Aave Faces Liquidity Crisis and $280M Bad Debt Following Kelp DAO Exploit

• An attacker drained 116,500 rsETH ($292 million) from the Kelp DAO LayerZero bridge, using the unbacked tokens as collateral to borrow WETH on Aave.
• Aave is currently grappling with approximately $280 million in bad debt as the fraudulent rsETH collateral is effectively worthless and unliquidatable.
• The protocol’s ETH pool utilization reached 100%, temporarily preventing further withdrawals and sparking over $5.4 billion in total outflows.

The decentralized finance (DeFi) ecosystem is reeling after a massive security breach at Kelp DAO cascaded into a liquidity crisis for Aave, the industry’s largest lending protocol. Early on April 19, an attacker exploited the LayerZero bridge infrastructure to forge messages and drain 116,500 rsETH, valued at roughly $292 million. The stolen assets, representing nearly 18% of the total rsETH supply, were subsequently deposited into Aave V3 to secure massive loans of wrapped ether (WETH).

As the exploit became public, Aave’s ETH utilization rate surged to 100%. This threshold indicates that every available unit of ether in the protocol’s lending pool is currently being borrowed, leaving no liquidity for depositors seeking to exit their positions. The AAVE token price plummeted 19% in response to the looming threat of $280 million in bad debt, which the protocol may be unable to recover since the collateral backing the loans is now functionally valueless.

The incident triggered a massive exodus of capital from the platform. On-chain data revealed over $5.4 billion in ETH outflows within hours of the discovery. High-profile figures were among those rushing for the exit; TRON founder Justin Sun reportedly withdrew 65,584 ETH, worth approximately $154 million, as part of the broader panic. In response to the volatility, the Aave Governance and risk contributors moved to freeze rsETH markets on both V3 and V4 deployments to prevent further exposure.

This crisis marks the first major stress test for Aave’s Umbrella safety module, a redesigned insurance mechanism intended to cover protocol deficits. While Aave confirmed that its core smart contracts were not compromised, the reliance on liquid restaking tokens (LRTs) like rsETH has drawn sharp criticism from risk analysts regarding the systemic dangers of interconnected DeFi primitives.

“The rsETH markets on Aave V3 and V4 have been frozen,” Aave stated in an official communication. “This prevents new deposits and borrowing against rsETH while we explore compensation solutions for potential bad debt.” As of Sunday afternoon, the protocol remains in a state of high utilization, leaving many retail depositors waiting for liquidity to return to the system.

Disclaimer: This article is for informational purposes only and does not constitute advice of any kind. Readers should conduct their own research before making any decisions.

The post Aave Faces Liquidity Crisis and $280M Bad Debt Following Kelp DAO Exploit appeared first on Cryptopress.