Bankless：rsETH攻击震动DeFi行业

Author: Jack Inabinet, Senior Analyst at Bankless; Translation: @GoldenFinanceXZ

As the cryptocurrency industry struggles to cope with the latest DeFi security vulnerability, the entire field must confront a life-and-death question: Are DeFi applications truly safe?

Last weekend, the major crypto lending markets experienced the largest DeFi vulnerability attack of the year. A highly skilled attacker exploited the LayerZero-based cross-chain bridge of Kelp DAO to illegally mint 116.5k rsETH.

These newly minted tokens (unsupported by actual assets), valued at approximately $290 million, were subsequently deposited into mainstream lending protocols like Aave and used as collateral to borrow billions of dollars worth of ETH, ultimately leading to bad debt and triggering a liquidity crisis across the industry.

1. Root Cause of the Incident

The attack unfolded in two rapid phases: The attacker first successfully exploited a vulnerability in Kelp DAO’s LayerZero-based cross-chain bridge, then drained hundreds of millions of dollars in funds from Aave using unbacked rsETH.

Phase One: LayerZero Defense Breach

Kelp DAO’s rsETH cross-chain bridge relies on LayerZero’s messaging infrastructure.

The key issue is that: Kelp DAO adopted the lowest security configuration—namely a 1/1 decentralized verification network (DVN)—during integration. This allowed a single validator node operated by LayerZero Labs to have full permission to approve cross-chain messages.

Although LayerZero later claimed in post-attack analyses that it had warned against using the lowest security setting and recommended multi-validator setups for high-value bridges, its protocol still permits 1/1 deployment modes.

More concerning is that approximately 47% of protocols on LayerZero use the same configuration.

The attacker exploited this single point of failure by forging a legitimate cross-chain message, tricking the LayerZero-operated cross-chain bridge into minting 116.5k rsETH directly to an address controlled by the attacker, with no actual assets backing it.

Although Kelp DAO’s multisig contract immediately froze the core contract afterward, it was too late to prevent the subsequent damage…

Phase Two: Aave Liquidity Draining

Using the stolen tokens, the attacker quickly deposited large amounts of rsETH into Aave V3 (along with small deposits into SparkLend, Fluid, and other platforms).

Through this fictitious collateral position, the attacker collateralized tokens with no real value to borrow out huge amounts of WETH, leading to an estimated bad debt of over $262 million for Aave in related transactions.

Faced with this risk, vigilant DeFi lenders did not wait for bad debt to erode their positions. Driven by panic, they collectively withdrew funds over the weekend. After the attack, major protocols lost over $7 billion in assets, with Aave alone losing $6.2 billion, about 23% of the total value locked (TVL) in the lending market.

Market panic caused the collateralization ratios on multiple ETH, USDC, and USDT markets on Aave V3 to spike to 100%, effectively freezing liquidity, and users could no longer withdraw assets.

2. Current Situation

With billions of dollars of assets effectively frozen in crypto lending markets, risks are stacking and escalating continuously.

Depositors cannot actively manage their positions because their collateral has been borrowed against, while interest rates—affected by utilization—are soaring, further increasing borrower pressure. As liquidity dries up and panic spreads, concerns about further bad debt accumulation and the expansion of DeFi risks grow daily.

To limit losses, Aave governance has fully disabled rsETH markets in V3 and V4. However, this is a remedial measure after the fact. Before resolving the serious vulnerability, the protocol still needs to address hundreds of millions of dollars in outstanding bad debt.

3. What Might Happen Next?

Aave V3’s staking module currently holds $201 million in stablecoins and $56 million in WETH, which could be used to offset the deficit caused by rsETH. Additionally, the protocol’s security module contains $266 million worth of AAVE tokens, which could be sold to cover the remaining gap.

While these reserve funds suggest Aave might absorb the loss without becoming insolvent, the rsETH vulnerability has sparked deeper concerns about the resilience of decentralized lending markets.

Such a large shock could discourage users from lending funds—let alone taking on risk via staking/security modules—potentially undermining confidence in Aave V3’s unified liquidity model.

The crypto economy should be built on resilience and minimal trust. However, in the race for smoother user experiences or more dazzling features, some teams have taken shortcuts, introducing fragile single points of failure. The collapse of LayerZero’s cross-chain bridge with 1-of-1 validation nodes in Kelp DAO is a stark example.

These incidents highlight the risks of poorly designed, semi-centralized systems and reveal the huge costs of shortcuts in security design.

If the crypto world is to fulfill its promises, builders must abandon fragile architectures and return to security-first principles, rather than relying on vulnerable multisig or single-signer setups.