• The KelpDAO exploit on April 18, 2026, exposed Aave to an estimated $124M-$230M in bad debt within 72 hours.
• Aave’s total value locked fell 33%, shedding billions, with USDT and USDC borrow rates hitting 14%.
• USDe supply shed $800 million in three days, signaling continued DeFi liquidity stress across major protocols.

According to Cryptoquant’s assessment of the situation, the attacker used the drained uncollateralized rsETH to exchange for WETH and stablecoins on Aave, exploiting a critical vulnerability in KelpDAO’s infrastructure. The attack quickly rippled across the broader DeFi ecosystem.

Cryptoquant researchers found that Aave’s aETHrsETH contract holds approximately 83% of all rsETH circulating supply, making it the single most exposed protocol to the hack. The firm estimates Aave now carries between $124 million and $230 million in potential bad debt tied to depegged rsETH collateral.

Aave’s total value locked (TVL) dropped massively in the 72 hours following the exploit, a 33% drop that Cryptoquant described as one of the sharpest protocol-level liquidity contractions in recent DeFi history.

Borrowing rates across Aave’s three largest markets reflected the pressure immediately. Cryptoquant data shows USDT and USDC borrow rates on Aave V3 jumped from 3.4% to 14% as users rushed to borrow stablecoins and exit the protocol. Before the hack, those rates had held steady at 3.4%, consistent with normal DeFi lending conditions.

ETH borrowing rates on Aave V3 climbed to 8%, the highest reading Cryptoquant has recorded since at least January 2024. Rates later stabilized near 5%, still more than double the pre-hack level of 2%.

The simultaneous rate spike across ETH, USDC, and USDT signals system-wide stress rather than isolated market movement, according to the Cryptoquant report. ETH, USDC, and USDT are Aave’s three largest markets by total value locked.

Cryptoquant researchers described the dynamics as a classic DeFi liquidity crunch: depositors withdrawing while borrowers increase demand at the same time, leaving available liquidity to fall rapidly and interest rates to reset higher. As of the report date, rates remain elevated above pre-hack levels.

The yield-bearing stablecoin, USDe, the fourth-largest asset on Aave with $412 million in protocol deposits, also saw significant pressure. Cryptoquant tracked a net collapse in USDe minting activity in the days following the hack, driven by both contagion from the Aave crisis and persistently negative ETH and BTC perpetual futures funding rates.

USDe’s total supply fell from $5.8 billion to $5 billion in three days, a decline of $800 million or 14%. Cryptoquant called it one of the largest short-term redemption events in USDe’s history.

As one of the largest stablecoins globally behind only USDT, USDC, USDS, and DAI, USDe’s contraction points to a meaningful withdrawal of liquidity from the broader DeFi ecosystem, the firm noted.

Negative perpetual funding rates compressed USDe’s delta-neutral yield during this period, accelerating redemption incentives for holders. Cryptoquant explained that the combination of hack-driven risk-off behavior and structural funding rate pressure marks a significant deterioration in DeFi market conditions.

The latest Cryptoquant report highlights the systemic risk of concentrated collateral exposure in DeFi lending protocols, noting that Aave‘s outsized rsETH position amplified contagion far beyond the initial exploit.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。