The $292 million Kelp DAO exploit has raised new questions about risks across liquid restocking and DeFi lending markets.
summary
- The $292 million Kelp DAO exploit has raised concerns about hidden risks across the re-liquidity and lending markets.
- Aave, SparkLend, Fluid and Lido have taken steps to control risks after rsETH markets came under pressure.
- The incident has renewed debate over whether yield staking hides risks across connected DeFi protocols.
Attack It is said It affected the protocol’s rsETH bridge and included 116,500 rsETH, equivalent to about 18% of the circulating supply.
The incident was not limited to Kelp DAO. Aave saw significant withdrawals, while SparkLend and Fluid temporarily halted rsETH markets. Lido also temporarily halted its EarETH service, which was exposed to rsETH, although its core product stETH was not affected.
Posted by a DeFi-focused account, known as @whatexchange on X, comparison Event of the 2008 financial crisis. The account wrote: “Stacking layers of assets does not eliminate risk. It compresses and hides it.”
Yield layered products face scrutiny
The post argued that rsETH moved through several layers before the exploit. Users first deposited ETH through Lido and received stETH. stETH can then move to the Kelp DAO and EigenLayer, where rsETH is minted.
The rsETH token was then used as collateral on lending platforms such as Aave, SparkLend, and Fluid. They were also linked via LayerZero to other chains, creating wrapped versions based on the same underlying asset.
The analysis compared this structure to pre-mortgage products 2008 crisis. She said both systems repackaged a single underlying asset through several financial layers, while each layer relied on the previous layer performing as expected.
Market response shows hidden exposure
Following the Kelp DAO exploit, many DeFi platforms moved to reduce the risks. Aave froze rsETH markets for several hours, while SparkLend and Fluid temporarily halted similar markets. Ethena has also temporarily paused LayerZero OFT bridges as a precaution, despite not being directly exposed to rsETH.
According to the post, more than $6.2 billion exited Aave in less than 36 hours. The main problem was not only the scale of exploitation but the difficulty of mapping indirect exposure across protocols, the account said.
“No participant, including the protocols themselves, can fully map their exposure network,” the post said. She added that when users cannot verify exposure in real time, their reaction is often to withdraw funds.
The discussion about DeFi risks turns to system design
The post also focused on bridge security. Kelp allegedly used a 1-of-1 verification setup, meaning one node verified messages across the chain before transferring funds. The publication argued that this design created a single point of failure within a product marketed as decentralized.
The analysis also questioned yield stacking. Each layer adds new risks, including risk reduction, re-risking, bridge errors, contract failures and lending liquidations, she said.
The post said that users should not judge DeFi products by APY alone. He argued that high returns often reflect hidden risks across many connected systems, not simple passive income.
The Kelp DAO exploit is now part of a broader discussion about DeFi securityInfluence and transparency. The incident demonstrated how a single failure can impact users across multiple platforms, including users who did not directly interact with Kelp DAO.
