Oh, what a tangled web we weave when first we practice to deceive! Aave’s latest escapade involves a forged message, a $292M rsETH exploit, and a $300M coalition of DeFi heroes swooping in to save the day. Jolly good show, chaps!
The scoundrel had already vanished into the digital ether by the time anyone noticed the bridge had told a whopper. On April 18, at precisely 17:35 UTC, Kelp’s rsETH LayerZero V2 bridge accepted inbound nonce 308 on Ethereum, while Unichain was still lounging at outbound nonce 307. No burn, no fuss-just 116,500 rsETH popping out of the Ethereum-side adapter like a jack-in-the-box. How delightful!
The LayerZero verifier, a lone ranger running on a one-of-one DVN setup, was blindsided by an RPC-poisoning attack. Its view of the source-chain state was warped, and it attested to a transaction that never happened. Aave’s post mortem on X confirmed it-a right cock-up, if you ask me.
The Borrow Play Nobody Saw Coming (Except the Scoundrel)
Within minutes, seven lucky addresses had their hands on the stolen tokens. A whopping 89,567 rsETH was stuffed into eight Aave V3 positions across Ethereum Core and Arbitrum. Health factors? A measly 1.01 to 1.03. The borrower then waltzed off with 82,650 WETH and 821 wstETH, all against collateral that was as real as a unicorn. Bravo!
AAVE the token took a 10% nosedive as the gossip mill churned. Over $5.4 billion in ETH fled the protocol faster than a startled rabbit, with Justin Sun pocketing 65,584 ETH (worth nearly $154 million) all by his lonesome. No one waited for the official word-it was every man for himself!
Aave’s Protocol Guardian sprang into action, freezing rsETH and wrsETH across V3 and setting LTV to zero by 19:00 UTC. The Kelp Spoke on V4 was iced, and WETH borrowing was switched off. Containment? Swift as a fox.
The Recovery Nobody Thought Would Scale (But Did, Somehow)
By April 20, WETH was frozen across Ethereum Core, Arbitrum, Base, Mantle, and Linea. Borrow rates needed a firm hand, so the Risk Steward slashed WETH Slope 2 to 1.50% across four chains. Crisis averted-for now.
Aave Labs rallied the troops with DeFi United, a coalition of heroes including Lido, EtherFi, Ethena, Mantle, Golem, Compound, LayerZero, Keyring, KelpDAO, Consensys, and even Joseph Lubin. By April 25, commitments had hit $160 million, eventually ballooning to a cool $300 million. Take that, exploit!
The Arbitrum Security Council froze 30,766 ETH linked to the attacker on April 21. But wait! On May 1, judgment creditors in an unrelated federal case served a restraining notice on Arbitrum DAO, eyeing $71 million of those funds. Legal shenanigans, anyone?
Courts, DAOs, and a Frozen Clock
Aave LLC filed an emergency motion to vacate the restraining notice on May 4. ‘A thief does not own what he steals,’ Aave’s founder quipped in court documents. On May 8, a judge allowed an onchain Arbitrum DAO vote to transfer the ETH to Aave LLC, with the restraining notice tagging along like an uninvited guest.
The DAO vote passed, but the onchain execution is still pending. 30,765.667501709008927568 ETH sits in limbo, waiting for its next adventure.
Meanwhile, AIP 478 liquidated all eight attacker positions on May 6, transferring 89,567 rsETH to the Aave Recovery Guardian. Kelp burned the exploiter’s liquidated rsETH on Arbitrum on May 12, patching the hole in the circulating supply. By May 15, rsETH withdrawals, bridging, and claims were back in business.
Five Tranches, One Filled Adapter
rsETH backing was restored in five tranches between May 13 and May 26. The Aave Guardian chipped in twice with 25,000 rsETH each, Kelp added 20,000, and the Aave Guardian returned with 26,758.29 rsETH on May 22. The grand finale? Kelp’s 20,373.72 rsETH on May 26, topping off the LayerZero OFT adapter with a total of 116,131.72 rsETH. Ta-da!
WETH LTV across affected V3 markets was reset to pre-exploit values on May 16 via AIP 482. The WETH interest rate model returned to normal on May 18. According to Aave on X, markets across Ethereum Core, Arbitrum, Base, Mantle, and Linea are humming along nicely.
Outside of rsETH, Aave V3 is back in full swing across all markets. Crisis averted, but the drama? Oh, it’s far from over.
What Changes Now (Besides Everyone’s Nerves)
On May 28, Aave Labs unveiled a new Technical Asset Listing Framework, setting baseline requirements for new listings and parameter expansions across V3, V4, and Horizon. A Bridge Assessment Framework is in the works, and LlamaRisk is cooking up a new risk framework. Since the incident, Risk Stewards have executed 295 parameter changes, including 234 cap writes in a single risk-off sweep on April 23. Busy bees!
The bug bounty program got a fivefold boost, and LTV0 automation is on the horizon to automatically zero out collateral’s borrowing power when risk thresholds are tripped. Aave Labs also achieved SOC 2 Type II attestation before the incident-a detail mentioned with all the fanfare of a quiet sneeze.
The only loose end? The court’s deliberation on the restraining notice. The ETH waits, frozen in time, like a deer in headlights.
Read More
- Gold Rate Forecast
- 10 Most Powerful Versions of Superman, Ranked
- GBP CNY PREDICTION
- 007 First Light: Release Date, Story, Gameplay, Cast, Editions, and Platforms
- DOGE PREDICTION. DOGE cryptocurrency
- Superman’s 7 Best Power-Ups, Ranked
- 10 Best Free Games on Steam in 2026, Ranked
- 10 Greatest Wii U Games of All Time, Ranked
- Forza Horizon 6 Car List So Far: Confirmed Highlights, Cover Cars, DLC, and Rewards
- What happened to Soldier Boy in The Boys?
2026-05-31 17:50