I agree. Aave on harmony was totally left behind: frozen and forgotten, for a similar exploit, which had only a very limited impact (around 1million bad debt if i remember). Users lost everything. This is absolutely not normal that some users are favored compared to others. AAVE decided to deploy on harmony through a vote, they should assume responsibilities the same way it is handled for this exploit.
Why is writing this off as bad debt unacceptable?
I’d argue the healthier path is to let market dynamics play out and let lenders reprice risk and set their own risk premiums going forward.
The concern that “lenders will perceive the DAO as unwilling to absorb bad debt” cuts the other way too: every absorption event reduces the DAO’s capacity to do so again, and at sufficient scale this backstop is structurally unsustainable.
Pricing risk through markets, not through repeated DAO-funded bailouts, is the more durable equilibrium.
Also realizing bad debt in general allows markets to function much faster after an incident instead of needing to coordinate among many stakeholders how bad debt could potentially be minimized. A possible recovery can always be refunded later.
I am not arguing for this to be an actual possibility for this particular event to be resolved but rather would like to get some arguments of why bad debt is considered such a no go.
Because Aave is not a permissionless architecture like Morpho.
If you deposited 1 million in a bank, and a year later the bank told you that your money loan to a man and he was unable to repay the loan, so the money was gone, what would you do?
If the Morpho structure had been used from the beginning, you could only contact the vault manager. However, AAVE is not structured that way; so AAVE is responsible for the assets.
1 Like
aave is not a bank. there is no deposit insurance hence there should not be the expectation that there is. if that expectation is set, next time bad debt reaches a size that cannot be covered it will just hurt lenders who had their expectation set the wrong way.
I dont see the difference between a morpho vault curator and Aave. There is no reasons lenders should have different expectations towards either
Yeah, there is no such thing as risk free yield in defi. Bailing out depositors here is good business for Aave in the short term. But it is terrible economics more broadly because it encourages everyone in the market to lie about the risks users face which causes the actual risks to be seriously under priced.
3 Likes
This response addresses the principal concerns raised in the thread and seeks to bring the discussion to a position from which the proposal can advance to Snapshot.
We have read the contributions in this thread in good faith and are grateful for the depth of engagement. Read as a whole, the broad direction is aligned: the rescue should proceed, and the DAO’s risk framework should evolve in light of this incident. The discussion places a lot of emphasis on sequencing, and we wish to be explicit on this point.
The recovery effort and the risk framework reform are two distinct workstreams. We recommend focusing this discussion on restoring markets and discussing the risk framework separately, decoupling the two topics.
The 25,000 ETH contribution addresses a question of confidence and liquidity that exists today. The affected users have active, time sensitive exposure across instances of Aave V3 where rsETH and wrsETH were listed. This publication focuses on the Aave DAO making available funding to support the DeFi United rescue effort, and only that.
Separately, @LlamaRisk is developing a new risk framework, with input from the other Service Providers. The scope includes all risk components of every asset listed on Aave Protocol and to be listed on Aave Protocol. That work will be published as its own ARFC, on its own timeline, and reviewed by the community on its own merits. Conditioning disbursement on deliverables in a separate workstream would introduce delays and ambiguity at a moment that requires broader, industry wide, aligned action to help resolve the rsETH related issue.
We have advanced this ARFC to Snapshot, on the terms set out in the original publication. The risk framework workstream will publish its first deliverables on a parallel track, with public milestones, and the DAO will receive transparent accounting of both as they progress.
With the Defi United effort gathering momentum and shifting towards execution, we have advanced this publication to Snapshot ahead of the conventional governance timeline to synchronise the Aave DAO’s efforts with broader DeFi United efforts.
Snapshot: Snapshot
Created: Apr 27, 2026 4:02 PM UTC+1
Start: Apr 28, 2026 4:02 PM UTC+1
End: May 1, 2026 4:02 PM UTC+1
1 Like
On Morpho, if an asset has a problem, users can only claim compensation from the vault administrator. This was the case with Re7 and Mev in the past. Morpho bears no responsibility because the assets were listed by the vault administrator. However, all assets on AAVE are listed by AAVE DAO, so AAVE DAO is responsible. This is the key difference. The core point is: whoever list the asset is responsible.
Guys…this comes off a bit tone deaf. I feel like it’s the equivalent of “we’re going to do this anyway” which defeats the purpose of the discussion. DeFi United is NOT a solution - it’s a donation-based tactic to minimize liability (at best). Additionally, why isn’t the community involved in helping craft the solution rather than @LlamaRisk creating a framework on the basis of the discussion itself? There’s a lot of things wrong here…
1 Like
When do we have a similar resolution for AAVE on harmony?
What it would take to bring me back as an ETH lender — a perspective from someone who exited
I want to be clear about who I am before making this post. I am not a victim of this incident. I am not an AAVE token holder with a governance agenda. I am a plain ETH lender on Ethereum mainnet who moved quickly when the exploit happened, withdrew my full position, and have been watching developments from the outside with zero exposure ever since.
I am writing this because I want to come back. Aave has been the most trusted lending protocol in DeFi for years and I would like it to earn that trust back from people like me. But I will not return based on promises or goodwill alone. Below is exactly what I need to see before I deposit again.
My core observation
This incident was not caused by a bug in Aave’s code. Aave’s contracts worked exactly as designed. What failed was the assumption underneath — that the collateral Aave accepted was genuinely backed. The bridge infrastructure securing rsETH across chains was a single point of failure that nobody at the risk management level fully stress-tested before listing.
The lesson is not “rsETH was bad.” The lesson is that Aave’s risk framework did not extend deep enough into the dependency chain of the assets it listed. Until that changes structurally, the same vulnerability exists for dozens of other bridged assets currently accepted as collateral on this protocol.
What I need to see — specifically
1. A published collateral security standard that covers the full dependency chain
Not a blog post. A binding framework that every new asset listing must pass. It must explicitly cover bridge security requirements, verifier configuration minimums, oracle dependencies, and what automatic actions trigger if any dependency fails. The test: watch the next exotic LRT proposal — does it go through this framework rigorously?
2. Hard exposure caps enforced by code, not governance
A single address deposited $221M of one asset as collateral. This should be technically impossible — blocked by the smart contract itself, not just against policy. I want maximum single-asset concentration limits enforced on-chain, with automatic LTV reduction as concentration increases. Not in a document. In the deployed contract.
3. Automatic circuit breakers — not manual guardian actions
Aave froze rsETH markets within hours of the exploit. In DeFi, hours is an eternity — billions moved in that window. I need automatic triggers: if a collateral asset depegs more than 10% in under 30 minutes, borrowing freezes instantly with no human required. If bridge minting shows anomalous activity, LTV drops to zero automatically. Speed must be built into the system, not dependent on someone being awake.
4. A real-time public risk dashboard
I should be able to open one page and see: pool utilization per chain with alerts at 80/90/95%, collateral concentration by asset, bridge health status for every cross-chain asset listed, and any asset approaching its exposure cap. This data currently exists scattered across volunteer-built Dune dashboards. Aave should own this as a first-class product. If I can see risk building in real time, I can make informed decisions.
5. Complete resolution of this incident with zero lender haircuts
DeFi United appears to be on track to cover the full deficit. I am watching. I need every innocent ETH lender — including those on Arbitrum and Mantle who had nothing to do with rsETH — to receive 100% of their deposits back. Governance made the listing decision. Governance and the ecosystem should absorb the consequence. Not users who had no voice in that decision.
The one question that will drive my decision
Before depositing again, I will ask myself one thing: if the exact same attack happened tomorrow on a different bridged LRT, would the new system catch it before I get trapped — or would I need to be fast again?
If the answer is still “you need to be fast” — the system has not changed, only this specific hole has been patched. I will not return.
If the answer is “the circuit breaker triggers automatically, exposure is capped, and you have time to react” — then Aave has earned my capital back.
1 Like
The case for Aave DAO participating in the DeFi United recovery is strong, and I believe the community should vote in favour — but we should be clear-eyed about why and what we’re asking for in return.
On ecosystem solidarity: The April 18 incident wasn’t an Aave protocol failure — the exploit originated at the LayerZero-powered KelpDAO bridge, which silently minted 116,500 rsETH without a matching source-side burn. Aave was the venue where that unbacked collateral was deployed, not the cause. That distinction matters. Aave participating in DeFi United is a choice to absorb shared systemic risk in exchange for the long-term health of DeFi liquidity infrastructure — not an admission of fault. The coalition forming around this (EtherFi, Lido, Mantle, Ethena, BGD Labs, Stani personally) signals that this is exactly the kind of moment DeFi credibility is built or lost. Staying on the sidelines while the ecosystem coordinates would set a far worse precedent than contributing 25,000 ETH.
On accountability and transparency: That said, I’d strongly urge the proposal authors and Kelp DAO to publish a full post-mortem before the on-chain vote — not after. Specifically:
A clear technical timeline of how the bridge state diverged and was not caught
What oracle or monitoring safeguards existed and why they failed
What KelpDAO’s own financial commitment to the recovery looks like, beyond relying on ecosystem generosity
Commitments on bridge architecture changes or audits before rsETH is re-listed as collateral on Aave
The deficit has already narrowed from ~163,183 ETH to ~75,081 ETH — that’s meaningful progress and shows the DeFi United model can work. But Aave committing 25,000 ETH (the single largest DAO contribution) deserves a commensurate level of accountability from the party whose infrastructure failed.
Support with urgency, and with receipts. Let’s make users whole — and then fix the system that let this happen.
2 Likes
Well said, neither subtract nor add
It’s more than just a post mortem that’s required - it’s not clear eyed to give money first and figure out things later. I agree that those affected should be made whole but rushing to do so when we know that this is a LTV / risk pricing issue on the asset is irresponsible**.**
How fast were you bro? Thank god I escaped due to Defisaver.