On April 18–19, an attacker drained 116,500 rsETH from KelpDAO’s LayerZero-based bridge, roughly 18% of the token’s supply and about$292–293 million at the time. The bridge held reserves backing rsETH on morethan 20 networks, so the exploit instantly created doubts about whether wrappedrsETH on those chains still had real backing behind it.Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!)According to DeFiLlama data, the Kelp DAO exploit landed in a market that was already near the psychological $100 billion milestone for total value locked, and it erased almost $14 billion from that figure within a day. Between April 18 and 19, DeFi’s aggregate TVL fell from about $99.5 billion to roughly $85.21 billion.Hack Shakes DeFi, Wipes $14B TVLThe technical root cause looks simple on paper: Kelp ran a 1‑of‑1verifier configuration for LayerZero’sDecentralized Verifier Network. Only one verifier needed to sign off on cross‑chainmessages, so once the attacker controlled that view of the world, theyeffectively controlled the bridge.The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times,…— Arbitrum (@arbitrum) April 21, 2026According to several post‑mortems,the attacker compromised two RPC nodes that fed data to the verifier and thenused a DDoS attack to knock clean nodes offline, forcing a failover to theirpoisoned infrastructure. From there, they injected a forged cross‑chainmessage that tricked the system into releasing 116,500 rsETH to their address,all without breaking a single line of on‑chain code.Read more: If DeFi Had This in 2022, Maybe It Wouldn’t Have CollapsedFrom an analytical standpoint, this hack sits in the samefamily as earlier bridge failures such as Ronin and Nomad, where centralcheckpoints and initialization assumptions became high‑valuetargets. The common pattern is not a single vulnerable contract but anarchitecture that treats critical verification as a convenience feature ratherthan a hardened security boundary.Lending Models Under PressureThe story did not end at the bridge. The attacker rapidlymoved the stolen rsETH into Aave as collateral and borrowed large amounts ofETH against it, while opening positions on other lending markets. Investors reacted quickly. On‑chain data and market reports showthat more than $5.4 billion exited Aave in short order as users reduced risk,with total value locked dropping even more sharply over 48 hours.Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate.We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA. We will keep you…— Kelp (@KelpDAO) April 18, 2026ETHutilization on Aave briefly spiked to 100%, and AAVE’stoken price fell around 10% as traders priced in both the immediate hole andfuture governance decisions around recapitalization. From a market‑structureperspective, this looks less like a one‑off exploit and more like a stresstest of the non‑isolated lending model where one asset’s failure canripple across an entire pool.He pointed to Aave v4’splanned “hub‑and‑spoke”architecture—closer to semi‑isolatedmarkets—as a potential compromise betweencomposability and safety. The underlying analytical point is that lendingprotocols may no longer afford to assume that all whitelisted collateral assetsshare roughly the same risk profile, especially when some sit on complex, cross‑chainrestaking rails.A Security Reckoning in an AI AgeThe Kelp DAO exploit lands in a month where crypto platformshave already lost hundreds of millions of dollars to hacks, piling onto a multi‑yeartrend of bridge‑centric incidents. Whether or not AI played a direct rolein this particular hack, the pattern of rapid, multi‑venue attackssuggests defenders can no longer rely on slow human review and ad‑hocconfiguration choices to keep up. For DeFi builders, the practical takeaway isless about any single tool and more about assuming that motivated attackers cansee the system almost as clearly as its designers.UPDATE: 🚨 The Kelp DAO exploiter has moved about $175 million in ETH to fresh wallets after Arbitrum froze $71 million tied to the hack. https://t.co/xj2Srjob0I pic.twitter.com/GjlFXnE6cH— CoinMarketCap (@CoinMarketCap) April 21, 2026The public blame game between Kelp DAO and LayerZerounderscores another uncomfortable reality: responsibility for security incomposable finance is shared, but accountability often fragments once somethingbreaks. Kelp says it followed LayerZero’s defaults and common practice;LayerZero says it warned against single‑verifier setups and now promisesto stop signing messages for such configurations. For users and institutionalparticipants, this dispute matters less than the broader lesson: defaultsettings on critical infrastructure are de facto risk decisions, not neutraltechnical details.This article was written by Jared Kirui at www.financemagnates.com.