A single coordinated attack on April 18, 2026 produced the largest bank run in decentralized finance to date. Within four hours of the initial exploit, lending protocols saw $10 billion in outflows of deposited capital spanning nearly a dozen blockchain networks. Approximately $8 billion in assets were effectively immobilized as depositors depleted all liquidity in an attempt to recover their capital assets.
Protocol hacks are not uncommon in the ecosystem. Yet lending infrastructure remained impaired for the better part of a week while the public turned to the affected parties for a resolution. What makes this exploit unique is the organizational politicking uncharacteristic of a community so bullish on the lack of centralization. This post summarizes the attack, explains Gadget’s response, and outlines the macro-level impacts of the attack on the blockchain.
Primer: Staking and Restaking on Ethereum
DeFi Lending Protocols
In traditional finance, a bank accepts deposits and lends those deposits to borrowers, charging interest on the loans and paying a portion of that interest back to depositors. DeFi lending protocols replicate this model through smart contracts, removing the bank as an intermediary. Aave, the protocol most directly affected by the rsETH exploit, is the largest of these platforms.
Depositors supply assets to a lending pool and earn interest. Borrowers draw from that pool by posting collateral: they lock up one asset in order to borrow another. The collateral must exceed the value of the loan by a specified margin, a requirement known as overcollateralization. If the value of a borrower’s collateral falls below a defined threshold relative to their loan, the protocol automatically sells the collateral to repay the loan. This process, called liquidation, is what protects depositors from borrower defaults.
The entire system relies on the assumption that collateral is worth what the protocol’s price oracle says it is worth. Oracles are data feeds, typically sourced from decentralized exchanges or aggregated market data, that report real time prices to the smart contract. If the oracle says rsETH is worth $2,500, the protocol treats a deposit of 100 rsETH as $250,000 in collateral and allows borrowing against it accordingly. The oracle does not, and cannot, verify whether the rsETH was legitimately minted. It only reports the current market price.
What is composability, and why does it create contagion?
Composability is the defining architectural feature of decentralized finance. It means that any protocol can interact with any other protocol without permission or coordination. A token minted by one protocol can be deposited as collateral in a second, used as liquidity in a third, and wrapped into a derivative in a fourth. This interoperability is what makes DeFi capital efficient: the same asset can perform multiple economic functions simultaneously.
The risk is that composability creates hidden dependencies. When protocols share assets and liquidity, a failure in one protocol propagates to every protocol that holds, lends against, or prices the affected asset. The rsETH exploit illustrates this clearly. A bridge vulnerability at Kelp DAO produced unbacked tokens. Those tokens were deposited into Aave, which treated them as legitimate collateral. When the tokens lost their value, Aave faced bad debt. The resulting panic caused depositors to flee Aave, which drained liquidity, which triggered market freezes at Compound, Euler, SparkLend, and others. Each link in the chain was a separate protocol operating correctly according to its own rules, yet the aggregate outcome was a systemic crisis.
This pattern is sometimes compared to contagion in a banking system, where the failure of one institution triggers a loss of confidence that spreads to its counterparties and beyond. The difference in DeFi is that the connections are public, automated, and instantaneous. There is no regulator to impose a pause, no lender of last resort to inject emergency liquidity, and no circuit breaker to halt trading. When contagion starts, it moves at the speed of the blockchain itself.
What is staking?
Ethereum secures its network through a mechanism called proof of stake. Rather than relying on energy intensive computation, the protocol asks participants to lock up (or “stake”) their ETH as a financial commitment to honest behavior. Validators who stake at least 32 ETH are selected to propose and verify new blocks of transactions. In return for this service, validators earn rewards, typically in the range of 3 to 5% annually. The staked ETH serves as collateral: if a validator acts dishonestly or goes offline, the protocol can destroy a portion of their stake through a penalty known as slashing.
This design aligns incentives. Validators have real capital at risk, which gives them a direct financial reason to follow the rules. The greater the total amount staked across the network, the more expensive it becomes for any single actor to accumulate enough stake to manipulate the system.
One practical limitation of staking is that locked ETH cannot be used elsewhere. A holder who stakes 32 ETH earns validator rewards but forfeits the ability to trade, lend, or deploy that capital in other protocols. Liquid staking services emerged to address this tradeoff. Platforms such as Lido allow users to deposit ETH and receive a derivative token (stETH, in Lido’s case) that represents both the underlying stake and the accruing rewards. That derivative token can then be used freely across decentralized finance, while the original ETH remains staked and earning yield. The depositor effectively receives two streams of value from the same capital.
What is restaking?
Restaking extends this concept one layer further. Introduced by a protocol called EigenLayer, restaking allows ETH that is already staked on Ethereum to simultaneously secure additional services. These services, known as Actively Validated Services, can include oracle networks, data availability layers, cross chain bridges, and other infrastructure that benefits from economic security guarantees but does not have the resources to bootstrap its own validator set from scratch.
The core idea is capital reuse. A validator’s staked ETH, which already secures Ethereum, can opt in to securing one or more additional services at the same time. Each additional commitment carries its own slashing conditions. A validator who restakes accepts that their capital can be penalized not only by Ethereum’s consensus rules but also by the rules of every service they have opted into. In exchange, restakers earn additional yield on top of their base staking rewards.
Liquid restaking tokens such as rsETH represent this layered position in a single, transferable asset. A holder of rsETH has exposure to base staking rewards, restaking rewards from one or more Actively Validated Services, and the compounding slashing risk that accompanies each layer. When these tokens are then deposited as collateral in lending protocols, the chain of dependencies grows longer still.
What are cross-chain bridges?
Each blockchain operates as an independent ledger. Ethereum, Arbitrum, and Optimism all maintain their own records of who owns what, and none of them can natively read the state of another. Cross-chain bridges exist to solve this isolation. A bridge is a piece of infrastructure that allows tokens or data to move from one blockchain to another.
The basic mechanism works through a lock and mint pattern. When a user wants to move tokens from Chain A to Chain B, the bridge locks the original tokens in a smart contract on Chain A and then mints an equivalent number of new tokens on Chain B. These minted tokens are representations of the originals: they derive their value from the guarantee that for every minted token on Chain B, a corresponding original token is locked and held on Chain A. When a user wants to move back, the bridge burns the minted tokens on Chain B and releases the locked originals on Chain A.
The security of this entire process depends on a single question: how does Chain B know that the tokens were actually locked on Chain A? The two blockchains cannot verify each other directly. They rely on an intermediary, a verification layer, to relay and confirm the cross-chain message. If that verification layer is compromised, an attacker can forge a message claiming that tokens were locked when they were not, causing the bridge to mint unbacked tokens on the destination chain. This is precisely what happened in the rsETH exploit.
What is LayerZero?
LayerZero is a messaging protocol designed to relay information between blockchains. Rather than operating its own bridge, LayerZero provides the communication infrastructure that other protocols use to build their own bridges and cross-chain applications. It functions as a transport layer: when a smart contract on one blockchain needs to send an instruction to a smart contract on another, LayerZero handles the delivery.
The protocol’s verification architecture is built around Decentralized Verifier Networks, or DVNs. A DVN is a set of independent validators whose job is to confirm that a cross-chain message is legitimate before it gets executed on the destination chain. Each DVN monitors the source chain, observes the message, and independently attests to its validity. LayerZero’s design allows each integrating protocol to choose how many DVNs must agree before a message is approved.
Message
The recommended configuration uses multiple independent DVNs, so that compromising any single verifier is not sufficient to forge a valid message. The protocol supports a range of setups, from a strict requirement that all DVNs agree (an “N-of-N” configuration) to a threshold model where a majority is enough. The critical point is that security scales with the number of independent verifiers. A 1-of-1 configuration, where a single DVN is both necessary and sufficient, offers no redundancy at all.
What is Kelp DAO?
Kelp DAO is a decentralized autonomous organization that operates a liquid restaking protocol. Users deposit ETH or liquid staking tokens into Kelp and receive rsETH in return. That rsETH token represents a claim on the deposited assets plus the restaking yield they generate through EigenLayer.
Because Ethereum is not the only blockchain where users want to hold and use rsETH, Kelp built a cross-chain bridge using LayerZero’s messaging infrastructure. This bridge allowed rsETH to be transferred between Ethereum and other networks such as Arbitrum. Kelp configured this bridge with a single DVN operated by LayerZero Labs itself. The protocol’s documentation recommended a multi-DVN setup, but the single verifier configuration was the default, and Kelp did not change it. When the attacker compromised that lone verifier’s data feed, there was no second opinion to catch the forgery.
It was this chain of dependencies, from bridge to token to collateral to lending pool to the broader DeFi ecosystem, that the April 18 exploit severed.
DeFi banks saw $10B in outflows following a hack on April 18
On April 18, lending protocols (i.e., DeFi “banks”) across every major blockchain network experienced a classic bank run. Depositors withdrew $10 billion within hours as confidence in the collateral underpinning these platforms collapsed.1 The catalyst was the disclosure that an attacker, subsequently attributed to North Korea’s Lazarus Group,2 had introduced fraudulent tokens into several of the largest lending platforms. Depositors whose funds occupied pools contaminated by that collateral faced the prospect of impairment, prolonged lockups, or both. The withdrawals were individually rational but collectively destabilizing, as each redemption reduced the liquidity available to remaining depositors and accelerated the run. Figure 1 provides a brief overview of a timeline of events.
The underlying hack functioned as a counterfeiting operation. The attacker fabricated 116,500 tokens ($290 million) of rsETH, a derivative instrument linked to staked Ethereum issued by KelpDAO, by exploiting a vulnerability in LayerZero’s infrastructure that transfers tokens between blockchains.3 The counterfeit tokens were then pledged as collateral on lending platforms, most significantly Aave, to borrow approximately $190 million in legitimate assets.4 Once the fraud was identified, the collateral proved worthless, yet the borrowed funds had already been dispersed. Depositors across every pool, including those with no exposure to the fraudulent tokens, withdrew their capital on the expectation that losses would be socialized across the platform.
Gadget Capital mobilized within four minutes of the attack. Our monitoring infrastructure flagged the anomalous rsETH supply increase before any public disclosure had been made. The team immediately began unwinding positions from protocols exposed to both primary effects (direct rsETH exposure) and secondary effects (contagion through shared liquidity pools and interconnected lending markets).
The crisis left $8B locked in place across DeFi banks
Within four hours of the KelpDAO hack, the bank run was effectively complete. Utilization rates across major lending pools reached 100%, meaning every supplied asset had been borrowed and remaining depositors could no longer withdraw their funds. Approximately $8 billion in assets were frozen across lending protocols spanning multiple networks.
Locked depositors faced a fearful uncertainty. Public discussion forums speculated on possible scenarios: a haircut on locked positions, a prolonged lockup until protocol governance could chart a path forward, or, in the worst case, a complete devaluation of positions in protocols unable to recover from the bad debt. The market awaited guidance from three parties in particular: Aave, the largest affected lending protocol; KelpDAO, whose tokens had been forged; and LayerZero, whose infrastructure had been compromised.5
Gadget Capital faced a -1% drawdown with some ETH still locked in an Aave vault that was directly affected by the attack. This limited exposure is by design. Our risk framework enforces position limits on any single protocol, asset, or infrastructure dependency, and the rsETH contagion is precisely the category of tail risk that this architecture is built to contain.
A leadership vacuum prolonged uncertainty and gave rise to new market opportunities
Nearly 72 hours after the exploit, no substantive updates had been issued by any of the responsible parties. The problem was political, not technical. Leadership across multiple organizations needed to agree on a path forward to cover the bad debt, but no public announcements were forthcoming. This absence kept markets in a state of suspended animation and created pronounced price dislocations.
During this period, Gadget Capital identified and executed on two distinct opportunities. First, we facilitated a secondary market for locked Aave assets, enabling holders of frozen positions to swap into unlocked assets at a 12% discount. For each transaction facilitated, Gadget Capital collected a 1% fee. The service addressed a genuine market need: depositors who required immediate resolution accepted the discount, while counterparties with more appetite for risk secured a favorable basis.
Second, we deployed capital into short-term lending on protocols that we assessed as technically sound, but whose rates were distorted by compounding uncertainty. Lending rates reached 15% before leverage, a significant premium over typical conditions.
Four days into the crisis, the Arbitrum Security Council announced that it had recovered $80 million in stolen funds that remained on their network, to the astonishment of many. This was the first concrete positive outcome since the exploit and provided a meaningful reduction in the total outstanding bad debt.
DeFi leaders banded together to cover the remaining $210M hole
After about a week, a consortium of prominent DeFi protocols and ecosystem participants contributed funds to cover the remaining shortfall. The contributions were structured as donations, effectively socializing the losses among businesses rather than retail users. These organizations had funds at risk, reputations to protect, and a collective interest in preserving public confidence in the ecosystem’s lending infrastructure, so they decided to cooperatively bail out Aave.
Aave and other affected DeFi banks maintain emergency reserve funds (commonly described as “safety modules”) intended to absorb losses from precisely this category of event. However, the coverage these reserves could provide for an exploit of this magnitude remained ambiguous throughout the crisis. The recovered funds and the industry coalition ultimately proved sufficient to close the gap.
Two weeks after the initial exploit, DeFi banks resumed normal operations with one exception: the rsETH asset pool on Aave remained locked while the team worked out the logistics of unwinding underwater positions.
This episode is another step towards resiliency for DeFi
The broader DeFi community has directed sharp criticism at Aave’s monolithic lending pool architecture, which pools all collateral types into shared markets. This design enabled a single compromised asset to propagate contagion across all depositors, regardless of their individual exposure to the forged rsETH. Calls for isolated lending pools, in which each collateral type is compartmentalized from the rest, have intensified considerably in the aftermath. Oddly enough, Aave’s latest product release (v4) was designed for this purpose, but it had only been available to the public for a few days before the hack.
Regardless, events like this one help the development community learn about how the ecosystem could evolve. At Gadget Capital, we believe in the continued growth and development of blockchain infrastructure as decentralized finance continues to mature. If you appreciate our approach to risk management, reach out to learn more.
References
- CoinDesk, “Aave Records $6 Billion TVL Drop as Kelp Hack Exposes Structural Risk at DeFi Lender,” April 19, 2026. Link ↩
- CoinDesk, “LayerZero Blames Kelp’s Setup for $290 Million Exploit, Attributes It to North Korea’s Lazarus,” April 20, 2026. Link ↩
- CoinDesk, “2026’s Biggest Crypto Exploit: Kelp DAO Hit for $292 Million,” April 19, 2026. Link ↩
- Aave Governance, “rsETH Incident Report,” April 20, 2026. Link ↩
- CoinDesk, “Aave Could Face Up to $230M in Losses After Kelp DAO Bridge Exploit Triggers DeFi Chaos,” April 20, 2026. Link ↩