BlockBeats news, on April 20, DefiLlama founder 0xngmi outlined three possible courses of action KelpDAO might take following the rsETH hack, each with significant drawbacks; the final decision will test KelpDAO’s credibility and Aave’s risk tolerance.
Path One: All users share the losses equally
KelpDAO will uniformly reduce losses by 18.5% for all rsETH holders. Currently, approximately 666,000 rsETH are collateralized across the entire Aave network, primarily with high leverage on Mainnet and L2s (assuming all positions are at a 95% liquidation LTV). Upon socialization of losses, all positions on Mainnet would be fully wiped out, generating approximately $216 million in bad debt. The Umbrella protocol can cover $55 million of this bad debt, with the Aave treasury assuming an additional $85 million, leaving a remaining shortfall of approximately $76 million. KelpDAO may bridge this gap through borrowing or selling Aave tokens (currently valued at approximately $510 million), but this would still impose significant pressure on Aave, and all users would collectively bear the losses.
Path Two: Directly to rsETH holders on L2
KelpDAO only insures rsETH on the mainnet and considers rsETH on L2s to be valueless. Currently, Aave L2 has approximately $359 million in rsETH collateral (based on current oracle prices), which, if fully leveraged at maximum leverage, could result in approximately $341 million in bad debt with no coverage from the Umbrella protocol. Aave would only be able to rescue part of the market using treasury funds or borrowing, most likely abandoning the chains with the largest losses—such as Arbitrum, Mantle, and Base—leading to a collapse of these L2 markets. While this approach would have minimal impact on Aave’s mainnet, it would severely damage the reputation of the L2 ecosystem and could trigger a chain reaction.
Path Three: Attempt to refund only the holders at the time of the snapshot before the hack—extremely difficult to execute.
KelpDAO attempted to fully reimburse only rsETH holders who held tokens prior to the hack, as captured in a snapshot, while requiring later buyers or transferees to bear their own losses. However, due to significant fund movements after the attack and the inherent nature of DeFi protocols as liquidity pools, it is technically infeasible to truly distinguish between deposits from different time periods. The hacker borrowed $124 million on Aave mainnet and $18 million on Arbitrum, leaving approximately $91 million in losses after accounting for Umbrella Protocol coverage. While this approach theoretically minimizes broader impact, its practical implementation is nearly impossible and risks sparking legal and community disputes.