Imagine you’ve parked your car in a multi-story garage that promises valet service across 20 different lots in the city. You hand over the keys once, and they give you a receipt you can redeem at any location. Now imagine someone figured out how to forge the intercom system’s voice, and the attendant at the main lot just released 18% of every car in the network to a stranger with a convincing accent. That’s roughly what happened to Kelp DAO on Saturday.
At 17:35 UTC on April 18, an attacker drained 116,500 rsETH from Kelp DAO’s cross-chain bridge, a theft worth approximately $292 million at the time and now confirmed as the largest DeFi exploit of 2026. The tokens represented about 18% of rsETH’s 630,000 circulating supply tracked by CoinGecko. Within hours, the incident had triggered emergency freezes across some of DeFi’s most prominent lending protocols, sent Ethereum liquid staking derivative prices into turmoil, and raised uncomfortable questions about the security assumptions underlying cross-chain infrastructure.
How the Attacker Fooled LayerZero’s Messaging System
Kelp DAO operates as a liquid restaking protocol. Users deposit ETH, which Kelp routes through EigenLayer to earn yield on top of standard Ethereum staking rewards. In return, depositors receive rsETH, a tradeable token representing their restaked position. The appeal is straightforward: hold a liquid asset while your underlying ETH works double duty.
The bridge that got exploited served a specific purpose. It held the rsETH reserves backing wrapped versions of the token deployed on more than 20 other blockchains, including Base, Arbitrum, Linea, Blast, Mantle, and Scroll. LayerZero’s OFT (Omnichain Fungible Token) standard handled the cross-chain movement, acting as the infrastructure that lets different blockchains send verified instructions to each other.
The attacker’s method was deceptively elegant. They somehow tricked LayerZero’s cross-chain messaging layer into believing a valid instruction had arrived from another network. The system processed what it thought was a legitimate request, and Kelp’s bridge released 116,500 rsETH to an attacker-controlled address. No vault was cracked in the traditional sense. The protocol simply did what it was designed to do, responding to what appeared to be an authorized command.
Kelp’s emergency pauser multisig froze the protocol’s core contracts 46 minutes after the drain, at 18:21 UTC. But here’s where the timeline gets interesting: two follow-up attempts at 18:26 UTC and 18:28 UTC both failed, each carrying the same LayerZero packet attempting another 40,000 rsETH drain worth roughly $100 million. Those reverted transactions suggest the attacker had prepared for a larger haul and only the emergency freeze prevented additional losses.
Kelp, a product under the KernelDAO umbrella, acknowledged the incident in its first public X post at 20:10 UTC, nearly three hours after the drain. The protocol said it was investigating with LayerZero, Unichain, its auditors, and outside security specialists. As of this writing, Kelp has not disclosed how the exploit bypassed the bridge’s validation logic.
The Cross-Chain Backing Problem Nobody Wanted to Think About
The immediate theft is catastrophic on its own. But the structural problem runs deeper.
Think about what that bridge actually held. It wasn’t just a pile of tokens sitting idle. It was the reserve backing every wrapped version of rsETH across more than 20 networks. When someone on Arbitrum holds rsETH, they’re not holding the native token. They’re holding a wrapped representation, and the entire premise of that representation is that the equivalent amount exists in reserve on Ethereum mainnet.
With 116,500 rsETH (roughly 18% of circulating supply) now in attacker hands, holders on non-Ethereum deployments face a stark question: does their token have anything underneath it?
This creates what risk managers would call a feedback loop. Panic redemptions on L2s put pressure on the unaffected Ethereum supply. If enough L2 holders try to bridge back and redeem simultaneously, Kelp might need to unwind restaking positions to honor withdrawals, which takes time and could force selling into an already stressed market. Even if the protocol’s remaining reserves are technically solvent, a bank-run dynamic can make theoretical solvency irrelevant.
The incident also highlights a rarely discussed vulnerability in the liquid staking ecosystem. Protocols like Kelp sit at the intersection of multiple complex systems: Ethereum’s base layer, EigenLayer’s restaking infrastructure, cross-chain messaging protocols like LayerZero, and dozens of L2 deployments. Each layer introduces its own trust assumptions. When one of those assumptions fails (in this case, the integrity of cross-chain message verification), the contagion potential is enormous.
For context on how the broader market has handled recent volatility, Bitcoin and Ethereum have shown relative resilience compared to altcoins over the past month, a pattern that may offer some comfort to investors watching this situation unfold.
Aave, SparkLend, and the Scramble to Freeze Markets
The contagion list from Saturday’s exploit reads like a who’s who of DeFi lending.
Aave froze rsETH markets on both V3 and V4 within hours of the attack. Founder Stani Kulechov moved quickly to clarify that the exploit was external and Aave’s contracts were not compromised. That distinction matters legally and technically, but it didn’t stop AAVE from falling about 10% as the market priced potential bad debt exposure. If borrowers had used rsETH as collateral on Aave, and that collateral is now worth significantly less (or facing liquidity issues), lenders could face losses.
SparkLend and Fluid both froze their rsETH markets through similar emergency procedures. Upshift joined the list. Each protocol made the calculation that suspending activity was safer than allowing potentially undercollateralized positions to unwind chaotically.
Lido Finance, perhaps the most prominent name in Ethereum liquid staking, paused further deposits into its earnETH product, which carries rsETH exposure. The protocol was careful to clarify that stETH and wstETH are unaffected and the core Lido staking protocol has no involvement in the incident. For Lido, the concern was likely both prudential and reputational. Any association with a major exploit, even at arm’s length, requires careful messaging.
Ethena took a different approach. The stablecoin issuer temporarily paused its LayerZero OFT bridges from Ethereum mainnet as a precaution, saying it has no rsETH exposure and remains more than 101% overcollateralized. The pause would last roughly six hours while the root cause is identified, according to the protocol’s statement. Ethena’s decision reflects how LayerZero itself has become a point of concern. Even protocols with no direct rsETH exposure are asking whether the messaging layer’s security model needs reevaluation.
The derivatives markets reflected the chaos. Funding rates on ETH perpetuals swung negative as traders positioned for downside, though the moves were less extreme than some feared. Whether that relative calm holds through the weekend depends heavily on how the rsETH situation develops.
2026’s DeFi Security Crisis in Context
Kelp’s $292 million loss didn’t happen in a vacuum. It landed in what has become an unusually hostile stretch for DeFi protocols.
Just over two weeks earlier, on April 1, Solana-based perpetuals protocol Drift was drained of approximately $285 million in an attack later linked to North Korea-affiliated actors. That incident held the title of 2026’s largest DeFi exploit for exactly 17 days before Kelp took the crown.
The list of smaller victims keeps growing. CoW Swap, Zerion, Rhea Finance, and Silo Finance have all been exploited in the weeks since Drift. None of those individually matched the scale of the headline-grabbing attacks, but together they paint a picture of an ecosystem under sustained assault.
Several factors may explain the surge. DeFi’s total value locked has grown substantially since 2024, meaning there’s simply more money to steal. Cross-chain infrastructure has proliferated, creating more attack surface. And sophisticated exploit techniques, particularly those targeting bridge validation logic and oracle systems, have become more refined.
North Korea’s Lazarus Group and affiliated actors have been increasingly active in crypto theft, according to multiple security researchers and on-chain analysts. The Drift attack’s attribution to state-affiliated actors raised the possibility that nation-state resources are being applied to DeFi exploitation. Whether the Kelp attack has similar origins remains unknown, but the sophistication of the LayerZero messaging exploit suggests this wasn’t amateur work.
For protocols considering their security posture, the Kelp incident reinforces a painful lesson: audit reports are necessary but not sufficient. Kelp mentioned working with auditors in its post-incident statement, but the exploit still succeeded. Bridge security specifically requires adversarial thinking that goes beyond code review. It requires modeling what happens when the assumptions underlying cross-chain verification fail entirely.
What Happens to rsETH From Here
The immediate question facing Kelp DAO and rsETH holders is whether the token can maintain its peg through the weekend.
RsETH is supposed to trade roughly at parity with ETH, representing an equivalent value of restaked ether. But with 18% of circulating supply now in attacker hands and backing for L2 versions in question, the market may apply a substantial discount until clarity emerges. Depeg spirals can be self-reinforcing: if traders expect the peg to break, they sell, which breaks the peg, which causes more selling.
Kelp’s options are limited. The protocol can try to recover stolen funds, but the attacker is presumably already mixing tokens through privacy-preserving infrastructure like Tornado Cash. Every hour that passes makes recovery less likely. Kelp could theoretically issue new tokens to make L2 holders whole, but that would dilute existing holders and raise questions about the precedent being set. The protocol could also negotiate with the attacker (some exploiters have returned funds in exchange for bug bounties and no prosecution), but that outcome is far from guaranteed.
Whether rsETH holds peg through the weekend depends on several variables: how much of the cross-chain float tries to redeem into ETH on Ethereum, whether Kelp can recover any portion of the stolen funds before the trail goes cold, and how much confidence the market retains in the protocol’s remaining reserves and team.
The incident may also accelerate regulatory attention on DeFi security practices. Bank of England officials have already been scrutinizing stablecoin holding limits as part of broader crypto oversight discussions. U.S. regulators have similarly been examining DeFi protocols, and a string of nine-figure exploits provides ammunition for those arguing the space needs more supervision.
For users who track sentiment readings, the Fear and Greed Index will be worth watching over the coming days as the market digests this event.
The next 72 hours will reveal much. If Kelp can provide a clear accounting of remaining reserves, demonstrate that the exploit vector has been closed, and maintain orderly redemptions, the damage may be contained to the direct losses. If panic spreads or additional vulnerabilities emerge, the second-order effects could ripple far beyond the rsETH ecosystem.
Monday’s market open in Asia, roughly 48 hours from the initial exploit, will provide the first real test of how institutional and retail participants are processing the news.
Related Reading
Sources
Disclaimer: This is journalism, not investment guidance. Crypto is risky. Make your own informed decisions.
