Kelp DAO Loses $292M in 2026's Biggest DeFi Hack — How LayerZero's Bridge Became the Attack Vector
Kelp DAO lost $292M in 2026's biggest DeFi hack after an attacker manipulated LayerZero's cross-chain bridge. Aave, Lido, and Ethena all froze related markets within hours as contagion spread across 20+ chains.
In Brief
- Kelp DAO's rsETH bridge was drained of 116,500 rsETH — worth approximately $292M — in a LayerZero cross-chain messaging exploit on April 18, 2026.
- The attacker then used the stolen rsETH as collateral on Aave to borrow an additional $236M in WETH, creating bad debt across the lending protocol.
- Aave, Lido, Ethena, SparkLend, and Fluid all froze related markets within hours; AAVE token fell roughly 10%.
- Two follow-up attacks — totalling another $100M — were blocked after Kelp's emergency multisig paused the protocol 46 minutes after the initial drain.
Another day, another DeFi hack. But this one is different in scale.
On April 18, 2026, liquid restaking protocol Kelp DAO lost $292 million in what has become the largest DeFi exploit of the year — surpassing the $285 million Drift Protocol hack from April 1. The attack was first flagged by blockchain investigator ZachXBT via his public Telegram channel at approximately 2:52 PM ET, listing six attacker wallets that had been pre-funded through Tornado Cash.
The total drain, confirmed by DL News, came to $293.7 million in rsETH — Kelp DAO's liquid restaking token.
How the Attack Worked
Kelp DAO operates as a liquid restaking protocol built on Ethereum. Users deposit staked ETH into the protocol through EigenLayer to earn additional yield, and receive rsETH as a tradeable receipt token. That rsETH is then deployed across more than 20 blockchain networks — Arbitrum, Base, Linea, Blast, Mantle, and Scroll among them — via LayerZero's Omnichain Fungible Token (OFT) bridge standard.
That cross-chain bridge became the attack vector.
At 17:35 UTC, the attacker manipulated LayerZero's cross-chain messaging layer — the verification system that confirms legitimate instructions between networks — into believing a valid transfer request had arrived from another chain. The spoofed message triggered the unauthorized release of 116,500 rsETH to an attacker-controlled address, representing approximately 18% of rsETH's total circulating supply of 630,000 tokens.
The drain was only the first half of the exploit.
The attacker then deposited the stolen rsETH into Aave V3 as collateral — at the time still accepted by the lending protocol — and borrowed approximately $236 million in Wrapped Ether (WETH) against it. Because the rsETH was no longer backed by real underlying assets, the collateral posted on Aave was effectively worthless, leaving the protocol with significant bad debt.
Kelp's emergency multisig paused all core contracts 46 minutes after the initial drain, at 18:21 UTC. Two follow-up attempts by the attacker at 18:26 and 18:28 UTC — each carrying instructions for an additional 40,000 rsETH drain worth roughly $100M — both reverted due to the paused state.
Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate.
— Kelp (@KelpDAO) April 18, 2026
We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA.
We will keep you…
The Contagion Effect: How DeFi Composability Became a Liability
The speed at which the exploit spread to other protocols illustrates exactly what makes DeFi composability both powerful and dangerous.
Within hours of the initial alert:
- Aave froze rsETH markets on both V3 and V4, with founder Stani Kulechov confirming Aave's own contracts were not compromised. AAVE token fell approximately 10% on the news.
- SparkLend and Fluid froze their rsETH markets, with SparkLend reporting zero direct exposure.
- Lido Finance paused deposits into its earnETH product, which carries rsETH exposure, while clarifying that stETH, wstETH, and Lido's core staking protocol were completely unaffected.
- Ethena temporarily shut down its LayerZero OFT bridges from Ethereum mainnet as a precaution, despite having no rsETH exposure and remaining more than 101% overcollateralized.
The rsETH held in the bridge was the reserve backing wrapped versions of the token across every Layer 2 network. With that reserve drained, holders on non-Ethereum deployments faced an immediate question: whether their tokens had any underlying value. That uncertainty created a feedback loop — potential panic redemptions on L2s could pressure the unaffected Ethereum supply, potentially forcing Kelp to unwind EigenLayer restaking positions to honor withdrawals.
Kelp DAO issued its first public statement on X at 20:10 UTC — nearly three hours after the drain — confirming "suspicious cross-chain activity involving rsETH" and that it was working with LayerZero, Unichain, its auditors, and security experts on a root cause analysis.
The Broader Context: DeFi's Bloody April
The Kelp DAO exploit did not occur in isolation. April 2026 has become one of the most damaging months in DeFi security history:
- April 1: Drift Protocol lost $285M in a 12-minute attack later linked to North Korea-affiliated actors
- Following weeks: CoW Swap, Zerion, Rhea Finance, and Silo Finance were all hit in smaller exploits
- April 18: Kelp DAO, $292M — now the largest DeFi exploit of 2026
The pattern points to a structural vulnerability that has grown alongside DeFi's composability. Liquid restaking tokens like rsETH sit deep inside the DeFi stack — accepted as collateral on multiple lending markets simultaneously, deployed across dozens of chains through bridge infrastructure. When the token holds its peg, this architecture is efficient. When it doesn't, losses spread instantly and automatically across the entire ecosystem.
There is no circuit breaker, no committee vote, no grace period. The attacker exploited this by design.
What Happens Next
As of this writing, Kelp DAO has not published a full post-mortem or recovery timeline. The protocol remains paused across mainnet and multiple L2s. Whether rsETH will hold its peg through the aftermath depends on how much of the cross-chain float attempts to redeem into ETH on Ethereum mainnet — and whether Kelp can recover any portion of the stolen funds before the Tornado Cash trail goes cold.
For anyone currently holding rsETH-backed positions on Aave or other lending markets: health factors on those positions may have collapsed. Review your exposure immediately.
For the broader DeFi ecosystem, the Kelp DAO hack raises an uncomfortable question that's becoming harder to ignore: as cross-chain infrastructure becomes the backbone of DeFi composability, how many $300 million vulnerabilities are sitting undetected across the LayerZero-connected ecosystem right now?
The rsETH markets on Aave V3 and Aave V4 have been frozen. Aave's contracts have not been exploited and this is an exploit related to rsETH.
— Aave (@aave) April 18, 2026
The freeze follows an exploit of the Kelp DAO rsETH bridge. Freezing the rsETH markets prevents new deposits and borrowing against rsETH…
rsETH has been frozen on Aave V3 and V4, the asset does not have any borrowing power as a measure due to KelpDAO bridge exploit that happened outside of Aave. Both Aave V3 and V4 does not have further exposure to rsETH. https://t.co/vt8j1BOUjB
— Stani (@StaniKulechov) April 18, 2026
Sources
- Kelp DAO official: https://x.com/KelpDAO
- DL News: https://www.dlnews.com/articles/defi/kelp-dao-defi-protocol-hacked-for-300-million/
- Crypto Briefing: https://cryptobriefing.com/kelp-dao-bridge-hack-292m-loss/
- Bitcoin.com News: https://news.bitcoin.com/zachxbt-flags-280m-kelpdao-exploit-hitting-ethereum-defi-lending-markets/
Stay ahead of Web3 × AI. Get daily breaking news on DeFi, AI Agents, and the future of decentralized finance — delivered to your inbox.
