Five weeks of stress and uncertainty for the DeFi community are officially over. Liquid restaking protocol Kelp has fully restored the backing of its flagship token, rsETH. The final milestone of this rescue operation was the transfer of a last tranche of 20,373 rsETH to the LayerZero smart contract.
Let’s break down how this massive crisis unfolded and how the industry managed to clean up the mess.
How a $293M Exploit Nearly Brought Aave to Its Knees
It all started with a textbook (and incredibly painful) nightmare for any DeFi investor. Attackers exploited Kelp and drained 116,500 rsETH. Instead of just trying to “wash” the stolen funds, the hackers launched a full-scale economic offensive: they deposited the stolen tokens as collateral on Aave, the market’s largest lending platform, to siphon out real assets via loans.
The fallout was devastating:
- $190 million in “bad debt” accumulated on the Aave platform.
- Market panic ensued, triggering a massive user exodus and capital flight from the lending protocol.
- Aave’s Total Value Locked (TVL) plummeted from $26.3 billion to $17.7 billion.
This incident perfectly illustrates the “domino effect” in modern DeFi: a vulnerability in a single protocol can instantly jeopardize the entire ecosystem and the liquidity of interconnected platforms.
The Rescue Operation: A Timeline of Recovery
Kelp’s return to normalcy is the result of highly coordinated teamwork across the crypto community. Funds to cover the colossal damage were pulled together globally, heavily supported by the DeFi United initiative and several allied blockchain projects.
The recovery process unfolded in several key phases:
- May 13: The first major tranche of 25,000 rsETH hit the smart contracts. This allowed cross-chain bridges between the Ethereum mainnet and L2 solutions to breathe again.
- May 14: Developers officially reopened withdrawals for users.
- Late May: The final tranche was sent to LayerZero. Token burning and staking reward distributions are now running in a normal, secure mode.
A Dark Quarter for Web3 Security
Unfortunately, the Kelp case isn’t an isolated tragedy, but part of a chilling spring trend. April of this year has already gone down in history as one of the “darkest” months for hacker attacks: over 20 separate incidents cost the industry a record-breaking $651 million.
May didn’t offer any long-awaited relief either. A wave of hacker raids and exploits hit several prominent projects simultaneously:
- Ekubo and TrustedVolumes
- THORChain and Verus
- Echo and Map Protocol
The Takeaway: The fact that Kelp managed to fully restore its asset backing and stabilize the situation in just five weeks is a massive victory and a rare example of stellar crisis management in Web3. However, the ordeal serves as a stark reminder: security in DeFi remains the ultimate challenge for the entire industry.
