Written by: Sanqing, Foresight News

In the early hours of April 19, the Kelp DAO product under Kernel DAO was breached via the rsETH cross-chain bridge based on LayerZero. The attacker invoked the lzReceive method of the LayerZero EndpointV2 contract, forged a cross-chain message, causing the mainnet OFTAdapter to release 116,500 rsETH to the attacker’s address, which was approximately $292 million based on the price at that time, accounting for 18% of the circulating supply of approximately 630,000 rsETH. The attacker’s wallet was funded 10 hours before the incident through the Tornado Cash 1 ETH pool.

Within an hour, Kelp urgently executed the pauseAll multi-signature, freezing the LRT Deposit Pool, Withdrawal contract, LRT Oracle, and the rsETH token itself. The attacker subsequently attempted two additional attacks, each trying to take away another 40,000 rsETH, but both were rolled back due to the contract being paused; otherwise, the total loss would have approached $391 million.

This has become the largest single loss in DeFi so far in 2026, surpassing the April 1st hacker event of Drift Protocol, which resulted in a loss of $285 million. According to Bitget market data, after the incident, AAVE, ZRO, and KERNEL fell about 16%, 20%, and 11% respectively in the past 24 hours.

The locked fund in OFTAdapter is everything

Kelp's cross-chain solution is a typical Hub-and-Spoke deployment. The mainnet retains the minting and redemption authority of rsETH via the OFTAdapter contract, while over 20 L2s use standard OFT contracts for mapping.

The cross-chain does not produce a wrapped version, rather it follows a debit-credit 1:1 settlement. From mainnet to L2, it’s Adapter lock plus L2 minting, and from L2 to mainnet it’s L2 burn plus Adapter release.

The entire ledger is maintained by the LayerZero message layer, and the Kelp contract is only responsible for executing the four actions of lock/burn/mint/unlock as per the message.

lzReceive is the throat of this mechanism. It is the entry point for EndpointV2 to call the target chain OFT/OFTAdapter and theoretically only accepts messages verified through LayerZero.

The attacker bypassed the verification logic and forged a cross-chain message that had no corresponding source chain destruction record, directly triggering the release of the mainnet Adapter, allowing 116,500 rsETH to flow out of reserves without any destruction hedge.

There was no source debit, yet a target credit occurred. This is the moment when the supply conservation of the omnichain was broken.

Under this structure, the locked fund in the mainnet Adapter contract is the ultimate value support for all 20+ chains of rsETH. The rsETH on L2 has never been an independent asset; it is merely a delivery note for the mainnet reserves. Once the reserves are drained, all delivery notes simultaneously become worthless.

Moreover, the success of the attack may also relate to Kelp's choice of a 1/1 DVN configuration, where cross-chain messages only require a single validator's signature to pass, which is the weakest security tier allowed by LayerZero.

As early as January 2025, there were development teams in the Aave governance forum alerting Kelp to expand to multiple DVN validations, yet after 15 months, the second DVN has still not been added.

The bridge reserves are a single point of failure that is weaker than single-chain contracts. Yet, under the pressure of expanding share, the LRT generally opted for OFT-style rapid multi-chain deployments, rather than a slower but safer native minting path.

Speed brought market share, which led to today’s bill.

Aave's bad debt is the real bleeding point

$292 million is not just Kelp's issue; the real structural risk unfolded in the latter half of the attack.

The attacker deposited the stolen rsETH into DeFi lending platforms such as Aave V3, V4, Compound V3, and Euler, using it as collateral to borrow WETH/ETH, with about $196 million borrowed just from Aave, and total debt positions exceeding $236 million.

On-chain tracking data shows that the attacker has aggregated approximately 74,000 ETH into a single address, with about $250 million already converted to ETH.

At the moment these lending positions' collateral, rsETH, was deposited into Aave, the reserves behind the mainnet Adapter had already been emptied.

The collateral itself lacks real value support and cannot be disposed of through normal liquidation mechanisms, resulting in Aave's WETH lending pool directly bearing the bad debt.

The Aave team initially stated that if bad debts occurred, they would use the Umbrella safety reserves to offset the deficit, and then modified their statement on X to "explore paths to offset the deficit," subtly taking a step back.

The cost of including LRT as a collateral in the whitelist is now being accounted for in the balance sheet.

The whitelist for LRT collateral should be rewritten

Outside of Aave, SparkLend and Fluid synchronized the freezing of the rsETH market. Upshift paused access to the High Growth ETH and Kelp Gain two vaults.

Lido Earn halted further deposits due to the exposure of earnETH to rsETH while emphasizing that the core protocols of stETH and wstETH remain unaffected.

Ethena, having no exposure to rsETH, still prudently paused its LayerZero OFT bridge for about 6 hours. At least 9 protocols triggered emergency responses.

The contagion spread to such dense nodes within a few hours, not due to any single protocol's risk control failure, but as a direct result of LRT being over-collateralized.

The longer the yield stacking, the more layers of staking, re-staking, cross-chain deployments, and borrowing collateral, each addition means one more trust assumption is taken for granted. When the underlying Adapter reserves are emptied, the entire chain is thrown out of balance.

Previously, Kelp had experienced an excess minting incident in April 2025 due to a fees contract bug, where user funds were not harmed. A year later, it proved in a more costly manner that the risks of LRT do not only stem from the smart contracts themselves but from the repetitive collateralization, cross-chain transfers, and re-combinations of those "efficiency assumptions" throughout the DeFi stack.

In the first four months of 2026, DeFi attack losses have approached the scale of $1 billion, with Drift and Kelp consecutively contributing two incidents over $280 million.

After this incident, all lending protocols should treat LRT-type assets with caution and at least lower their collateral parameters.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。