Categories: Crypto/NFTs

Kelp DAO Suffers $292 Million rsETH Exploit – Details


Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

Wu Blockchain reports that Kelp DAO has suffered a massive cross-chain exploit that drained approximately 116,500 rsETH, valued at nearly $292 million. The incident raises fresh concerns about the protocol’s security, coming less than a year after a previous disruption tied to a smart contract bug

Kelp DAO Response Prevents Additional Exploit Attempts

According to blockchain data, the attack on the Kelp DAO exploited a weakness in cross-chain communication, specifically targeting the bridge mechanism used to transfer assets across networks. The exploit was executed via a call to the “Iz Receive” function on LayerZero’s EndpointV2, which ultimately triggered the release of funds to an attacker-controlled wallet.

On-chain sleuth ZachXBT was among the first to uncover the breach, estimating losses exceeding $280 million across Ethereum and Arbitrum. The blockchain investigator also noted that the attack addresses had been initially funded via Tornado Cash, indicating a deliberate effort to conceal the funding sources for the highly coordinated attack.

https://twitter.com/KelpDAO/status/2045595819035046148?ref_src=twsrc%5Etfw” rel=”nofollow noopener” target=”_blank

In response to this attack, Kelp DAO implemented an immediate halt to all rsETH contracts across its mainnet and connected L2 networks. The protocol also froze activity across its core contracts and systems that cover deposits, withdrawals, and oracle functions. According to Kelp DAO, an ongoing investigation is underway with LayerZero and Unichain. 

Notably, the attacker attempted two additional transactions to drain another 40,000 rsETH, worth close to $100 million. However, Kelp DAO’s swift measures ensured both attempts failed, preventing losses from rising to $391 million.

Aave Freezes rsETH Contracts

In other news, the fallout has quickly spread beyond Kelp DAO, with lending protocols feeling immediate pressure. Aave, one of the largest DeFi lending platforms, responded by freezing rsETH markets across its V3 and V4 deployments.

However, Aave has clarified that its own smart contracts were not exploited, and the measure is purely precautionary to limit further debt exposure to rsETH as they assess the situation. Aave management is also committed to evaluating potential mitigation strategies if any bad debt emerges from the exploits.

https://twitter.com/aave/status/2045593585966252377?ref_src=twsrc%5Etfw” rel=”nofollow noopener” target=”_blank

rsETH itself is a liquid restaking token designed to represent staked ETH while enabling users to earn additional yield through restaking strategies. It plays a key role in cross-chain DeFi, allowing capital to move seamlessly across multiple networks, including Arbitrum, Base, and Scroll. The scale of the exploit is particularly damaging as the stolen funds represent roughly 18% of rsETH’s total circulating supply, representing a significant hit to both liquidity and user confidence.

ETH trading at $2,345 on the daily chart | Source: ETHUSDT chart on Tradingview.com

Featured image from Forbes, chart from Tradingview

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.



Source link

admin2

Share
Published by
admin2

Recent Posts

How an Energy Crisis Spreads Across Commodities

Key Takeaways Escalating disruption in the Strait of Hormuz has already taken out roughly 17%…

1 hour ago

Carney says Canada ‘faced down threats like this before’ amid U.S. trade war – National

Prime Minister Mark Carney said Sunday that Canada must work to correct “weaknesses” formed from…

2 hours ago

Met Police investigate potential Iran links to London arson attacks | News

The latest attack at a Jewish site in the UK capital occurs at Kenton United…

2 hours ago

Vancouver’s Lapu Lapu festival held as ‘part of healing’ from tragedy 1 year ago

The Filipino community and others in Vancouver will come together today to remember, celebrate and…

5 hours ago

Hopes Mount for Sustainable Bitcoin Rally

As of midday April 14th, Bitcoin was trading above $74,000 thanks to a rally of…

6 hours ago

Pope Leo tells Angola during huge Mass to ‘build hope’ | Religion News

On the third leg of his Africa tour, Leo urges Angola to move beyond “divisions”…

7 hours ago