On April 18, 2026, a severe vulnerability found in a third-party bridge infrastructure on the decentralized finance (DeFi) protocol Aave triggered a major security crisis across the Ethereum ecosystem. The exploit took advantage of a single-validator setup within the rsETH LayerZero bridge running on the Kelp protocol.
How the bridge vulnerability was exposed
Kelp’s LayerZero V2 bridge, which connects Unichain to Ethereum, relied on only one validator for approving all cross-chain messages. This so-called “single validator network” made it possible to manipulate on-chain data. By leveraging a type of attack known as RPC poisoning, the validator was deceived, resulting in 116,500 rsETH being released on Ethereum even though no tokens were actually burned on the source chain.
This fake message traveled via the bridge adapter and was processed on the Ethereum side. Despite the counter on the Unichain side remaining unchanged, the Ethereum bridge approved the transaction, releasing a large sum of rsETH tokens from the system.
Glossary: LayerZero is a multichain interoperability protocol enabling asset transfers and message passing between different blockchains. A validator (verifier) refers to the independent operator or entity that approves cross-chain operations on the bridge.
How the attacker acted on Aave
The attacker quickly distributed the 116,500 rsETH across seven different addresses, depositing 89,567 of these tokens as collateral into eight separate Aave V3 positions on Ethereum and Arbitrum. The attacker then borrowed 82,650 WETH and 821 wstETH against this collateral. By keeping the health factors of these positions between 1.01 and 1.03, the attacker minimized the risk of automatic liquidation, ensuring the withdrawn assets remained secure in their wallets.
Listing rsETH as collateral within the Aave ecosystem introduced a dependency on bridge-side validation. The vulnerability, therefore, originated outside the protocol itself, stemming from the bridge infrastructure.
Developers following the issue closely commented that adding rsETH as collateral brought the inherent risks of the underlying bridge infrastructure into the protocol.
Rapid response and immediate measures
The Aave team responded with extraordinary measures through its Guardian systems within just hours. On the evening of April 18, transfers of rsETH and wrsETH were frozen on Aave V3 and the collateral ratio was set to zero. All deposits and borrowing involving these assets were instantly disabled on Aave V4 as well.
Concurrently, Kelp froze 43,373 rsETH on its end. Over the next two days, WETH transactions were suspended on Ethereum, Arbitrum, Base, Mantle, and Linea networks. On April 21, the Arbitrum Security Council blocked 30,766 ETH linked to the attacker.
By April 23, rsETH reserves across multiple distributions had been entirely frozen, ensuring both the liquidation of attacker positions and the protection of other users.
Over $144 million recovered through industry collaboration
In the wake of the incident, the DeFi United consortium—including major liquidity providers such as Lido, Ethena, and Mantle—pledged to restore assets worth $300 million in total. The Aave LayerZero OFT adapter was replenished in five stages, with 116,131 rsETH of collateral fully recovered. This allowed normal operations to resume across the affected Aave markets.
