April 18, 2026, 17:35 UTC, an attacker exploited a vulnerability in Kelp DAO’s rsETH bridge, which is built on LayerZero’s cross-chain infrastructure. By spoofing inbound data packets, the attacker released 116,500 rsETH—valued at approximately $292 million at the time. Investigations by Chainalysis and ZachXBT both pointed to North Korea’s Lazarus Group. The attackers bypassed the security checks of the single validator node network by combining DDoS attacks on external nodes with manipulation of internal RPC nodes.
This wasn’t a typical smart contract exploit—there was no reentrancy attack, no missing permissions, and no price oracle manipulation. The real breakthrough for the attacker was that Kelp DAO used a single point of failure: a 1-of-1 DVN setup, relying solely on the validator node operated by LayerZero Labs. Once this node’s RPC data was successfully spoofed, the Ethereum-side bridge contract released real rsETH for a forged cross-chain message, with no secondary validator node available to verify the transaction.
Rather than dumping the stolen rsETH directly on the market, the attacker deposited about 90,000 rsETH into Aave V3 as collateral and borrowed roughly $190 million in ETH and other assets. This move saddled Aave with a massive amount of bad debt. Aave’s TVL plummeted from $26.4 billion to $17.9 billion, and over $13 billion in capital exited the DeFi ecosystem in a short period.
As of April 29, 2026, Gate market data showed ETH trading around $2,300. After the attack, rsETH’s price briefly dropped to $1,723, creating a $500 spread between rsETH and ETH—a clear sign of market panic over unbacked rsETH.
What’s even more concerning is that this incident wasn’t isolated. In Q1 2026 alone, DeFi protocols lost about $168.6 million to hacks. In just the first 20 days of April, losses soared to $606.2 million—the highest monthly total since February 2025.
Why Is a Single Validator Node a Fatal Flaw in DeFi Infrastructure?
The Kelp DAO attack exposed a long-underestimated structural issue: imbalanced cross-chain security configurations. In LayerZero’s architecture, every cross-chain message should be validated by one or more decentralized validator node networks before reaching the target chain. However, Kelp DAO’s rsETH bridge relied on a single validator node—LayerZero Labs DVN—creating a de facto single point of failure.
This setup isn’t unique. The simpler the cross-chain bridge logic, the fewer validator nodes are typically used, trading off security for faster message confirmation and lower gas costs. But when only one validator node handles the "witness" function, an attacker only needs to compromise that single link—whether it’s the RPC node, the validator server, or operator credentials—to bypass the entire cross-chain validation process.
Even more alarming, the attacker’s methods were almost invisible to traditional on-chain monitoring. Every on-chain transaction appeared fully legitimate at the bytecode level: messages were relayed, signatures were verified, and the target chain’s contract executed the correct response for the cross-chain request. The real manipulation happened off-chain, in the validation layer that decides, "Should this cross-chain message be approved?"
This type of attack signals a major shift in DeFi’s security boundary: smart contract vulnerabilities are no longer the only source of systemic risk. The peripheral infrastructure of cross-chain bridges—RPC nodes, validator networks, off-chain signature services—has become an increasingly attractive attack surface. In 2026, this attack vector is accelerating. The Kelp DAO and Drift Protocol attacks together accounted for 95% of April’s total DeFi losses, fundamentally showing that attackers are systematically expanding their targets from single smart contracts to the entire DeFi infrastructure layer.
It’s also notable that in the first 4.5 months of 2026, there were 47 crypto hacks, compared to 28 in the same period in 2025—a year-over-year increase of about 68%.
How Did Decentralized Lending Trigger a $13 Billion Liquidity Shock?
The core of the attack wasn’t simply token theft—it was the use of DeFi’s composability to transmit risk across protocols. The forged rsETH was distributed to seven different addresses by the attacker and widely used as collateral in lending protocols like Aave and Compound. Since these rsETH tokens weren’t backed by any real on-chain assets, using them as collateral was essentially injecting "blank checks" into the lending market.
Once this fake collateral was used to borrow real ETH, the risk became deeply intertwined with lending protocols’ liquidation mechanisms, liquidity reserves, and the safety of user deposits. Aave faced pressure from two directions: first, the value of rsETH as collateral became unreliable, sharply increasing bad debt risk; second, market panic led users to withdraw liquidity en masse, further constraining the protocol’s ability to absorb losses. After the incident, the Arbitrum Security Council froze 30,766 ETH in attacker-linked wallets, which helped contain further losses to some extent.
More importantly, this event showcased the negative side of DeFi’s "composability": when protocols are highly interconnected, a structural failure in one can quickly escalate into systemic risk for the entire ecosystem. Ultimately, it’s depositors and cross-protocol arbitrageurs who bear the cost.
How Does a $303 Million Rescue Pool Serve as DeFi’s Safety Valve?
As of April 27, 2026, the DeFi United rescue initiative, coordinated by Aave founder Stani Kulechov, had secured over $303 million in committed funds. The capital pool spans multiple key players in the Ethereum ecosystem, operating flexibly through donations, deposits, and credit lines.
Specifically, public commitments include: Consensys and founder Joseph Lubin jointly pledging up to 30,000 ETH; Mantle providing a 30,000 ETH credit line; Aave DAO proposing 25,000 ETH; EtherFi pledging up to 5,000 ETH; Lido submitting a 2,500 stETH governance proposal; Compound proposing a 3,000 ETH grant; Renzo contributing over $10 million from its treasury; Babylon Foundation joining with a $3 million USDT deposit; Circle Ventures supporting by purchasing AAVE tokens; and the Avalanche Foundation, Solana Foundation, and Justin Sun also participating, with amounts yet to be disclosed.
Notably, cross-chain protocol LayerZero joined the rescue on day five of the incident with a 10,000 ETH commitment—5,000 ETH as a direct donation to the DeFi United fund, and another 5,000 ETH deposited into Aave to bolster liquidity. On April 29, Puffer Finance announced it would use treasury funds to participate, becoming a key restaking sector contributor to the initiative.
The total rescue pool has now surpassed 100,360 ETH, making this the largest cross-protocol capital coordination effort in DeFi history—a paradigm shift in how the industry responds to systemic crises.
From Liquidating Fraudulent Collateral to Batch ETH Swaps: How Is the Rescue Plan Rolling Out?
The DeFi United alliance’s rescue plan is structured for phased execution, with the core goal of fully restoring rsETH’s asset backing and covering the bad debt left by North Korean hackers in Aave and Compound. The plan centers on gradually minting pledged ETH back into rsETH to rebuild its underlying value. Before that, protocols will temporarily adjust rsETH’s price oracle value as collateral to trigger controlled liquidations. Tokens recovered through liquidation will be sent to DeFi United’s multisig wallet, then swapped for ETH via Kelp’s standard process, ultimately covering the funding shortfall in affected lending markets.
Crucially, the plan is designed with decentralized governance in mind—most committed funds still require formal approval through each protocol’s DAO governance vote, so the pace of execution will depend on the parallel progress of multiple governance processes.
This plan is not about bailing out attackers, but about restoring the intrinsic value of collateral and minimizing secondary shocks to users and protocol liquidity. The logic is clear: if DeFi allows unbacked assets to keep accumulating bad debt in lending protocols, the entire ecosystem’s credit foundation—not just a single protocol—will ultimately be damaged. Thus, the rescue mechanism is fundamentally a proactive intervention in systemic risk, not a moral judgment on individual actions.
When Competitors Join Forces: Is the Rescue Operation Reshaping DeFi’s Trust Mechanism?
The uniqueness of the DeFi United rescue lies in its breadth of participants and the high degree of cross-entity collaboration. More than 14 ecosystem players—including many direct competitors—are sharing financial responsibility within a unified framework. This industry coordination isn’t driven by centralized mandates, but by on-chain transparent commitments, multisig fund aggregation, and phased technical execution.
Traditionally, DeFi competition has focused on yield, liquidity scale, and governance incentives. In normal markets, this competition drives product iteration and efficiency. But when systemic risk hits, individual protocols often lack the capacity to independently resolve deep "contagious bad debt." The Kelp DAO incident showed that deep coupling between cross-chain bridges and lending protocols prevents risk from being isolated at the protocol level.
The emergence of coordinated rescue actions marks a shift in decentralized finance from pure free-market competition to a model that incorporates collective responsibility. This isn’t pure altruism—some participants are directly exposed to bad debt risk, while others fear a collapse in ecosystem confidence. Motivations differ, but there’s effective consensus on the ultimate goal: maintaining overall DeFi creditworthiness. While this kind of cross-entity coordination may not be the definitive answer to systemic risk, it offers a valuable model for DeFi’s evolution toward greater self-healing capacity.
Summary
The $292 million Kelp DAO cross-chain bridge attack stands as the largest DeFi security incident of 2026 so far, rooted in a structural vulnerability at the infrastructure layer: reliance on a single validator node. The attackers bypassed traditional smart contract vulnerabilities, targeting the off-chain validation layer and exposing a blind spot in cross-chain security monitoring.
The Aave-led DeFi United rescue initiative set a new record for cross-entity capital coordination in DeFi, with over $303 million committed by more than 14 protocols through donations, deposits, and credit lines—demonstrating the industry’s ability to collaborate during systemic crises. This incident underscores a key logic: as cross-chain interoperability deepens, the negative effects of composability will continue to accumulate, and there remains a clear lag between DeFi’s risk pricing mechanisms and infrastructure security evolution. The ultimate effectiveness of rescue mechanisms will depend on governance efficiency and the sustained commitment of all participants.
Frequently Asked Questions
Q: How did the Kelp DAO attack happen?
The attacker exploited a security vulnerability in Kelp DAO’s LayerZero cross-chain bridge, which relied on a single validator node. By forging inbound messages, the attacker tricked the validator’s logic, causing the Ethereum-side bridge contract to mistakenly release 116,500 rsETH—worth about $292 million.
Q: Where does the funding for the DeFi United rescue operation come from?
As of April 27, the rescue plan had secured over $303 million in commitments from participants including Consensys, Lido, EtherFi, Mantle, Compound, Renzo, Babylon Foundation, LayerZero (10,000 ETH), Puffer Finance, and dozens of other projects and institutions.
Q: How will rsETH holders be compensated?
DeFi United will mint pledged ETH into rsETH in batches to restore its collateral value. During phased execution, affected assets will be transferred to a multisig wallet, then swapped for ETH to fill lending market shortfalls. Remaining funds will be used to compensate rsETH holders.
Q: What impact does this incident have on DeFi’s security evolution?
The attack shows that DeFi security risks have expanded beyond smart contract vulnerabilities to include the off-chain validation layer of cross-chain infrastructure. This trend means traditional on-chain security monitoring is no longer sufficient, and more comprehensive cross-chain immutability monitoring systems are needed to verify the authenticity of cross-chain messages and ensure token lockups on source chains match.
Q: How can DeFi protocols prevent similar attacks in the future?
There are three core directions: first, configure multiple independent validator nodes for cross-chain bridges to eliminate single points of failure; second, build robust monitoring systems for cross-chain data integrity; and third, promote risk information sharing and coordinated response mechanisms across protocols to address the rapid spread of systemic risk.
