News linked to both this project and an event.
Circle Ventures, Consensys, and Joseph Lubin have announced their support for the DeFi United initiative, aimed at mitigating losses caused by the Kelp DAO vulnerability. Circle Ventures is supporting the ecosystem by purchasing AAVE tokens. Consensys and Ethereum co-founder Joseph Lubin have confirmed the provision of 30,000 ETH to DeFi United. To date, DeFi United has raised over 132,000 ETH, with a total value exceeding $300 million. These funds will be used to cover bad debts resulting from an attacker minting unbacked rsETH via the LayerZero bridge and borrowing assets on Aave. Previously, Aave proposed a donation of 25,000 ETH, while Lido DAO, Ether.fi, and Kelp have respectively proposed or pledged donations of 2,500 ETH, 5,000 ETH, and 2,000 ETH.
According to on-chain analyst Ember (@EmberCN), the rsETH incident on April 18 resulted in a funding shortfall of approximately 68,900 ETH (around $160 million): the hacker collateralized rsETH to borrow 99,600 ETH; after Arbitrum recovered 30,700 ETH, the remaining funds were fully converted by the hacker into BTC. The incident has now entered the remediation phase. Aave is coordinating the establishment of a “DeFi United” relief fund, which has so far received cumulative donations totaling 13,500 ETH (approximately $31.45 million). Donors include Lido Finance (2,500 stETH), ether.fi Foundation (5,000 ETH), Aave founder Stani Kulechov (5,000 ETH), Golem Foundation (1,000 ETH), as well as LayerZero and Ink Foundation (amounts undisclosed).
the Lido team has initiated a proposal, planning to allocate up to 2,500 stETH (approximately $5.8 million) from the DAO to cover the rsETH asset shortfall resulting from the recent attack on Kelp DAO.Lido noted that the LayerZero-based exploit has led to insufficient rsETH reserves, triggering a chain reaction across the DeFi ecosystem, including rising interest rate pressure, tightening lending markets, and certain leveraged strategies facing passive liquidation risks.The proposal emphasizes that these funds will only be used as part of a complete recovery solution, provided that the overall shortfall can be fully addressed.Previously, the approximately $292 million attack on Kelp DAO had already impacted Aave, leading to bad debt issues, and its total value locked (TVL) once declined by nearly $8 billion.
Lido has released an update regarding the Kelp security incident, stating that its Earn-series vaults are working with the management team to address the issue, focusing on two key risk areas: rsETH exposure and tightening liquidity in lending markets. Lido emphasizes that its core staking protocol remains unaffected, and both stETH and wstETH remain secure and stable. Currently, only the EarnETH vault holds approximately 9% of its TVL in rsETH exposure; related deposits and withdrawals have been suspended by the management team pending resolution. Of the ~$70 million in ETH stolen in the earlier attack, roughly $70 million has already been recovered; asset recovery and loss allocation efforts are ongoing. To mitigate liquidity pressure, the management team has reduced leverage and optimized position structures, significantly decreasing wETH debt exposure. Should losses ultimately materialize, EarnETH will activate its $3 million “first-loss protection mechanism,” funded by the DAO. Other vaults remain unaffected: DVV and EarnUSD are operating normally. The GGV sub-vault is currently experiencing negative yields due to a combination of recursive staking strategies and rising borrowing rates, but active adjustments are underway. Users’ previously submitted withdrawal requests will be processed at pre-incident valuations.
Odaily News Lido posted on platform X stating that on April 18th, the Kelp cross-chain bridge was attacked, resulting in the theft of approximately 116,500 rsETH (worth about $292 million). Subsequently, the related assets were frozen on lending markets such as Aave.Its treasury product EarnETH has approximately a 9% risk exposure (about $21.6 million) through leveraged rsETH/ETH positions on Aave. Meanwhile, rising borrowing utilization is creating cost pressure on other strategies. The team is advancing deleveraging and reducing overall risk.Lido pointed out that the final impact of the rsETH positions depends on the subsequent handling by Kelp, LayerZero, and Aave, including loss sharing, asset recovery, and bad debt processing.Regarding risk mitigation, EarnETH can, if necessary, activate a $3 million "first-loss protection mechanism" (provided by the DAO treasury) to cover losses. The specific scale of its use is still pending further evaluation. Currently, the treasury has suspended deposits and withdrawals to ensure fairness and complete loss assessment. If the handling process is slow, redemption channels may be reopened based on the worst-case loss expectations.The official emphasized that stETH and wstETH are unaffected, and the core staking protocol was not involved in this incident.
According to an official Lido tweet, on April 18, 2026, attackers stole 116,500 rsETH (approximately $292 million) from the Kelp cross-chain bridge. Lending platforms including Aave subsequently froze the rsETH market. Lido’s EarnETH treasury holds approximately 9% exposure to rsETH (roughly $21.6 million) via leveraged positions on Aave; deposits and withdrawals are currently suspended. The EarnETH team is actively reducing leverage and mitigating risk; the final loss amount will depend on subsequent decisions by Kelp, LayerZero, and Aave. The Lido DAO treasury has a $3 million “first-loss protection mechanism,” which may be activated—via burning DAO treasury shares—as needed. Lido’s core staking protocol, as well as stETH and wstETH, remain unaffected by this incident.
According to a post by Lido, the Lido Earn team is aware of the developments regarding the Kelp DAO exploit, and earnETH has exposure to rsETH. As a precautionary measure, additional deposits to earnETH have been paused while the situation is being assessed with relevant partners. More details will be announced later.
According to CoinDesk, Kelp DAO’s LayerZero-based cross-chain bridge was attacked, with the attacker withdrawing 116,500 rsETH—worth approximately $292 million at current prices, or roughly 18% of its circulating supply. This incident has become the largest DeFi attack of 2026 to date. In response, Aave, SparkLend, and Fluid have frozen rsETH-related markets, and Lido Finance has suspended new deposits into its earnETH product. Kelp DAO stated it is jointly investigating the incident with LayerZero, auditing firms, and external security experts.