Wu Blockchain Reports that Kelp DAO suffered a massive cross-chain exploit that drained approximately 116,500 rsETH worth nearly $292 million. The incident raises new concerns about the security of the protocol as it comes less than a year after a previous disruption related to a smart contract flaw
The Kelp DAO reaction prevents further exploit attempts
Accordingly Blockchain dataThe attack on the Kelp DAO exploited a vulnerability in cross-chain communications and specifically targeted the bridge mechanism used to transfer assets across networks. The exploit was executed via a call to the “Iz Receive” function on LayerZero’s EndpointV2, which ultimately triggered the release of funds to a wallet controlled by the attacker.
On-chain detective ZachXBT was one of the first discover The breach estimated losses on Ethereum and Arbitrum at over $280 million. The blockchain investigator also noted that the attack addresses were initially funded through Tornado Cash, indicating a deliberate attempt to hide the funding sources for the highly coordinated attack.
Today we discovered suspicious cross-chain activity related to rsETH. While we investigate, we have paused rsETH contracts across mainnet and multiple L2s.
We work with you @LayerZero_Core, @unichainour auditors and top security experts for RCA.
We take care of you…
– Kelp (@KelpDAO) April 18, 2026
In response to this attack, Kelp DAO implemented an immediate halt to all rsETH contracts across mainnet and connected L2 networks. The protocol has also frozen activity in its core contracts and systems covering deposits, withdrawals and oracle functions. According to Kelp DAO, investigations into LayerZero and Unichain are currently underway.
Especially the attacker tried two more transactions to extract another 40,000 rsETH, worth almost $100 million. However, Kelp DAO’s quick actions ensured that both attempts failed and prevented losses from rising to $391 million.
Aave freezes rsETH contracts
Furthermore, the fallout quickly spread beyond Kelp DAO, with lending protocols coming under immediate pressure. Aave, one of the largest DeFi lending platforms, responded by freezing the rsETH markets for its V3 and V4 implementations.
However, Aave clarified that its own smart contracts have not been exploited and the measure is purely precautionary to limit further debt risk to rsETH when assessing the situation. Aave management is also committed to exploring potential mitigation strategies should the exploits result in bad debts.
The rsETH markets on Aave V3 and Aave V4 have been frozen. Aave’s contracts were not exploited and this is an exploit related to rsETH.
The freeze follows an exploit of the Kelp DAO rsETH bridge. Freezing rsETH markets prevents new deposits and borrowings against rsETH…
– Aave (@aave) April 18, 2026
rsETH itself is a liquid restaking token designed to represent staked ETH while allowing users to earn additional yield through restaking strategies. It plays a key role in cross-chain DeFi, enabling the seamless flow of capital across multiple networks including Arbitrum, Base and Scroll. The scale of the exploit is particularly damaging as the stolen funds represent approximately 18% of rsETH’s total circulating supply, causing significant damage to both liquidity and user trust.
Featured image from Forbes, chart from Tradingview
Editorial process At Bitcoinist, the focus is on providing thoroughly researched, accurate, and unbiased content. We maintain strict sourcing standards and every page is carefully reviewed by our team of top technology experts and experienced editors. This process ensures the integrity, relevance and value of our content to our readers.
