Incident Report: Kelp rsETH Hack Across Ethereum and Arbitrum Markets
20 Apr 2026 · 23:30 UTC · Bitcoin.com RSS Feed · Original source
Read original at Bitcoin.com RSS Feed →
Summary
A bridge exploit targeting KelpDAO's Layerzero V2 rsETH route occurred on Saturday, allowing an attacker to extract 116,500 rsETH from Ethereum's OFT adapter without burning tokens on the source chain. According to an incident report published by Llamarisk to the Aave forum, the exploit exposed Aave V3 markets to potential bad debt. The incident affects both Ethereum and Arbitrum networks and reveals vulnerabilities in cross-chain bridge infrastructure supporting rsETH token ecosystem. The report details how tokens were extracted from the OFT adapter without corresponding source-chain token burns, creating inflationary pressure and potential insolvency concerns for KelpDAO.
Why it matters
DeFi security incidents create dual contagion: direct token/protocol impact and broader sentiment deterioration. Direct effects include rsETH token inflation (116,500 tokens extracted without source-chain burning), KelpDAO insolvency risk, and Aave exposure to bad debt. Sentiment contagion spreads through: (1) loss of confidence in bridge security across all cross-chain protocols, (2) concerns about Aave's debt absorption capacity affecting AAVE valuation, (3) general risk-off repositioning in altcoins. Bitcoin responds indirectly through risk sentiment spillover but has negligible fundamental exposure. Altcoins bear concentrated impact due to DeFi sector concentration and derivative dependencies. Historical precedent (Luna/3AC cascade, Poly Network hack, Ronin exploit) shows initial panic selling (minutes-hours), stabilization as incident scope becomes clear (daily), and gradual recovery contingent on protocol responses (weekly+). Confidence in recovery is moderate; uncertainty around Aave's solvency and systemic contagion risk limits upside predictions.
Expected impact
The Kelp rsETH bridge exploit represents a significant security incident in the DeFi ecosystem, exposing Aave V3 markets to potential bad debt. Initial market reaction will trigger immediate risk-off selling in altcoins, particularly DeFi-sector tokens (AAVE, LDO, and liquid staking derivatives). Bitcoin will experience spillover from broader market deleveraging but with limited direct impact. The vulnerability in cross-chain bridge infrastructure creates contagion concerns across similar protocols (Layerzero, Stargate, Across). Near-term volatility will spike as traders reassess DeFi security risks. Recovery depends on: (1) incident scope confirmation, (2) KelpDAO/Layerzero protocol responses, (3) Aave's bad debt absorption capacity, and (4) restoration of cross-chain bridge confidence. Weekly-to-monthly horizons will show partial recovery if remediation is swift and effective.