News linked to both this project and an event.
Aave has published a post-mortem of the April 18 rsETH incident, stating that the rsETH LayerZero V2 cross-chain bridge of liquid staking protocol Kelp accepted a forged message during a cross-chain transfer from Unichain to Ethereum. This caused the adapter on the Ethereum side to release 116,500 rsETH without a corresponding burn on the Unichain side. Aave stated that the attack occurred on a third-party cross-chain bridge infrastructure. However, the attacker deposited the stolen rsETH into 8 Aave V3 positions, borrowing 82,650 WETH and 821 wstETH, which impacted the Aave market.Aave stated that the attacker's rsETH on Arbitrum has now been burned. The LayerZero OFT adapter has replenished 116,131.72 rsETH in 5 batches, and the asset backing for rsETH has been fully restored. The affected WETH and rsETH markets have returned to normal.
: Kelp posted on X platform, stating that to ensure the security standards of rsETH and optimize network integration, it will discontinue rsETH cross-chain support for multiple networks after June 15. The affected networks include Optimism, Manta, Mode, Blast, Scroll, X Layer, zkSync, Zircuit, Swellchain, Hemi, Berachain, Sonic, HyperEVM, Unichain, TAC, Avalanche, Plasma Stable, MegaETH, Monad, and Movement.Kelp reminds users holding rsETH on the aforementioned chains to bridge it back to the Ethereum mainnet before June 15. After the deadline, asset recovery can still be requested, but a fee of 100 USDC will be charged per address. Specific procedures will be announced closer to the deadline.
Aave risk service provider LlamaRisk has released an incident report: On April 18, 2026, the attacker exploited a vulnerability in Kelp’s LayerZero V2 Unichain-to-Ethereum rsETH routing (a 1-of-1 DVN configuration flaw), forged inbound packets, and illicitly released 116,500 rsETH from the Ethereum-side adapter. Of these, 89,567 rsETH were deposited as collateral into multiple Aave V3 markets—including Ethereum Core and Arbitrum—enabling the borrowing of approximately 82,650 WETH (valued at ~$191 million) and 821 wstETH. Currently, only 40,373 rsETH remain in the adapter, while the total claimable rsETH on the remote chain stands at 152,577—creating a substantial shortfall. Depending on the loss allocation methodology, Aave faces two potential bad-debt scenarios: - Scenario 1 (global pro-rata allocation): Estimated bad debt of ~$123.7 million, with Ethereum Core bearing the greatest pressure; - Scenario 2 (loss confined to L2s): Estimated bad debt of ~$230.1 million, with Mantle facing a WETH reserve shortfall of up to 71.45% and Arbitrum facing a 26.67% shortfall. Following the incident, Aave Protocol Guardians and Risk Administrators immediately froze rsETH/wrsETH reserves across all 11 affected markets.
Odaily News The Ethereum restaking protocol Kelp has officially confirmed suspicious cross-chain activity involving rsETH. It has currently paused the rsETH contracts on the mainnet and multiple L2s and launched an investigation into the attack. It is also collaborating with LayerZero, Unichain, as well as audit firms and security experts to conduct a root cause analysis (RCA). A post-mortem report will be released subsequently.