Kelp DAO Suffers $292 Million rsETH Exploit – Details

bitcoinist2026-04-19 tarihinde yayınlandı2026-04-19 tarihinde güncellendi

Özet

Kelp DAO has suffered a major cross-chain exploit resulting in the loss of approximately 116,500 rsETH, valued at nearly $292 million. The attack targeted a vulnerability in the protocol's cross-chain bridge mechanism, specifically through LayerZero’s EndpointV2. On-chain investigator ZachXBT first identified the breach, noting that the attacker used Tornado Cash to conceal funding sources. In response, Kelp DAO immediately paused all rsETH contracts across mainnet and Layer-2 networks, preventing two additional attempts to drain another $100 million in assets. The protocol is collaborating with LayerZero and Unichain for a full investigation. The incident has impacted the broader DeFi ecosystem, leading Aave to freeze rsETH markets on its V3 and V4 deployments as a precaution, though its own contracts remain secure. The stolen rsETH represents around 18% of its circulating supply, significantly damaging liquidity and user confidence.

Wu Blockchain reports that Kelp DAO has suffered a massive cross-chain exploit that drained approximately 116,500 rsETH, valued at nearly $292 million. The incident raises fresh concerns about the protocol’s security, coming less than a year after a previous disruption tied to a smart contract bug

Kelp DAO Response Prevents Additional Exploit Attempts

According to blockchain data, the attack on the Kelp DAO exploited a weakness in cross-chain communication, specifically targeting the bridge mechanism used to transfer assets across networks. The exploit was executed via a call to the “Iz Receive” function on LayerZero’s EndpointV2, which ultimately triggered the release of funds to an attacker-controlled wallet.

On-chain sleuth ZachXBT was among the first to uncover the breach, estimating losses exceeding $280 million across Ethereum and Arbitrum. The blockchain investigator also noted that the attack addresses had been initially funded via Tornado Cash, indicating a deliberate effort to conceal the funding sources for the highly coordinated attack.

In response to this attack, Kelp DAO implemented an immediate halt to all rsETH contracts across its mainnet and connected L2 networks. The protocol also froze activity across its core contracts and systems that cover deposits, withdrawals, and oracle functions. According to Kelp DAO, an ongoing investigation is underway with LayerZero and Unichain.

Notably, the attacker attempted two additional transactions to drain another 40,000 rsETH, worth close to $100 million. However, Kelp DAO’s swift measures ensured both attempts failed, preventing losses from rising to $391 million.

Aave Freezes rsETH Contracts

In other news, the fallout has quickly spread beyond Kelp DAO, with lending protocols feeling immediate pressure. Aave, one of the largest DeFi lending platforms, responded by freezing rsETH markets across its V3 and V4 deployments.

However, Aave has clarified that its own smart contracts were not exploited, and the measure is purely precautionary to limit further debt exposure to rsETH as they assess the situation. Aave management is also committed to evaluating potential mitigation strategies if any bad debt emerges from the exploits.

rsETH itself is a liquid restaking token designed to represent staked ETH while enabling users to earn additional yield through restaking strategies. It plays a key role in cross-chain DeFi, allowing capital to move seamlessly across multiple networks, including Arbitrum, Base, and Scroll. The scale of the exploit is particularly damaging as the stolen funds represent roughly 18% of rsETH’s total circulating supply, representing a significant hit to both liquidity and user confidence.

ETH trading at $2,345 on the daily chart | Source: ETHUSDT chart on Tradingview.com

İlgili Sorular

QWhat was the total value of rsETH drained in the Kelp DAO exploit, and how many tokens were stolen?

AApproximately 116,500 rsETH was drained, valued at nearly $292 million.

QWhich specific function was exploited in the cross-chain communication attack on Kelp DAO?

AThe exploit was executed via a call to the 'Iz Receive' function on LayerZero's EndpointV2.

QHow did Kelp DAO respond to the attack to prevent further losses?

AKelp DAO immediately halted all rsETH contracts across its mainnet and connected L2 networks, and paused activity in its contracts for deposits, withdrawals, and oracle functions. This prevented two additional attempts to drain 40,000 rsETH.

QWhat action did the lending protocol Aave take in response to the Kelp DAO exploit, and why?

AAave froze rsETH markets across its V3 and V4 deployments as a precautionary measure to limit further debt exposure to the compromised token, clarifying that its own smart contracts were not exploited.

QWhat is rsETH and what key role does it play in the DeFi ecosystem?

ArsETH is a liquid restaking token that represents staked ETH, enabling users to earn additional yield through restaking strategies. It allows capital to move seamlessly across multiple networks like Arbitrum, Base, and Scroll, playing a key role in cross-chain DeFi.

İlgili Okumalar

Single-Day Plunge of 30%, Arthur Hayes Suddenly Liquidates: Why Did ZEC Get Exploded by Security Issues?

On June 5th, Zcash founder Zooko Wilcox disclosed a critical soundness vulnerability in the project's latest Orchard privacy pool. This flaw, found in the elliptic curve multiplication constraints, could allow an attacker to create unlimited counterfeit ZEC within the shielded pool, with transactions appearing valid. The vulnerability was discovered in late May by security researcher Taylor Hornby, who utilized Anthropic's new Opus 4.8 AI model for a targeted audit. The Zcash ecosystem had already performed an emergency network upgrade to patch the issue. However, the detailed disclosure triggered severe market panic, causing ZEC's price to plummet over 30% in a single day. Notably, prominent investor Arthur Hayes announced he had sold his entire ZEC position following the news. The incident starkly challenges the "technological trust" narrative central to privacy coins. Despite years of top-tier cryptographic audits, the bug persisted until uncovered with advanced AI-assisted research. This highlights the growing gap between theoretical perfection and practical implementation in privacy technology. The event serves as a industry-wide warning: in an AI-driven security landscape, the assumption that "undiscovered equals safe" is obsolete. It underscores the urgent need for continuous, proactive security practices combining AI audits, formal verification, and rapid response mechanisms.

foresightnews_api54 dk önce

Single-Day Plunge of 30%, Arthur Hayes Suddenly Liquidates: Why Did ZEC Get Exploded by Security Issues?

foresightnews_api54 dk önce

Breaking the Curse of DeFi Cascading Liquidations, Vitalik Proposes a New Solution

**Vitalik Buterin Proposes New DeFi Design to Eliminate Forced Liquidations** Ethereum co-founder Vitalik Buterin has published a proposal for a new decentralized finance (DeFi) architecture aimed at removing the automatic liquidation mechanisms prevalent in current lending protocols. The core idea involves creating synthetic assets using options as building blocks, fundamentally avoiding the抵押借贷结构 that triggers forced sell-offs. The proposal responds to a recurring flaw in DeFi: during sharp market downturns, mass自动清算 of under-collateralized positions can exacerbate price declines, creating systemic selling pressure and market instability, as evidenced by recent crypto market volatility. Buterin's model would split an asset like 1 ETH into two option-like derivatives, P and N, pegged to a price index with a set strike price and expiration. At expiry, an oracle determines the settlement price to allocate the underlying ETH between P and N holders. This design eliminates the "cliff" of instant liquidation. Instead, a position's value would gradually drift from its target peg if not actively rebalanced by the user, transferring the rebalancing decision from the protocol to the user or automated tools. A key advantage is the reduced reliance on high-frequency, real-time oracle price feeds, which are vulnerable to manipulation and errors in current systems. The delayed settlement in the options model allows for more robust, fault-tolerant oracle designs. However, significant challenges remain for practical adoption. High transaction costs (slippage) from frequent rebalancing on automated market makers (AMMs) could erode user funds. The model may not be suitable for stablecoins requiring a strict 1:1 dollar peg, as it inherently allows for value drift. Success would depend on developing new liquidity provisioning models and deep markets for these synthetic assets. The proposal represents a fundamental rethinking of DeFi risk management, challenging the industry to explore alternatives to被动集中平仓 rather than merely optimizing existing liquidation processes. It remains a theoretical framework awaiting implementation and testing by development teams.

foresightnews_api57 dk önce

Breaking the Curse of DeFi Cascading Liquidations, Vitalik Proposes a New Solution

foresightnews_api57 dk önce

Bitcoin's Decline Marks the Transformation of Crypto

Title: The Decline of Bitcoin Marks the Transformation of Crypto While Bitcoin's price recently fell below $70,000, down approximately 45% from its peak, the broader crypto industry is not following it into decline. Instead, crypto is maturing and evolving beyond its dependence on Bitcoin's price movements. Two of Bitcoin's core functions are being usurped. First, AI has captured its role as the primary speculative asset. AI, with its tangible revenue, explosive demand, and massive capital inflows ($700-830 billion in 2024), is siphoning off the speculative "hot money" that once drove Bitcoin. It also contributes to a sustained high-interest-rate environment, further tightening liquidity for assets like Bitcoin. Second, dollar-pegged stablecoins like USDC and USDT have replaced Bitcoin as the crypto market's foundational currency and primary on/off-ramp. Most trading pairs and on-chain transactions are now settled in stablecoins, severing the historical link where all capital inflows had to pass through Bitcoin first. This decoupling allows projects to thrive based on their own fundamentals rather than Bitcoin's price. Examples include Hyperliquid, an on-chain derivatives exchange with annual revenues of $8-13 billion, and prediction market platform Polymarket, valued at $200 billion with $3.65 billion in annual fees. These projects are evaluated on traditional metrics like revenue and user growth. New opportunities are emerging, particularly around privacy. Privacy coins like Zcash (ZEC) are seeing surging demand, while infrastructure like NEAR enables private, cross-chain asset transfers without requiring users to hold a specific token—privacy becomes a universal service layer. In this new paradigm, stablecoins are the universal cash, various project tokens represent equity, and privacy-enabled cross-chain coordination layers (like NEAR) act as the critical infrastructure connecting a fragmented, multi-chain ecosystem. Bitcoin is now just one asset among many. The era where the entire crypto market moved in lockstep with Bitcoin is over. The industry's health should now be judged by project fundamentals—real revenue, active users, and tokenomics that capture value—and the development of the underlying infrastructure enabling a mature, dollar-denominated crypto economy.

foresightnews_api1 saat önce

Bitcoin's Decline Marks the Transformation of Crypto

foresightnews_api1 saat önce

After being noticed by IBM, the token of three.ws surged 50 times

IBM's public acknowledgment and collaboration with Solana AI project three.ws sparked a massive 50x surge in its $THREE token. Three.ws is building a "3D Agent Layer" for the internet, aiming to move AI beyond chat interfaces into interactive 3D digital characters that can be embedded on websites. These agents possess bodies (3D models), brains (LLMs), memory, skills, and optional on-chain identities and wallets for payments. The platform's architecture consists of four layers: a Viewer layer for 3D rendering, an Agent layer for AI behavior and skills, an optional Identity layer for persistent profiles, and an Embedding layer for deployment. For monetization, developers can set per-use fees for agent interactions, paid in USDC via the x402 protocol. Key to its enterprise strategy are partnerships with IBM and AWS. Integration with AWS Marketplace provides enterprise billing and deployment channels, while the IBM collaboration aims to combine three.ws's 3D agents with IBM's enterprise AI, cloud services, and Granite models. The challenge remains whether businesses will adopt these embodied AI agents and what utility the $THREE token will ultimately hold within the ecosystem.

foresightnews_api1 saat önce

After being noticed by IBM, the token of three.ws surged 50 times

foresightnews_api1 saat önce

Lightspark CEO: In Ten Years, Bitcoin Will Be as Invisible as TCP/IP, Yet Power Trillions in Daily Transactions

A decade from now, Bitcoin will function like TCP/IP — invisible yet foundational, supporting trillions in daily transactions globally, according to Lightspark CEO David Marcus. In this future, a coffee shop in Lagos receives instant payment, a manufacturer in São Paulo settles an invoice with a supplier in Ho Chi Minh City, and a freelancer in Bangalore gets paid weekly from an Austin startup — all via Bitcoin's settlement layer, with none of the parties consciously interacting with it. This vision parallels the adoption of open protocols: first driven by necessity where existing systems fail, then scaling rapidly as tools mature and economic benefits become clear. The structural shift begins with wallets. Modern non-custodial wallets, like Spark, allow users to hold dollars, local currency, and Bitcoin in a single address, seamlessly switching between them. This eliminates friction and revolutionizes global custody, moving significant deposits to user-controlled keys not by ideology, but by superior utility. As a result, Bitcoin becomes the default savings layer for billions, as its fixed supply and appreciating value make it a rational choice for savers holding it alongside stablecoins in their everyday wallets. Businesses follow a similar path, from small companies in emerging markets to multinational corporations, holding Bitcoin alongside operational stablecoins. The latest trend is direct Bitcoin transactions for commerce. When both parties hold Bitcoin, transacting in it becomes the simplest option — no conversions, no intermediary currency. This starts in niche areas like high-value B2B settlements but grows as infrastructure makes sending Bitcoin as easy as stablecoins. An accelerating force is AI agents. By 2036, AI agents conducting commerce on behalf of individuals and firms will increasingly choose Bitcoin for settlement. Optimizing for speed, finality, and minimal counterparty risk across jurisdictions, they find Bitcoin's global, neutral, and programmable network ideal for netting and settling obligations. Thus, Bitcoin is becoming the native currency for machine commerce, just as it has become a native savings asset for humans. The global monetary system is being rebuilt from the protocol layer: open infrastructure, default self-custody, Bitcoin settling everything underneath, with stablecoins as the interface. Most users won't think about Bitcoin when they transact — and they won't need to.

foresightnews_api1 saat önce

Lightspark CEO: In Ten Years, Bitcoin Will Be as Invisible as TCP/IP, Yet Power Trillions in Daily Transactions

foresightnews_api1 saat önce

İşlemler

Spot
Futures

Popüler Makaleler

DAO Nasıl Satın Alınır

HTX.com’a hoş geldiniz! DAO Maker (DAO) satın alma işlemlerini basit ve kullanışlı bir hâle getirdik. Adım adım açıkladığımız rehberimizi takip ederek kripto yolculuğunuza başlayın. 1. Adım: HTX Hesabınızı OluşturunHTX'te ücretsiz bir hesap açmak için e-posta adresinizi veya telefon numaranızı kullanın. Sorunsuzca kaydolun ve tüm özelliklerin kilidini açın. Hesabımı Aç2. Adım: Kripto Satın Al Bölümüne Gidin ve Ödeme Yönteminizi SeçinKredi/Banka Kartı: Visa veya Mastercard'ınızı kullanarak anında DAO Maker (DAO) satın alın.Bakiye: Sorunsuz bir şekilde işlem yapmak için HTX hesap bakiyenizdeki fonları kullanın.Üçüncü Taraflar: Kullanımı kolaylaştırmak için Google Pay ve Apple Pay gibi popüler ödeme yöntemlerini ekledik.P2P: HTX'teki diğer kullanıcılarla doğrudan işlem yapın.Borsa Dışı (OTC): Yatırımcılar için kişiye özel hizmetler ve rekabetçi döviz kurları sunuyoruz.3. Adım: DAO Maker (DAO) Varlıklarınızı SaklayınDAO Maker (DAO) satın aldıktan sonra HTX hesabınızda saklayın. Alternatif olarak, blok zinciri transferi yoluyla başka bir yere gönderebilir veya diğer kripto para birimlerini takas etmek için kullanabilirsiniz.4. Adım: DAO Maker (DAO) Varlıklarınızla İşlem YapınHTX'in spot piyasasında DAO Maker (DAO) ile kolayca işlemler yapın.Hesabınıza erişin, işlem çiftinizi seçin, işlemlerinizi gerçekleştirin ve gerçek zamanlı olarak izleyin. Hem yeni başlayanlar hem de deneyimli yatırımcılar için kullanıcı dostu bir deneyim sunuyoruz.

177 Toplam GörüntülenmeYayınlanma 2024.12.11Güncellenme 2026.06.02

DAO Nasıl Satın Alınır

Tartışmalar

HTX Topluluğuna hoş geldiniz. Burada, en son platform gelişmeleri hakkında bilgi sahibi olabilir ve profesyonel piyasa görüşlerine erişebilirsiniz. Kullanıcıların DAO (DAO) fiyatı hakkındaki görüşleri aşağıda sunulmaktadır.

活动图片