In what is now the largest DeFi hack of 2026, Kelp DAO’s rsETH bridge was exploited for approximately $293 million, sending shockwaves across multiple platforms and triggering emergency responses—most notably from Aave.

🔍 What Happened?
At the center of the incident is rsETH, a restaked ETH derivative used across DeFi protocols.
The attacker exploited a vulnerability in the bridge contract, allowing them to mint or manipulate rsETH without proper backing. ⬇️

This “unbacked collateral” was then used to borrow real, valuable assets like ETH from lending platforms.

Pictorial diagram of the exploit.⬇️

🧠 Why This Was So Dangerous

Because rsETH is integrated into multiple DeFi platforms, the exploit had a domino effect.
🛑 Aave’s Emergency Response
To prevent further damage, Aave quickly:
Froze rsETH markets on V3 and V4
Blocked new deposits and borrowing
Contained potential bad debt spillover

Important: 👉 Aave wasn’t hacked—it acted defensively to protect its ecosystem.
🌐 The Bigger Lesson: DeFi Is Deeply Interconnected. ⬇️

This incident highlights a core truth:
In DeFi, one weak link can ripple across the entire system.
Bridges, derivatives, and lending protocols are tightly coupled. When one fails:
Collateral becomes unreliable
Liquidity gets drained
Trust erodes instantly⬇️

⚠️ Key Takeaways
🔴 Bridges remain one of the most vulnerable points in crypto
🔴 Synthetic/restaked assets can introduce hidden systemic risks
🔴 Risk management (like Aave’s freeze) is critical for survival
🔴 “Code is law” doesn’t mean “code is safe”