, repeated exploits continue to undermine confidence in DeFi. "All in all, the trust into DeFi protocols is eroded by this kind of event," Guillemet said. "And 2026 will most likely be the worst year in terms of hacks, again," he added. Read more: 'DeFi is dead': crypto community scrambles after this year's biggest hack exposes contagion risks