Crypto
20 Apr 2026
Read 12 min
Kelp DAO rsETH bridge exploit: How it drained $292M *
Kelp DAO rsETH bridge exploit exposes LayerZero risks and shows how to harden cross-chain bridges.
An attacker drained about 116,500 rsETH, or roughly $292 million, in the Kelp DAO rsETH bridge exploit tied to LayerZero messaging. Kelp paused core contracts within an hour, which stopped two more attempts. Aave froze rsETH markets to limit bad debt risk. Investigations by Kelp, LayerZero, and Unichain are ongoing.
Kelp DAO faced a massive hit when a single cross-chain message triggered a release of rsETH from its LayerZero-powered bridge. The attacker funded their wallet through Tornado Cash, made the call at 17:35 UTC, and pulled nine figures in minutes. Kelp’s emergency team paused contracts at 18:21 UTC, which blocked two follow-up attempts that tried to pull another 40,000 rsETH.
Weak or bypassed sender authentication
Incorrect trust configuration for remote endpoints
Mishandled replay protection or nonce checks
Upgradable contract changes that created a new attack path
These points are hypotheses until Kelp and LayerZero publish a full postmortem. For now, the observable facts show a single message induced a large release of rsETH, followed by two blocked repeats.
Incorrect or outdated endpoint configuration
Privilege checks that can be skipped
Insecure message replay or ordering rules
Admin or pauser roles that can be hijacked
If any of these fail, a forged or replayed message can move funds that should not move. That appears to match the pattern in the Kelp DAO rsETH bridge exploit.
Assume bridges are high risk. Treat omnichain assets like rsETH as carrying extra smart contract and message risk.
Use protocol-level alerts. Watch for large mint/burn events, sudden supply shifts, or abnormal bridge flow on explorers.
React fast with circuit breakers. A clear pause plan can stop cascading losses. Kelp’s pause blocked two more drains.
Harden message validation. Verify sender, chain, nonce, and payload. Enforce least-privilege routing and consistent allowlists.
Stage updates. Roll out contract or config changes with staged limits and extra monitoring to catch anomalies early.
Limit per-transaction outflows. Set caps for bridge redemptions per message and per block to slow attackers.
Stress-test cross-chain paths. Run chaos drills that simulate malformed and replayed packets across all supported networks.
Publish transparent postmortems. Share timelines, fixes, and compensation plans to rebuild trust.
The postmortem. Kelp, LayerZero, and Unichain will explain the precise bug, the trust model, and the fixes.
Asset recovery attempts. Investigators may track the rsETH or any swaps, bridges, and mixers used post-drain.
Protocol deficits. Aave will review rsETH borrows after the event and decide how to handle any bad debt.
Governance votes. Kelp and lending markets may propose recovery funds, backstops, or risk parameter changes.
Insurance and safety modules. Teams may tap backstops or explore external coverage for cross-chain risk.
Audits and rewrites. Expect fresh reviews of OFT paths, endpoint configs, and emergency controls across many projects.
Inside the Kelp DAO rsETH bridge exploit
What happened and when
At 17:35 UTC, an attacker-controlled wallet made an lzReceive call on LayerZero’s EndpointV2 contract. That call led Kelp’s bridge contract to send 116,500 rsETH to a second attacker address. The value was about $292 million based on the rsETH price at the time. Roughly 10 hours earlier, the attacker had funded their address via Tornado Cash’s 1 ETH pool. This is common in DeFi hacks to hide the source of funds. Blockchain analyst ZachXBT flagged the movement soon after, noting the size and the Tornado Cash funding path. At 18:21 UTC, Kelp’s emergency pauser multisig used a pauseAll function. That action sent Paused events across core contracts, including the LRT Deposit Pool, Withdrawal contract, LRT Oracle, and the rsETH token. Two further transactions at 18:26 UTC and 18:28 UTC tried to drain an additional 40,000 rsETH through the same LayerZero packet. Both failed due to the pause.How the message path was abused
While the exact bug remains under review, the sequence shows an attacker-crafted message arrived as valid and unlocked rsETH on Ethereum. It suggests a flaw around message validation, auth checks, or trust assumptions in the Omnichain Fungible Token (OFT) bridge flow. Kelp, LayerZero, Unichain, auditors, and external security teams are now working on a root cause analysis.Why this hit so hard
Supply and scope
The 116,500 rsETH taken equals around 18% of the token’s circulating supply, which CoinGecko lists near 630,000. rsETH spans 20+ networks, including Base, Arbitrum, Linea, Blast, Mantle, and Scroll. That wide footprint means a bridge-level incident can ripple across many apps and chains at once.Market reactions and Aave’s response
AAVE fell about 10% after the news, as traders weighed the chance of bad debt from rsETH positions. Aave quickly froze rsETH markets on V3 and V4 and said the exploit involved rsETH, not Aave’s own contracts. The Aave team added that if bad debt appears, they will explore ways to offset the deficit. That update replaced an earlier line that referenced using “Umbrella” assets, its safety module, to cover losses.What the pause prevented
Kelp’s fast pause stopped two more attempts that used the same packet to drain another 40,000 rsETH (about $100 million). Without that control, the total loss could have reached around $391 million. The pause also froze key protocol flows. That move traded short-term usability for containment, which is often the right choice in live exploits.Early read on the root cause
Kelp said it detected suspicious cross-chain activity and paused rsETH on mainnet and several L2s. The ongoing review points to the LayerZero OFT bridge path as the likely attack surface. The lzReceive flow on EndpointV2 accepted a message that should not have released funds. This kind of failure can result from:What is an OFT bridge?
An OFT bridge lets the same token exist on many chains. It locks tokens on one chain and mints or releases them on another. It depends on cross-chain messages that say, in effect, “credit this user on the destination chain.” If message checks are weak, an attacker can trick the destination into releasing funds without proper backing.How cross-chain messages get abused
Cross-chain systems must decide which messages are valid and who is allowed to send them. Attacks often target:Security lessons for users and teams
What to watch next
A brief look back: the 2025 rsETH incident
This is the second rsETH security issue in about a year. In April 2025, Kelp paused deposits and withdrawals after a fee contract bug led to extra rsETH minting. No user funds were lost then, but it was a warning sign that complex token logic and cross-chain features need constant testing and guardrails.Investor and user impact
If you held rsETH, your main risks are liquidity, pricing, and venue access. Market makers and bridges may tighten limits while audits run. Aave’s freeze reduces leverage routes for rsETH. Prices can swing as positions unwind. Track official Kelp and Aave channels for reopen steps, redemption plans, and any make-good proposals. For developers, the key takeaways are message validation, rate limits, and fast incident response. Cross-chain growth multiplies attack surfaces. Each added network, endpoint, and adapter raises the chance that a misconfig creates a new path. Standard playbooks, clear role separation, and slow-roll upgrades reduce that risk. The Kelp DAO rsETH bridge exploit shows how one message can unlock major value if the trust boundary fails. The swift pause kept losses from growing, but the first drain was already huge. The industry will study this closely, harden OFT routes, and push for stronger, shared standards on cross-chain security. In closing, the Kelp DAO rsETH bridge exploit is a stark reminder: cross-chain power comes with bridge-layer risk. Clear validation, strict limits, and ready-to-use pause tools are not optional—they are core features. Expect detailed findings soon, and watch for broader upgrades across DeFi as lessons are put into action.For more news: Click Here
FAQ
Q: What happened in the Kelp DAO rsETH bridge exploit?
A: The Kelp DAO rsETH bridge exploit saw an attacker trigger a LayerZero message that released 116,500 rsETH—about $292 million— from Kelp’s cross-chain bridge at 17:35 UTC. Kelp’s emergency pauser multisig executed a pause about 46 minutes later and is investigating with LayerZero and Unichain while Aave froze rsETH markets.
Q: How much rsETH was stolen and what percentage of supply did that represent?
A: The attacker drained 116,500 rsETH, valued at approximately $292 million at the time of publication. That amount represented roughly 18% of rsETH’s circulating supply, which CoinGecko lists near 630,000 tokens.
Q: How did the attacker execute the drain?
A: Onchain data shows an attacker-controlled wallet made an lzReceive call on LayerZero’s EndpointV2 contract at 17:35 UTC, which caused Kelp’s bridge contract to release 116,500 rsETH to a separate attacker address. The attacker-funded wallet had been supplied roughly 10 hours earlier via Tornado Cash’s 1 ETH pool, a common obfuscation technique in DeFi exploits.
Q: What emergency measures did Kelp DAO take to stop further losses?
A: Kelp’s emergency pauser multisig executed pauseAll on the liquid restaking token configuration contract at 18:21 UTC, cascading Paused events across the LRT Deposit Pool, Withdrawal contract, LRT Oracle and the rsETH token. That pause blocked two subsequent attempts at 18:26 and 18:28 UTC that tried to drain an additional 40,000 rsETH.
Q: What role did the LayerZero OFT bridge play in the attack?
A: The exploit appears to have targeted Kelp’s LayerZero OFT bridge, where a single lzReceive message on EndpointV2 was accepted and unlocked rsETH on the destination chain. Kelp, LayerZero and Unichain say the pattern points to weaknesses in message validation, sender authentication or replay protection in the OFT flow and are conducting a root cause analysis.
Q: How did Aave and the market respond to the incident?
A: Aave froze rsETH markets on Aave V3 and V4 and stated the exploit was related to rsETH rather than Aave’s smart contracts. The AAVE token fell about 10% after the news, and Aave said it would explore paths to offset any bad debt, updating an earlier reference to using its Umbrella safety module.
Q: How much additional loss was prevented by the protocol pause?
A: Two attempted follow-up transactions tried to drain another 40,000 rsETH—roughly $100 million—but both reverted after Kelp paused core contracts. Had those attempts succeeded, total losses would have reached approximately $391 million instead of the nearly $292 million already taken.
Q: What security lessons and next steps does the article recommend after the Kelp DAO rsETH bridge exploit?
A: The article recommends treating bridges as high-risk, hardening message validation and sender authentication, adding rate limits and pause plans, stress-testing cross-chain paths and staging contract changes. Next steps include a postmortem from Kelp and LayerZero, asset-tracking efforts for recovery, Aave’s review of borrows and potential governance or compensation proposals.
* The information provided on this website is based solely on my personal experience, research and technical knowledge. This content should not be construed as investment advice or a recommendation. Any investment decision must be made on the basis of your own independent judgement.
Contents
