Gate News message, April 23 — Aave founder Stani Kulechov outlined coordinated recovery efforts on April 22 following the KelpDAO incident, stating that the platform’s priority remains protecting users and achieving orderly market conditions. He noted that teams have been working continuously with multiple partners on potential solutions, and that the Arbitrum Security Council has recovered approximately $70 million in ETH, which could significantly reduce overall exposure.
Aave experienced a sharp decline in deposits, losing approximately $15.1 billion within 3.5 days. Total deposits dropped from $48.5 billion to $30.7 billion, representing roughly one-third of the platform’s capital. Some funds shifted to other platforms perceived as more secure, with SparkLend absorbing about $1.3 billion during the same period. The movement was characterized as a targeted response to the specific exploit rather than a broad market sell-off.
The incident originated on April 18 when attackers exploited a vulnerability in KelpDAO’s LayerZero bridge, minting approximately 116,500 rsETH tokens worth an estimated $293 million without underlying ETH backing. The attacker used the unbacked rsETH as collateral in Aave’s V3 and V4 markets on Ethereum and Arbitrum, borrowing between $190 million and $236 million in WETH and wstETH before the tokens were identified as lacking value. Estimates of resulting bad debt range from approximately $123 million to as much as $230 million, depending on loss distribution. Aave’s core smart contracts were not directly compromised; the issue stemmed from the acceptance of rsETH as credible collateral.
関連記事
