KelpDAO's $292M Bridge Exploit Wiped $13B From DeFi and Exposed a Structural Flaw in Restaking Collateral
At 17:35 UTC on Saturday, April 18, an attacker drained 116,500 rsETH from KelpDAO's LayerZero-powered bridge, a position worth roughly $292 million and equal to about 18% of rsETH's circulating supply. Within 48 hours, total value locked across DeFi had fallen from $99.5 billion to $86.3 billion, a $13.2 billion contraction. Aave alone shed $8.45 billion in deposits, according to CoinDesk's reporting. The attack is on track to be the largest DeFi exploit of 2026.
The risk to state upfront is not the exploit itself. It is the collateral model the exploit broke. Liquid restaking tokens were whitelisted across every major lending venue because they carried yield and represented a growing share of Ethereum's locked value. The risk models priced them as if they would hold peg under normal conditions. None of them priced the scenario that actually occurred: collateral going to zero because a bridge on a chain the lending protocol does not touch was exploited on a weekend. Yield allocators who underwrote LRT exposure through lending positions, looped vaults, or yield aggregators just received a live demonstration of the assumptions embedded in their basis points.
How a Bridge Exploit Became a DeFi-Wide Contagion
The mechanical path from bridge drain to systemic liquidity crunch ran through Aave V3. Per The Defiant's breakdown, the attacker deposited the stolen 116,500 rsETH onto Aave as collateral and borrowed wrapped ether against it. Because Aave's risk framework treated rsETH as a first-class collateral type, supply caps were large enough to accommodate the full $292M deposit in one motion, and borrow caps on WETH were sized to let a single actor withdraw well over $200M of real ether against it.
Once the rsETH peg broke, those borrow positions became effectively unliquidatable. The unbacked collateral stayed on Aave's books against WETH debt the protocol could no longer recover. CoinDesk estimates Aave now faces up to $230 million in bad debt, with KuCoin pegging the figure closer to $177 million concentrated in the rsETH–WETH pair on Ethereum.
The second-order effects hit faster than the bad debt itself. Whales pulled more than $6 billion from Aave in the 24 hours after the hack, pushing ETH, USDT, and USDC pools to 100% utilization. Borrow rates spiked. Depositors who wanted out could not exit without either accepting punitive utilization-driven rates or waiting for new supply. According to a second CoinDesk report, stranded users then borrowed roughly $300 million against their own locked stablecoin deposits at steep losses to extract partial liquidity. The episode turned a single-asset exploit into an Aave-wide liquidity crunch in under a day.
What LRT Collateral Mispricing Actually Looks Like
The structural question this raises for yield-focused allocators is not whether to avoid KelpDAO. It is how to value any yield-bearing collateral whose backing depends on infrastructure outside the lending venue's security perimeter. Per Unchained's analysis, the core failure at Aave was not parameter choice but model scope. The protocol priced rsETH for slashing risk, smart-contract risk at Kelp, and oracle-feed latency. It did not price bridge risk on LayerZero, a dependency that lives one layer below the collateral itself.
Blockhead reports LayerZero attributes the attack to DPRK's Lazarus Group. If accurate, that ties the Kelp exploit to the April 1 Drift Protocol drain and puts the unit's DeFi theft total above $575 million in 18 days across two structurally different attack vectors. The threat actor profile matters because it informs how future LRT-collateralized positions should be underwritten: bridge exploits against yield-bearing wrappers are no longer tail events to be priced around, they are repeat-offender scenarios.
The practical consequence for yield allocators is that any LRT-collateralized yield strategy now carries a risk premium that was invisible a week ago. Looped rsETH/WETH positions, rsETH-backed stablecoin mints, and LRT deposits in Morpho and Euler vaults all depend on the same assumption the Kelp bridge violated: that the underlying token's backing is verifiably sound on a Saturday when operations teams are offline. For a broader view of how that assumption interacts with the rest of DeFi's yield stack, see our earlier coverage of the best RWA yield opportunities across Morpho, Euler, Lido, Kamino, JitoSOL, and Kinesis.
Why RWA Collateral Looks Different on Paper Now
The contrast that is quietly becoming visible in this episode is the one RWTS has been tracking since launch. Tokenized Treasury products and yield-bearing RWA wrappers do not eliminate tail risk, but they place it in a different location. BUIDL's backing sits in BlackRock's off-chain custody at Bank of New York Mellon. USYC's backing is Circle's short-duration Treasury book. USDY's backing is the Ondo short-duration Treasury fund audited monthly. These products can fail, but they cannot be drained by a weekend bridge exploit, because the underlying assets are not sitting behind a single-bridge smart contract at all.
According to RedStone's 2026 tokenization report, the tokenized RWA market reached roughly $26.4 billion by late March, with tokenized Treasuries alone growing 37x since Q1 2023 to more than $14 billion. The Kelp episode is likely to accelerate that mix shift inside DeFi lending books. Aave risk managers are already being urged to tighten LRT parameters. Morpho curators will face similar pressure. The simplest path to rebuilding collateral quality without sacrificing yield is to lean harder on RWA-backed assets whose solvency does not depend on bridge integrity.
For a more detailed competitive view of how the tokenized Treasury stack is structured, our tokenized Treasury market breakdown covering USYC, BUIDL, and Ondo lays out the issuer-level differences. Investors rebalancing out of LRT-collateralized strategies can also consult the asset directory for risk-tiered alternatives.
The Open Questions for the Next Two Weeks
Three items are worth tracking closely. First, whether Aave's bad debt is absorbed through its safety module, a DAO vote, or a socialized loss across suppliers. Unchained's sources suggest the DAO will debate a safety module draw, which would dilute AAVE holders to plug a hole caused by a third-party exploit. Second, whether LayerZero's default-settings dispute with Kelp DAO, covered in CoinDesk's follow-up, produces any standard changes at the messaging layer. And third, whether the LRT allocator base as a whole rotates capital toward RWA-backed yield while risk reprices.
The underlying signal is consistent with the direction of institutional flows since the start of 2026. Tokenized Treasury TVL is up, LRT deposits in lending books are being revisited, and the yield curve advantage that riskier strategies held over T-bill wrappers just narrowed in risk-adjusted terms. Allocators who mapped their exposure against the infrastructure dependencies their collateral actually sits on top of are having a better weekend than those who did not.
Conclusion
The $13 billion TVL wipeout that followed the KelpDAO bridge exploit is not a story about one protocol. It is a story about how the DeFi lending stack had priced liquid restaking collateral for a world that did not exist. Yield allocators will spend the next several weeks stress-testing the collateral underneath every looped, wrapped, and stacked position they hold. RWA-backed yield products, whose solvency is decoupled from bridge and restaking risk, are going to look meaningfully more attractive on a risk-adjusted basis in that exercise than they did on April 17.
Subscribe to The Yield Report for weekly yield intelligence.
This is not financial advice. Always do your own research before making investment decisions.