rsETH Incident Report (April 20, 2026)

This report was co-authored by Aave service providers acting within their respective mandates and reflects the best available and verified information at the time of publication. We would also like to acknowledge and thank user banteg for their feedback on the exploit details.

1. Background

On 2026-04-18 at 17:35 UTC (Ethereum block 24,908,285), an attacker exploited Kelp’s LayerZero V2 Unichain to Ethereum rsETH route, which was configured as a 1-of-1 DVN. A forged inbound packet from Unichain (srcEid 30320) to Ethereum was verified by a single DVN attestation with no corresponding source-side burn. This released 116,500 rsETH from the Ethereum-side RSETH_OFTAdapter (0x85d456b2…98ef3) to the attacker.

Within minutes, the attacker fanned out the 116,500 rsETH from a single intake wallet across 7 branch addresses. From there, the branches followed divergent paths: some supplied rsETH as collateral on Aave V3 on Ethereum, some bridged funds to Arbitrum and opened Aave positions on that chain, and others were routed through different venues. Overall, 7 addresses of the attacker currently have active rsETH-backed loans, with health factors that settled around 1.01 to 1.03.

How the exploit broke the bridge invariant

Kelp rsETH uses a LayerZero lock-and-mint bridge for cross-chain transfers. On Ethereum, rsETH is locked in the OFT adapter; on each remote chain, a corresponding amount of rsETH IOUs is minted. The invariant that should always hold is:

rsETH locked in Ethereum adapter ≥ total rsETH minted across all remote chains

The Unichain → Ethereum route was configured as a 1-of-1 DVN path with no optional verifiers. A structurally normal-looking LayerZero packet (nonce 308) was PayloadVerified, committed, and delivered on Ethereum, releasing 116,500 rsETH from the adapter, without any corresponding burn or nonce advance on the Unichain source endpoint. The Unichain outbound nonce remained at 307 while Ethereum accepted nonce 308.

The adapter balance dropped from 116,723 rsETH (one block before the exploit) to 223 rsETH immediately after. An inbound packet (nonce 309, for an additional 40,000 rsETH) was also verified by the same single DVN, but its execution reverted as Kelp had already frozen the recipient address, withdrawing 40,373 rsETH from the adapter after initiating the FrozenFundsRecover. As of this writing, how this recovered 40,373 rsETH will be allocated remains at Kelp’s discretion, and no explicit confirmation has been provided. The current adapter balance of 40,373 rsETH is the only confirmed backing for all remote-chain rsETH across every L2 path, against total remote claims of 152,577 rsETH.

Ethereum mainnet rsETH currently appears not directly affected by this gap, as mainnet rsETH is backed by Kelp’s underlying ETH staking deposits and does not depend on the bridge adapter for its value. The adapter is solely the backing mechanism for bridged copies on L2s. However, it remains possible that decisions made by Kelp regarding loss socialization or fund recovery could impact mainnet rsETH backing. This situation is evolving, and this assessment may be revised as further information becomes available.

Aave’s exposure from attacker positions

Of the 116,500 rsETH received by the attacker, 89,567 were deposited on Aave.

Note: the borrowed amount increases continuously as interest accrues.

Immediate defensive actions taken

Upon identifying the issue, the Aave Protocol Guardian and the Risk Steward coordinated a series of defensive measures to contain risk and protect protocol users.

rsETH and wrsETH freeze

At approximately 19:00 UTC on April 18, the Protocol Guardian began freezing all rsETH and wrsETH reserves across all Aave V3 deployments, setting LTV to 0. New supply and borrowing were disabled, while existing positions remained eligible for repayment and liquidation. Affected markets included Ethereum Core, Ethereum Prime, Arbitrum, Avalanche, Base, Ink, Linea, Mantle, MegaETH, Plasma, and zkSync.

WETH interest rate adjustment: non-Core markets

At approximately 14:30 UTC on April 19, the Risk Steward adjusted the WETH interest rate model across Arbitrum, Base, Mantle, and Linea, reducing Slope 2 to 1.50% and bringing the borrow rate at 100% utilization down from 8.5–10.5% to 3.0% APR. This ensured borrow rates remained sustainable under prevailing market conditions.

WETH freeze

At approximately 02:00 UTC on April 20, the Protocol Guardian froze WETH on Core, Prime, Arbitrum, Base, Mantle, and Linea. This action prevented new borrows against WETH collateral and contained the risk of stress spreading to other reserves, including stablecoins.

WETH interest rate adjustment: Core

At approximately 05:00 UTC on April 20, the Risk Steward applied the same interest rate adjustment on Core, with Slope 1 set to 2%, Slope 2 set to 3%, and optimal utilization set to 94%. This ensured borrow rates remained sustainable under prevailing market conditions.

What was not affected

Aave’s smart contracts were not compromised at any point during this event. All protocol logic, including supply, repayment, and liquidation mechanisms, continued to function as designed. The incident originated entirely outside of Aave, stemming from conditions related to the underlying rsETH asset, and was not the result of any vulnerability or malfunction within the protocol itself.

The protocol’s layered risk management framework performed as intended, enabling rapid and targeted containment. The Protocol Guardian and Risk Steward executed decisive defensive actions.

2. Bad Debt Overview and Scenarios

At the time of writing, no official decision by Kelp regarding loss allocation or recovery has been publicly confirmed. The scenarios and calculations presented herein are hypothetical, based solely on publicly available information and on-chain data, and are provided for analytical purposes only. They do not constitute predictions, commitments, or representations of any actions that Kelp or any other party will take.

Because loss allocation, recovery, and redemption mechanics remain subject to decisions external to Aave, and each materially affects the protocol’s exposure, a single definitive outcome cannot yet be established. The open variables include the socialization boundary (whether the haircut applies to all rsETH holders or only those on the affected chains, which alone changes the per-token impact by roughly 5×), the size and timing of any recovery or recapitalization, redemption pricing (whether redemptions reopen at the pre-exploit rate, a post-haircut rate, or remain gated), and the treatment of rsETH minted via the compromised cross-chain bridge path. The scenarios that follow model the range of plausible resolutions across these variables, examining how differences in rsETH backing, pricing, and recovery assumptions flow through to collateral values, user positions, and potential bad debt across affected markets. This includes how losses may be broadly distributed across the rsETH holder base or concentrated within specific environments.

The scenarios are presented as options rather than expected outcomes. They are intended to support risk assessment and contingency planning in advance of external decisions, so that Aave is positioned to respond once additional information is confirmed.

Impacted Instances

Aave V3 has 23 markets across 20 chains; 11 of those list rsETH or wrsETH as a reserve, and all 11 have the asset frozen. Our bad-debt model covered the seven affected ones: Arbitrum, Avalanche, Base, Ethereum Core, Ink (Tydro white-label instance), Linea, and Mantle.

The remaining four rsETH-listed markets carry trivial balances and no bad debt: Ethereum Lido, MegaETH, Plasma, and zkSync.

The other 12 Aave V3 markets do not list rsETH at all and are unaffected by definition: BNB, Celo, Ethereum EtherFi, Ethereum Horizon, Gnosis, Metis, Optimism, Polygon, Scroll, Soneium, Sonic, and XLayer.

Scenario 1: Uniform socialization of losses

This scenario assumes the 112,204 (152,577 - 40,373) unbacked rsETH dilutes the entire rsETH supply equally, regardless of whether the rsETH sits on Ethereum or an L2. The depeg is calculated as the fraction of supply that is unbacked:

depeg = unbacked / (original supply + unbacked)
= 112,204/ (629,689 +112,204)
= 15.12%

Every rsETH token, on every chain, retains 84.89% of its oracle value. We then simulate each of the 119 user positions on Aave’s markets, applying this haircut to their rsETH collateral, recomputing their health factor, and recording any resulting bad debt.

Under this scenario, the rsETH internal exchange rate is assumed to be adjusted downward to reflect the depeg, and the Aave oracle quotes rsETH at its new fair value. Liquidations then proceed as normal at the updated price. However, because most positions were opened at up to 95% LTV and the depeg exceeds the collateral buffer, post-liquidation collateral value is insufficient to cover outstanding debt, and the shortfall crystallizes as bad debt on the WETH reserve.

Ethereum Core absorbs the largest absolute loss ($91.8M), but its WETH reserve is deep enough that the shortfall remains at 1.54%. Mantle, with the smallest WETH reserve relative to its rsETH exposure, suffers a 9.54% shortfall, the highest proportional impact in this scenario. For the Ethereum Core market, the Umbrella WETH module, sized at 23,507.63 WETH ($54.06M), could offset part of the bad debt.

Scenario 2: Losses isolated to L2 rsETH

This scenario treats the bridge break as an isolated event affecting only remote-chain rsETH. Ethereum mainnet rsETH is fully backed by Kelp’s staking deposits and retains its full value. L2 rsETH, however, is repriced to reflect the actual adapter backing ratio of 26.46% (calculated as 40,373/152,577).

The reasoning is straightforward. rsETH on Ethereum mainnet is minted against real ETH deposits held by Kelp and can be redeemed through the protocol’s normal withdrawal flow. The bridge adapter is a separate mechanism that only backs the remote-chain copies. Since the adapter was drained, remote rsETH holders cannot redeem at par. The 26.46% figure represents the maximum pro-rata recovery if the remaining adapter balance (40,374 rsETH) were distributed across all remote rsETH claims (152,577 rsETH).

Under this repricing, we apply a 73.54% haircut to each user’s rsETH collateral on L2 chains, leaving Ethereum Core positions untouched.

Mantle has the highest exposure. Its WETH reserve of 46,946 ETH would absorb $77.7M in bad debt (33,542 WETH), representing a 71.45% shortfall. Arbitrum faces a 26.67% shortfall ($88.4M bad debt against a 143,353 ETH reserve). Base follows at 23.28%. Ink contributes $13.9M in bad debt (18% WETH shortfall). Other chains and reserves are impacted more moderately.

Scenario comparison

The two scenarios produce very different risk profiles. Scenario 1 spreads a moderate loss thinly across all chains, with Ethereum Core absorbing the bulk in absolute terms but barely noticing it relative to its reserve depth. Scenario 2 concentrates a much larger loss on L2 chains, with Mantle and Arbitrum bearing the brunt.

This difference can be explained by the fact that each rsETH backed debt position originally provides a buffer until the bad debt is reached (because positions were at LTV lower or equal to 95% initially), therefore splitting the slashed amount equivalently makes the buffer absorbed across a much larger pool of positions, rather than consolidating the impact on smaller total supply of rsETH on L2s.

3. Coverage Plans

The Aave DAO maintains a strong balance sheet. As of April 20, 2026, the DAO treasury holds $181 million in assets. This includes $62 million in Ethereum-correlated holdings, $54 million in AAVE, and $52 million in stablecoins. The DAO generated $145 million in total revenue during 2025. It recorded $38 million in revenue and $16 million in net income year-to-date in 2026. Operating cash flow reached $149 million in 2025 and is $40 million year-to-date in 2026.

Outside the DAO’s balance sheet, Aave DAO service providers are leading an effort with ecosystem participants to address a potential bad-debt scenario. This effort already has several indicative commitments from various parties, and we are grateful for the strong support we have received so far.

We will share further updates as we have them.

4. Next Steps for Umbrella

The Umbrella response depends on which scenario materializes. Regardless of which scenario materializes, we recommend proposing an immediate pause of the WETH Umbrella module as a precautionary measure until the situation is fully resolved.

Under Scenario 1 (uniform slash, Ethereum Core WETH included)

If Scenario 1 applies, the Ethereum Core WETH reserve absorbs bad debt, and the Umbrella WETH staking module becomes relevant as a potential coverage source.

At present, 18,922 aWETH out of the total staked 23,507 aWETH have entered the unstaking cooldown. This share in cooldown is likely to rise as more stakers catch up, increasing the risk of capital flight if Kelp is slow to update its exchange rate to reflect the shortfall.

This means that the Aave DAO is to pre-emptively pause the WETH Umbrella module. This would act as a hard freeze, blocking deposits, withdrawals, transfers, and slashing. Rewards distribution would continue. Importantly, a paused module would no longer be counted as slashable when a reserve realizes a deficit, meaning there would be no automatic slashing, and any coverage would need to be handled manually through governance.

A note on cooldown interactions: cooldowns themselves do not pause. Once a user’s cooldown period ends, they enter the standard 2-day withdrawal window, but withdrawals cannot be executed while the module is paused. If funds are not withdrawn within this window, the cooldown resets. In effect, keeping the module paused for more than 22 days (20-day cooldown + 2-day withdrawal window) would ensure that all existing cooldowns and withdrawal windows fully cycle and expire, restoring the full staked balance as effective coverage.

Under Scenario 2 (losses isolated to L2s)

If Scenario 2 applies, the Umbrella is not directly involved. The Umbrella Safety Module currently covers Ethereum Core reserves only and does not extend to L2 deployments. Since Scenario 2 leaves Ethereum Core WETH unaffected (no bad debt on L1), the Umbrella’s automatic slashing mechanism will not trigger.

No pause or intervention on the Umbrella module would be required under this scenario. L2 bad debt would need to be addressed through other means (e.g., the Aave DAO treasury, Kelp DAO recovery, or protocol-level governance action).

5. WETH Illiquidity and Liquidation Risk

Aave liquidations require the WETH reserve to have free liquidity for the liquidator to receive seized WETH collateral as the underlying token. The WETH reserves on Ethereum, Arbitrum, Base, Linea, and Mantle are all currently at 100% utilization: all deposited WETH is on loan, and idle balances are below $20 on every chain. At full utilization, the pool cannot pay out underlying WETH to a liquidator seizing a WETH-collateralized position; the fallback is to receive aWETH instead, which keeps the liquidator’s capital in the reserve until utilization drops. Leading to liquidation throughput to slow further.

The tables below show the numbers per chain at each WETH price decrease level:

• Table 1: Gross uncorrelated debt entering liquidation. The full stablecoin and non-ETH debt held by users who cross HF below 1 at the stated price drop.
• Table 2: Residual bad debt after liquidation bonus. Liquidators repay debt, seize collateral, and take the liquidation bonus from the collateral at different price levels.

Table 1 - Gross uncorrelated debt entering liquidation

Table 2 - Residual bad debt after liquidation bonus

At the time of writing, the system is healthy with 6,077 WETH suppliers across five chains, $4,874.6M WETH collateral, and $2,870.9M uncorrelated debt. Mantle is the most resilient WETH market of the five, as existing positions are conservatively collateralized (the first liquidation occurs at a 22% WETH drop). Base and Arbitrum are the least buffered (first liquidations at 0.77% and 1.77% WETH drop, respectively), because loops run at HF around 1.03.

6. Conclusion

The rsETH bridge exploit on April 18, 2026, was an external event. Aave’s contracts, oracles, and liquidation mechanics functioned as designed throughout, and the protocol’s layered risk framework, Protocol Guardian freezes, and Risk Steward rate adjustments were activated within hours of detection. Attacker positions across Ethereum Core and Arbitrum are contained, and no new rsETH or wrsETH exposure can be created in any Aave V3 deployment.

The open question is how losses from the drained adapter will ultimately be allocated, and this drives the two scenarios in this report:

• Scenario 1 (uniform socialization) produces an estimated $123.7M in bad debt, concentrated on Ethereum Core in absolute size terms and most acute on Mantle in proportional terms.
• Scenario 2 (losses isolated to L2 rsETH) estimates $230.1M in bad debt, all on L2s. Mantle faces a 71.45% WETH shortfall and Arbitrum 26.67%; Ethereum Core is unaffected.

Which scenario materializes depends on decisions outside Aave’s control, primarily how rsETH accounting and the LRTOracle exchange rate are updated. Aave should plan for a window during which the rsETH oracle continues quoting the pre-exploit rate unless Aave’s own feed is updated independently.

In the interim, the priorities identified in this report are: (i) preserving Umbrella WETH coverage against potential Ethereum Core shortfall by pausing the module, (ii) monitoring WETH reserve utilization on Arbitrum, Base, Linea, and Mantle to preserve liquidation capacity, and (iii) advancing the discussions outlined in §3.

7. Disclaimer

This report has been prepared using publicly available information and on-chain data at the time of writing, which may be incomplete or subject to change. The analyses, scenarios, and figures presented are based on assumptions and modeling choices that may not reflect actual outcomes. Differences between assumed and realized conditions, including market behavior, protocol actions, and third-party decisions, may result in materially different results.

This report is provided for informational purposes only and does not constitute financial, legal, or investment advice. It should not be relied upon as the sole basis for any decision or action. References to third parties are illustrative and do not imply any commitment, participation, or responsibility by such parties.

No representation or warranty, express or implied, is made as to the accuracy or completeness of the information contained herein, and no liability is accepted for any loss arising from its use.

With regards to the speculation on rsETH redemption rights, I will share my comments posted on another thread:

I am seeing lots of discussion around whether Kelp should socialize or make L1 holders whole at the expense of L2 holders. The argument is that L2 holders accepted bridge risk in exchange for the convenience of lower gas fees, etc.

This discussion is mute because the Kelp, the issuer, AND LayerZero, the service provider, very clearly state that a few things:

• Omnichain Fungible tokens, which rsETH is, have a shared unified supply

• All rsETH holders have equal redemption rights (pari passu), as per the both the Issuer’s and the Service Provider’s documentation and statements prior to the incident.

Preferential treatment of L1 holders over L2 holders would violate these rights. Kelp, as the issuer, would be violation of their own terms and regulations (MiCA). They would be making a conscious action to seize value from a subset of equal class holders and allocate that value to a different subset of equal class holders. This is clearly untenable.

The discussion would be entirely different if rsETH was minted on mainnet and bridged using a regular bridging mechanism. That is not how Kelp structured rsETH. All documentation clearly enumerates that all of the OFT tokens issued by Kelp have equal and equivalent redemption rights to the shared unified assets supporting the OFT.

The idea that an asset issuer, such as Kelp, could unilaterally decide to violate their own terms based on the “vibes” is insane. I encourage people to focus on how to manage the fallout from the socialized losses scenario, in which all OFT rsETH is marked down ~18%.

Let me say it again for the folks in the back. L2 rsETH do not have a claim on bridge assets – they have equal claim to the shared, unified collateral as enumerated in the OFT specification.

Disclaimers: I am not a lawyer and this is not legal advice. Opinions are my own. I do not hold any rsETH on any network, but I am a user (might even say power user) of Aave across all chains.

So for usdt,usdc umbrella users no cut.

What happens if KelpDAO doesn’t select a scenario soon? Are we considering a class-action lawsuit against LayerZero for their negligence?

Unlike AAVE, KelpDAO and LZ don’t seem to be in a rush, even though we are in a much more delicate position. My concern is that they are using this delay as leverage. Waiting for Kelp’s decision is far from ideal, especially given their silence over the last 48 hours; aside from that vague CoinDesk article pushing LayerZero’s claims.

There are surely more scenarios beyond just those two to consider.

Scenario 2 makes the most sense.

The users that decided to take on bridge smart contract risk should be slashed to zero. Their IOU wrapper token has been stolen, plain and simple. The rsETH on Ethereum is fully backed, and could be used to claim the underlying assets. This pushes the bad debt to Layer 2s, which were responsible for risk parameters when accepting an IOU bridged asset (wrsETH) onto the platform. Users on Ethereum of Kelp and Aave didn’t sign up for risk from bridge losses or even support the growth of Layer 2s.

As for the large amount of bad debt on Mantle and Arbitrum… Bybit could backstop the losses on Mantle and keep their chain alive if they so choose as it is a corpo chain anyways.

As for Arbitrum, I am sure the community would love to see Arbitrum become a Stage 2 rollup and negotiating a deal to resolve the bad debt in exchange for Stage 2 could allow the Ethereum/Arbitrum community to raise enough funds to backstop the bad debt.

Its 4/20, so maybe these ideas go up in smoke but wanted to voice my opinion as an ETH Maxi.

If Umbrella slashing does fire, the consequences are that rational participants will demand significantly higher yields to compensate for demonstrated slashing risk, or they simply won’t re-enter. However Umbrella was built and marketed as Aave’s answer to exactly this type of event. If the first major stress test results in a governance pause that prevents it from functioning, participants across the protocol need to understand what Umbrella actually is. Is it an automated insurance layer, or is it a discretionary reserve that governance can choose to deploy or protect depending on political dynamics?

In contrast, if using umbrella is avoided, the rational response is to demand higher base APR across the protocol in perpetuity, because the insurance layer they were told exists may or may not be activated depending on governance dynamics at the time of the event.

I would like to see a governance discussion that puts all four options on the table with honest trade-off analysis, including what Umbrella activation would mean for future staking participation and what avoiding it would mean for the credibility of the module as an insurance product.

Using Umbrella raises the cost of future Umbrella staking. Avoiding using Umbrella raises the cost of lending on Aave itself. Both paths have a price. The community should be weighing them side by side.

The terms of Umbrella including the cooldown period and automated slashing in the event of bad debt on a specific asset and network were explicit.

You can not unilaterally decide to change the terms after the fact on depositors, including locking for an undefined period of time or manually deciding to dip into it.

Thank you for the detailed incident report and for the speed and clarity of the response so far.

The key takeaway for me is that we are now facing a resolution choice that partly depends on external actors, primarily KelpDAO and LayerZero. As long as responsibility and loss allocation remain unresolved between those parties, it would be premature for Aave to internalize the final cost of an event that originated outside the protocol.

The report outlines two very different paths. Scenario 2 would be extremely painful for users exposed to L2 rsETH (especially Arbitrum and Mantle), but it remains economically coherent if the impairment is truly isolated to bridged rsETH while Ethereum mainnet rsETH remains intact. Scenario 1, by contrast, pushes part of the shock back into Ethereum Core, even though Core is not where this incident originated.

This is why the Umbrella question is critical. Umbrella is a disciplined backstop for realized reserve deficits on Aave, not an automatic sink for unresolved losses stemming from an external bridge incident. Using Umbrella WETH too early or too broadly would create long-term damage beyond this event: it would weaken confidence in the mechanism and likely discourage future participation. Protecting Umbrella is therefore part of protecting Aave’s future resilience. In that context, the recommendation to pause the WETH Umbrella module immediately appears prudent and justified.

My view on priorities:

1. KelpDAO and LayerZero must clarify positions and assume responsibility, including the economic treatment of the loss.

2. A mutual resolution framework should be reached among impacted parties, based on net realized loss (not gross headline exposure).

3. Only then should Aave finalize its response, with a strong preference to preserve Ethereum Core and avoid any premature use of Umbrella as the first absorber of shock.

Practically, I support three immediate principles:

• a preventive pause of the WETH Umbrella module,

• no automatic slashing until the final loss scenario is clearly established,

• a transparent resolution waterfall, external recovery → responsible-party contribution → DAO response → and only as a last resort any potential Umbrella usage.

The priority is to manage this crisis in a way that is prudent, fair, and sustainable for Aave’s future. Protecting current users matters, but preserving trust in Aave’s defensive architecture matters just as much.

Thank you for this risk analysis.

However, there’s one thing I don’t understand: why would we want to socialize the losses? This implies that any protocol that deposits funds into Aave in the future could face a haircut.

Shouldn’t the protocol itself absorb this kind of loss under normal circumstances (and thereby demonstrate that the DAO is there to support its protocol)?

Now that V4 development has been completed and a significant portion of the SPs have jumped ship, belt-tightening should be the order of the day (instead of asking for indecent blank checks to finance who knows what).

Even if the plan takes several months or years, it would inspire confidence in depositors and demonstrate the leadership’s stance and commitment, rather than seeking to make non-responsible parties pay.

This would somewhat wipe the slate clean of, for example, listing an rsETH with such a high LTV, or setting a cap on the rsETH borrow/supply equivalent to the TOTAL circulation of rsETH (isn’t that an open invitation to future hackers that deposits will be accepted without issue)?

A word to the wise, have fun !

Hi,

Thank you for the report.
How is it possible that the hacker only borrowed 82,650 WETH (~$190.86M), but the bad debt could reach up to $230M?

I’m sorry you can’t socialize bad debt. We relied on Ethereum (despite its slow speed) for a reason—it’s more reliable. Those who exploited Layer 2s should bear the consequences. If you punish us in the name of “socializing,” we reserve all our rights.

Whether losses are socialized or not will be decided by Kelp, not Aave.

I have been a long-time and fairly large ETH depositor on the Arbitrum network. I have always bridged from the native Ethereum network exclusively through the official Arbitrum bridge recommended by Aave. Therefore, I do not understand why some participants here argue that L2 users should bear these risks. I have never interacted with rsETH tokens and had no idea how they are minted.