I just looked into what happened with Kelp DAO a week ago, and honestly, it’s one of the most brutal DeFi stories of 2026. In 46 minutes, $293 million evaporated from the ecosystem. It wasn’t a code bug, not a smart contract vulnerability — just a configuration error that turned into a systemic crisis.

Here’s what happened: an attacker used the Kelp cross-chain bridge on LayerZero with a DVN 1 of 1 configuration. Essentially, all message validation between chains depended on a single node. Compromising or deceiving that node, the attacker sent a fake message claiming to confirm asset locking. The bridge issued 116,500 rsETH ( roughly 18% of the total circulating supply ) to the attacker’s address — without locking the actual ETH on the source chain. The tokens were literally created out of thin air.

Things got even worse from there. Instead of dumping tokens on the market, the attacker deposited uncollateralized rsETH into Aave V3 as collateral, borrowed $236 million in real WETH, then repeated the maneuver on Aave V4. By the time Kelp DAO froze the contracts (18:21 UTC ), real assets were already leaving. Two attempts to drain another $100 million each were blocked, but the first blow already cascaded through DeFi.

Aave was caught in a trap. When Kelp paused rsETH, all loan positions collateralized by that asset became impossible to liquidate. Aave was left with $196 million in hopeless debt. The WETH pool hit 100% utilization — some users temporarily couldn’t withdraw their funds. Panic spread instantly: withdrawals from Aave totaled $5.4 billion in just a few hours. TVL dropped from over $26 billion to $22 billion — a loss of $6.6 billion in a day. The AAVE token fell 20% in 24 hours ( now trading around $95.54 ).

The scariest part — it wasn’t a LayerZero bug. It was a choice by Kelp DAO to use a centralized configuration, which the protocol permits but creates a dangerous single point of failure. Curve Finance founder Mikhail Egorov directly said: when you trust one party, anything is possible.

The infection spread to at least nine platforms: SparkLend, Fluid, Lido (paused its EarnETH product), Compound V3, Euler, and others. Even Ethena temporarily halted its LayerZero bridges as a precaution, though there was no direct impact.

Money? Almost certainly lost. The attacker already laundered funds through Tornado Cash, spreading ETH across multiple wallets. Justin Sun from Tron offered to “talk” to the attacker, but it looks like theater — the trail is already cold.

What does this mean for the industry? rsETH was considered a trusted asset, correlated with ETH. Implicit assumption: liquid staking tokens are as safe as the underlying asset. That assumption has collapsed. Kelp DAO is left with an asset that can’t be truly sold, and Aave with maximally borrowed ETH that no one can withdraw.

Industry experts expect mandatory requirements for multiple DVNs for bridges and stricter standards for lending protocols. But until then, rsETH across 20+ chains remains in a state of uncertain support until Kelp publishes a verified reserve audit.

This isn’t the first major hack this year. In March, Resolv Labs lost $80 million, on April 1, Drift Protocol lost $285 million (later linked to North Korean actors). CoW Swap, Zerion, Rhea Finance — all in April. Total DeFi losses in 2026 already exceed $450 million across roughly 45 protocols. Ledger’s security chief says it’s “most likely going to be the worst year for hacks.”

The main lesson for investors: DeFi composability cuts both ways. What makes the ecosystem powerful — interconnectedness — also makes it the fastest infection channel. Vulnerability in one protocol becomes a systemic event within minutes. If you hold rsETH or positions in lending protocols, closely monitor official announcements. Avoid panic decisions based on incomplete information, but don’t ignore liquidity risk even on “safe” platforms.

This is a harsh reminder: in DeFi, trust isn’t just technology — it’s architecture. And Kelp DAO’s architecture proved vulnerable not because of the code, but because of the configuration choice.