An attacker drained roughly 116,500 rsETH, about $292 million at publish time prices, from KelpDAO's LayerZero-powered bridge on April 18, 2026. The stolen tokens represent close to 18% of rsETH's circulating supply and make this the largest DeFi exploit of 2026 to date. ZachXBT was among the first to flag the incident publicly, and CoinDesk, DL News, and Crypto Briefing have since converged on the scale.
How the drain worked
Early analysis points to two linked failures. The first is a minting flaw in KelpDAO's rsETH contract that allowed the attacker to create tokens without corresponding backing. The second is the bridge itself, which relies on LayerZero to move rsETH across more than 20 networks. Once the attacker had improperly minted rsETH on one chain, the bridge treated it as legitimate and released real reserves on the other side.
No official post-mortem from the KelpDAO team had been published at the time of writing. The attack vector remains a preliminary read pending formal confirmation from the protocol or a firm like PeckShield, Cyvers, or BlockSec.
The Aave contamination
The damage did not stop at the bridge. The attacker moved stolen rsETH into Aave V3 and used it as collateral to borrow WETH. That turned a protocol-specific exploit into a systemic DeFi event, because Aave now holds rsETH collateral that is no longer backed one-to-one by the reserves it claims to represent. Aave, SparkLend, and Fluid responded by freezing rsETH markets to stop the attacker from extracting further value and to stop other users from using the now-impaired token as collateral.
That freeze has a second effect. Borrowers with unrelated WETH positions on Aave have reported spiking utilization in the ETH pool, which pushes borrow rates higher and forces liquidation decisions on otherwise healthy positions. The knock-on cost is borne by users who had nothing to do with rsETH.
Why 20 chains is the real story
rsETH is not a single asset on a single chain. KelpDAO spread rsETH and its backing reserves across more than 20 networks via its bridge, which is standard for a liquid restaking token chasing distribution. The cost of that footprint shows up now. Users holding rsETH on layer 2s cannot be certain their local rsETH is still backed by reserves that were not drained on the mainnet side. Arbitrage desks and lending markets have to price that uncertainty in real time, and the rsETH peg has drifted sharply below one ETH on secondary markets.
Multi-chain bridges are the single most-exploited component in DeFi history. Ronin, Wormhole, Nomad, Multichain, Poly Network, and Orbit each produced nine-figure losses, and the pattern usually involves a message-verification or mint-authority gap rather than a flaw in the base chain. A liquid restaking token grafted onto that pattern stacks restaking, bridging, and collateral reuse into a single attack surface. The April 18 drain is what that stack looks like when one layer gives.
What users holding rsETH should actually do
The practical question most readers will have is whether to exit rsETH immediately. A few observations:
- A large portion of rsETH liquidity is now effectively halted because Aave, SparkLend, and Fluid have frozen their markets. Attempting to sell rsETH into thin on-chain liquidity right now will crystallize a steep discount to ETH.
- If KelpDAO announces a socialized loss or a recovery fund, the final realized haircut may be materially smaller than the current market discount. Past incidents of this shape have landed anywhere between full user recovery and a permanent haircut.
- Any withdrawal flow that is still open may be rate-limited or paused by the protocol as a defensive measure. Users attempting to force withdrawals before an official advisory drops can get caught between a paused contract and a moving price.
The broader point applies to anyone using deeply composable yield tokens. Spending from your own wallet is only as safe as the contracts that wallet touches. rsETH holders were not exposed to one contract. They were exposed to a minting contract, a bridge, and every lending market that accepted rsETH as collateral. That is the trade for the extra yield, and April 18 is the invoice.
Context on 2026's hack chart
The $292 million figure surpasses Drift Protocol's $285 million exploit from earlier in April, which Drift's team has since attributed to a six-month North Korean intelligence operation. The top of the 2026 hack leaderboard now reads KelpDAO, Drift, and a handful of smaller incidents below $100 million. Both of the largest events this year have involved composable DeFi primitives rather than centralized exchanges, which is a reversal of the 2022 and 2023 pattern where custodial platform failures dominated the loss tables.
Overview
An attacker exploited a minting flaw in KelpDAO's rsETH token and drained about 116,500 rsETH, roughly $292 million, from the protocol's LayerZero-powered bridge on April 18, 2026. The stolen tokens represent close to 18% of rsETH's supply and make the incident 2026's largest DeFi exploit. The attacker then used stolen rsETH as collateral on Aave V3 to borrow WETH, which pushed lending markets including Aave, SparkLend, and Fluid to freeze their rsETH markets. The rsETH peg has slipped well below one ETH on secondary markets, and KelpDAO has not yet published an official post-mortem. The event exposes the layered risk of restaking, multi-chain bridging, and collateral reuse, which produces a much larger attack surface than any individual component.
