Kelp, Explained

Kelp is a liquid restaking protocol built on Ethereum that issues rsETH, a fungible token representing restaked ETH positions across EigenLayer validators — letting holders earn restaking yield without locking capital in illiquid positions.

What Kelp Does and Why It Matters

The core problem Kelp solves is straightforward: EigenLayer's native restaking model requires users to commit ETH to specific operators and accept complex withdrawal queues. Kelp abstracts that away. Users deposit ETH or liquid staking tokens (LSTs) such as stETH or rETH into the Kelp protocol; the smart contracts handle operator selection and EigenLayer deposits; and depositors receive rsETH in return — a composable receipt that can be used across DeFi for lending, collateral, or liquidity provision.

Before the events of mid-2025, Kelp had grown into one of the largest liquid restaking protocols by total value locked, with rsETH integrated into major money markets including Aave and deployed across several EVM chains via cross-chain messaging infrastructure.

Benthic

Apr 19, 2026

View article →

Kelp DAO bridge exploit nets attacker $291M in rsETH, triggers $6.2B Aave withdrawal run

decrypt.co • Apr 19, 2026

Top Comment

Benthic

Apr 19, 2026

An attacker exploited Kelp DAO's LayerZero-powered bridge with a phantom message, minting $291M in rsETH on Ethereum without burning the corresponding tokens on Unichain. The stolen collateral was looped through Aave to borrow real assets, pushing WETH pools to 100% utilization, freezing user withdrawals, and triggering $6.2B in net Aave outflows by Sunday morning. Aave froze rsETH markets while Kelp paused contracts across mainnet and several L2s. AAVE dropped 16% to $90.13 and ETH slid 2% to $2,300 on the news.

The Architecture: rsETH and Cross-Chain Deployment

rsETH's value proposition depends on the token maintaining accurate backing — every rsETH should correspond to roughly one ETH worth of restaked assets. To make rsETH usable on chains other than Ethereum mainnet, Kelp relied on a bridge to mint and burn the token representation on networks including Arbitrum.

Cross-chain token bridges require a message-passing layer to synchronize state between chains: when rsETH is locked on mainnet, a corresponding message must be received and verified on the destination chain before tokens are minted there. For this function, Kelp used LayerZero, a widely-deployed cross-chain messaging protocol that routes messages through a system of Decentralized Verifier Networks (DVNs) — independent entities tasked with attesting that a message on the source chain is legitimate before it can be executed on the destination.

The security model of any DVN-based bridge depends critically on how many independent verifiers must agree before a message is accepted. A "1-of-1" configuration — a single verifier whose attestation is treated as sufficient — offers no meaningful decentralization and creates a single point of failure.

The $292 Million Exploit

In 2025, attackers exploited exactly this weakness. According to Kelp's own postmortem and LayerZero's subsequent admission, the rsETH bridge was operating with a 1-of-1 DVN configuration, meaning a single compromised or malicious verifier could authorize arbitrary cross-chain messages.

Attackers — subsequently identified by on-chain analysts and threat intelligence firms as the North Korean state-affiliated group TraderTraitor, responsible for several large crypto heists — exploited this configuration to forge bridge messages and mint rsETH on Arbitrum without any corresponding ETH being locked on mainnet. The resulting unauthorized rsETH was then used to drain protocol reserves and liquidity pools.

The total loss was approximately $292–$293 million, making it one of the largest DeFi exploits on record. LayerZero later issued a public apology, acknowledging the single-verifier setup as a critical mistake in its default configuration guidance, and admitted fault in not catching the misconfiguration before it was exploited at scale.

Danicjade

Apr 20, 2026

View article →

Following the $292M Kelp DAO rsETH exploit, 15+ protocols have frozen LayerZero bridging. Here is the full list

𝕏/@CatfishFishy • Apr 20, 2026

Top Comment

Benthic

Apr 20, 2026

Aave shedding $6B in TVL on a $292M loss shows how fast the market repriced rsETH collateral across 20 chains — backing ratios aren't verifiable without auditing every LayerZero endpoint that mints the wrapped asset. Kelp ran single-verifier against LayerZero's own published integration checklist, which puts this closer to Ronin's validator compromise than a contract bug. Compromising RPC nodes and DDoS-forcing failover is new tradecraft, but the root cause is the same lesson bridges have been dodging since 2022: single-verifier trust doesn't scale past nine figures.

Immediate Fallout: Frozen Funds, Legal Proceedings, and the Arbitrum Vote

The exploit set off several simultaneous recovery efforts, each moving on different timelines and governance tracks.

Arbitrum Governance. A significant portion of the stolen rsETH had been deployed on Arbitrum. Because the Arbitrum DAO controls certain protocol-level emergency powers over contracts deployed on its chain, the community debated whether to vote to freeze and ultimately release approximately $70–71 million in ETH that had become inaccessible following the exploit. After considerable debate about governance overreach — critics argued that unilateral asset intervention set a dangerous precedent — the Arbitrum DAO voted to authorize the release, and the frozen ETH was subsequently unlocked to assist in Kelp's recovery.

U.S. Courts. In a parallel track, Aave — which had significant rsETH exposure through its money market — sought legal relief to unlock a separate tranche of approximately $71 million in ETH. A judge in the Southern District of New York delayed Aave's initial bid until early June while the broader recovery coordination continued.

Hacker Laundering. On the theft side, recovery prospects narrowed quickly. On-chain tracking reported that the TraderTraitor-linked wallets laundered approximately $220 million of the unfrozen funds through mixing and chain-hopping techniques, closing what had been a brief window during which intervention might have recovered a larger share. The speed of the laundering operation — typical of state-sponsored groups with established financial obfuscation infrastructure — left investigators with limited recourse.

Recovery: rsETH Restoration

Despite the losses, Kelp's team moved to restore protocol functionality. Five weeks after the exploit, the team announced that rsETH had been fully restored — meaning the token's backing ratio had been brought back to 1:1 through a combination of recovered funds, Arbitrum governance relief proceeds, and restructuring of protocol reserves.

Deposits and withdrawals were subsequently reopened. For users holding rsETH on networks that Kelp decided to wind down as part of the post-exploit restructuring, the protocol set a June 15, 2027 deadline to complete rsETH recovery from sunset networks, with a 100 USDC processing fee per redemption — giving affected holders over a year to act while the team concentrated resources on supported chains.

Operations with Aave, including resumption of rsETH as a borrowable and collateral asset, were coordinated between the two teams and restored as recovery milestones were met.

Danicjade

May 14, 2026

View article →

Kraken replaces LayerZero with Chainlink for kBTC bridging after $292M Kelp exploit, migrating more than $3B in locked crosschain assets

Coindesk • May 14, 2026

Top Comment

Benthic

May 14, 2026

$260M kBTC is the appetizer: Coinbase already picked CCIP for ~$7B of wrapped tokens, and Solv moved $700M+ of BTCFi inventory after Kelp. Once bridge config starts getting priced like counterparty risk, LayerZero’s 1-of-1 DVN/defaults debate stops being CT drama and becomes collateral haircuts, venue listings, and lending-market limits. Kraken choosing CCIP for Ink, ETH, Unichain and OP means wrapped BTC issuers are now competing on transport security as much as custody.

LayerZero's Response and the Broader Bridge Security Reckoning

The Kelp exploit accelerated a shift in how major protocols think about cross-chain infrastructure. LayerZero's public postmortem acknowledged that its default DVN configuration guidance had not sufficiently emphasized the risk of minimal verifier setups, and committed to changes including:

• Updated documentation explicitly warning against 1-of-1 or low-k setups
• Enhanced tooling to surface DVN configuration to auditors and deployers
• Improved monitoring to flag underprotected deployments

However, for many large protocols, acknowledgment was not sufficient. Kraken announced it was replacing LayerZero with Chainlink's Cross-Chain Interoperability Protocol (CCIP) for its kBTC bridging infrastructure, migrating more than $3 billion in locked cross-chain assets. Virtuals.io similarly announced a migration of over $700 million in $VIRTUAL from LayerZero to Chainlink CCIP. Across the ecosystem, analysts estimated that more than $2.5 billion in TVL shifted away from LayerZero-dependent infrastructure in the months following the exploit, as protocols prioritized enterprise-grade verifier redundancy over LayerZero's more permissive configuration model.

Chainlink CCIP's design — which uses Chainlink's decentralized oracle network as the verification layer with multiple independent node operators — was widely cited as offering stronger default security assumptions, at the cost of somewhat higher latency and fees.

What the Exploit Revealed About DeFi Security Architecture

The Kelp incident is instructive on several systemic levels:

Configuration risk is deployment risk. The LayerZero protocol itself was not compromised. The vulnerability was in how Kelp's bridge was configured. This distinction matters: audits of smart contract logic do not catch misconfigured operational parameters unless auditors are specifically tasked with verifying deployment configurations against security best practices. Many bridges in production likely have similar latent misconfiguration risks.

Cross-chain complexity multiplies attack surface. A protocol secure on mainnet becomes as secure as its weakest cross-chain link. rsETH on mainnet was not directly exploited — the attack entered through a bridge that minted tokens without proper verification. Every cross-chain deployment of a token adds a new set of assumptions that must hold simultaneously.

State-sponsored attackers operate at professional scale. TraderTraitor's attribution, if accurate, means the attack was planned and executed by a group with established laundering infrastructure, significant operational security, and the ability to move hundreds of millions within days. Recovery windows for state-sponsored theft are measured in hours, not weeks.

Governance coordination under pressure works, but slowly. The Arbitrum DAO vote and the legal proceedings both ultimately served Kelp's recovery, but they operated on timelines of weeks to months — far slower than the attackers moved. This asymmetry is structural to decentralized governance and cannot be easily resolved without pre-authorized emergency mechanisms, which themselves introduce centralization risk.

Ripple effects hit adjacent protocols. Aave's exposure to rsETH created collateral risk that required active coordination. SparkLend adjusted its wBTC caps in response to post-exploit systemic uncertainty. A large exploit in one protocol is rarely contained — it propagates through any DeFi money market with shared collateral.

Kelp DAO's Governance Structure

Kelp operates as a DAO with token-based governance over protocol parameters including fee structures, operator selection, and risk policy. The DAO became a visible actor during the recovery period, coordinating with Arbitrum governance and communicating timelines to rsETH holders. The centralized pace of some recovery decisions — particularly around which networks to sunset — highlighted the ongoing tension in DeFi governance between speed of response and decentralization of decision-making.

Outlook

Kelp's restoration of rsETH full backing and the resumption of deposits and withdrawals represents a meaningful operational recovery from what could have been a terminal protocol failure. Whether user confidence fully returns — measured in TVL growth back toward pre-exploit levels — will depend on the security posture Kelp adopts for future cross-chain deployments and the durability of its integration with Aave and other money markets.

For the broader ecosystem, the LayerZero aftermath is still resolving. The mass migration toward Chainlink CCIP suggests that enterprise-scale protocols are willing to pay for verifier redundancy that LayerZero's flexible model did not enforce by default. Whether LayerZero's configuration improvements are sufficient to rebuild institutional trust, or whether the Kelp incident permanently shifted capital toward more conservative bridge designs, will become clearer as the migration wave either stabilizes or continues.

The 2027 deadline for rsETH recovery on sunset networks serves as the operational endgame for the exploit's direct victims. After that date, the Kelp incident will have closed — but its influence on how DeFi bridges are configured, audited, and governed will persist considerably longer.