사건 보고서: Llamarisk, Aave 서비스 제공업체들이 Ethereum 및 Arbitrum 시장 전반의 Kelp rsETH 해킹 상세 내역 공개

📄전체 원문· trafilatura에 의해 자동 추출됨6349 자

An incident report published by Llamarisk to the Aave forum explains that a bridge exploit targeting KelpDAO’s Layerzero V2 rsETH route on Saturday allowed an attacker to extract 116,500 rsETH from Ethereum’s OFT adapter without burning any tokens on the source chain. Llamarisk’s report notes that this incident exposed Aave V3 markets to potential bad debt ranging from $123.7 million to $230.1 million, depending on how losses are allocated. Incident Report: Llamarisk, Aave Service Providers Detail Kelp rsETH Hack Across Ethereum and Arbitrum Markets Key Takeaways: - According to Llamarisk, an attacker exploited Kelp’s Layerzero V2 bridge on April 18, 2026, minting 116,500 rsETH without any corresponding burn. - Llamarisk estimates bad debt between $123.7M and $230.1M across 7 affected markets, depending on how Kelp socializes losses. - The Aave DAO treasury holds $181M as of April 20, 2026, and service providers are already securing indicative recovery commitments from ecosystem participants. Llamarisk Details rsETH Exploit Scenarios After Kelp OFT Adapter Drained The analysis published by risk management company Llamarisk and Aave service provider co-authors explained that the attack occurred at 17:35 UTC in Ethereum block 24,908,285. The Unichain-to-Ethereum route was configured as a 1-of-1 DVN path, meaning a single verifier could attest an inbound packet without any corresponding outbound action, according to the report. Llamarisk authors said the attacker forged a packet that was verified, committed, and delivered on Ethereum, releasing 116,500 rsETH from the adapter, the Aave report notes. The adapter balance fell from 116,723 rsETH to 223 rsETH in a single block. The attacker fanned the stolen rsETH from one intake wallet across seven branch addresses. Of the 116,500 rsETH received, 89,567 were deposited into Aave V3 markets on Ethereum and Arbitrum as collateral. Those positions were used to borrow approximately 82,650 WETH and 821 wstETH, with health factors settling between 1.01 and 1.03. All seven attacker addresses remain active on Aave at the time of publication. Aave service providers co-authored Llamarisk’s full incident report and confirmed that Aave’s own smart contracts were not compromised. All protocol logic, including supply, repayment, and liquidation mechanics, continued to function as designed throughout the event. The Protocol Guardian began freezing all rsETH and wrsETH reserves across all Aave V3 deployments at approximately 19:00 UTC on April 18. The action set LTV to zero and disabled new supply and borrowing while leaving existing positions eligible for repayment and liquidation. Eleven markets across Ethereum, Arbitrum, Avalanche, Base, Ink, Linea, Mantle, MegaETH, Plasma, and Zksync were affected, according to the Aave forum analysis. The report says the Risk Steward adjusted WETH interest rate models on Arbitrum, Base, Mantle, and Linea at approximately 14:30 UTC on April 19, reducing Slope 2 to 1.50 percent and cutting the borrow rate at 100 percent utilization from between 8.5 and 10.5 percent down to 3.0 percent APR. A corresponding adjustment was applied to Core at approximately 05:00 UTC on April 20, with Slope 1 set to 2 percent, Slope 2 to 3 percent, and optimal utilization set to 94 percent. The Protocol Guardian also froze WETH on Core, Prime, Arbitrum, Base, Mantle, and Linea at approximately 02:00 UTC on April 20 to prevent new borrowing and contain potential stress from spreading to stablecoin reserves. The 2 Scenarios The two scenarios modeled by Llamarisk’s analysis reflect how Kelp’s loss allocation decision will determine the protocol’s final exposure. Scenario 1 assumes uniform socialization of the 112,204 unbacked rsETH across the entire rsETH supply, producing a 15.12 percent depeg and an estimated $123.7 million in bad debt, with Ethereum Core absorbing $91.8 million in absolute terms and Mantle facing a 9.54 percent WETH reserve shortfall. Scenario 2 treats the loss as isolated to L2 rsETH only, applying a 73.54 percent haircut to collateral on remote chains while leaving Ethereum mainnet rsETH fully intact, producing an estimated $230.1 million in bad debt concentrated on Mantle at a 71.45 percent WETH shortfall and Arbitrum at 26.67 percent. The current adapter balance stands at 40,373 rsETH, the only confirmed backing for all remote-chain rsETH across every L2 path, against total remote claims of 152,577 rsETH. Kelp has not publicly confirmed how the recovered funds will be allocated. As of April 20, 2026, the report said that the Aave DAO treasury holds $181 million in assets, including $62 million in Ethereum-correlated holdings, $54 million in AAVE, and $52 million in stablecoins. The DAO generated $145 million in revenue during 2025 and $38 million year-to-date in 2026. Llamarisk confirmed that several indicative commitments from ecosystem participants are already in place to address potential bad-debt scenarios. WETH reserves on Ethereum, Arbitrum, Base, Linea, and Mantle are at 100 percent utilization, with idle balances below $20 on every chain. At full utilization, liquidators receive aWETH rather than underlying WETH, which slows liquidation throughput. Llamarisk’s report flagged Base and Arbitrum as the least buffered markets, with first liquidations triggered at WETH price drops of 0.77 percent and 1.77 percent, respectively, due to positions running at health factors around 1.03. DeFi Lender Aave Battles Withdrawal Crisis After KelpDAO rsETH Exploit DeFi Lender Aave Battles Withdrawal Crisis After KelpDAO rsETH Exploit Aave, one of DeFi's largest lending protocols, is managing a liquidity crisis and an estimated $177 million to $200 million… Read NowAave, one of DeFi's largest lending protocols, is managing a liquidity crisis and an estimated $177 million to $200 million… Llamarisk recommended an immediate pause of the WETH Umbrella staking module under Scenario 1. As of the report’s publication, 18,922 of 23,507 staked aWETH had entered the unstaking cooldown. A pause would block deposits, withdrawals, transfers, and slashing while keeping rewards distribution active. The remaining four rsETH-listed markets, Ethereum Lido, MegaETH, Plasma, and Zksync, carry trivial balances and no bad debt. Twelve additional Aave V3 markets do not list rsETH and are unaffected.

데이터 상태✓ 전체 내용 추출 완료원문 읽기 (Bitcoin.com)

🔍과거 유사 사건· 키워드 + 종목 매칭6 건

2026-04-18

KelpDAO, Ethereum 및 Arbitrum 전반에 걸쳐 DeFi 지갑 유출로 2억 8천만 달러 손실

유사도 380%標的 ETH關鍵字 across/arbitrum/ethereum

2026-04-18

KelpDAO, Ethereum 및 Arbitrum 전반에 걸쳐 DeFi 지갑 유출로 2억 9,200만 달러 손실

유사도 380%標的 ETH關鍵字 across/arbitrum/ethereum

2026-04-21

Arbitrum 동결 KelpDAO 해킹 자금, Crypto의 가장 큰 거짓말을 폭로하다

유사도 370%標的 ETH關鍵字 hack/arbitrum同分類 hot

2026-04-21