KelpDAO’s rsETH bridge was exploited, resulting in approximately $292 million in losses, apparently due to LayerZero’s single-verification configuration. At 17:35 UTC on April 18 (02:35 JST on April 19, 2026), KelpDAO’s LayerZero-based bridge, which handles the liquid staking token rsETH, was compromised via a malicious cross-chain message, leading to the transfer of 116,500 rsETH (approximately $292 million as of this writing) to the attacker. Upon detecting the breach, KelpDAO halted all rsETH-related contracts, and major lending platforms began freezing affected markets. ([https://t.co/yxB106i5Uw](https://t.co/9OxQJcEWwa)) The attack exploited a “spoofed receipt packet” through LayerZero’s messaging system, with the critical vulnerability being that the bridge’s receipt verification was configured to accept approval from only a single validator (1-of-1). This allowed the unauthorized release of rsETH from the bridge’s escrow, enabling the attacker to borrow heavily against the stolen tokens and withdraw funds. Technical details, transaction IDs, and forensic estimates are being progressively disclosed by specialized analysis platforms. ([https://t.co/nxOnLAhrAO](https://t.co/9E4fLTfvcE)) The impact spread rapidly. rsETH is wrapped and deployed across more than 20 chains, including Ethereum mainnet, Base, Arbitrum, Linea, Mantle, and Scroll. The reduction in bridge-held rsETH raised concerns about insufficient backing for rsETH on these chains. In response, Aave froze its rsETH market, and other lending and yield platforms followed suit by halting or withdrawing rsETH positions. The AAVE token also experienced a sharp decline, with short-term credit costs and insurance module implications becoming key focal points. ([https://t.co/yxB106i5Uw](https://t.co/9OxQJcEWwa)) On-chain analysis estimates that the amount actually recovered (cash assets withdrawn by the attacker via loans) falls within the range of $200–236 million, with Aave reporting approximately $177 million in “bad debt.” Aave’s insurance mechanisms—such as the Umbrella module—and inter-protocol loss absorption mechanisms are under close scrutiny; the extent to which these burdens fall on protocol reserves will influence future governance decisions. ([https://t.co/nxOnLAhrAO](https://t.co/9E4fLTfvcE)) KelpDAO and LayerZero have both committed to post-mortem analyses to determine the root cause and implement remediation. Security auditors and on-chain investigation teams are collaborating to trace transactions. This incident underscores once again how misconfigurations in bridges or message verification can be catastrophic for high-value assets. While avoiding definitive investment conclusions, it is essential to monitor official reports and follow-ups from all involved parties. ([https://t.co/yxB106i5Uw](https://t.co/9OxQJcEWwa))