Growing blockchain exploits have put a strain on the DeFi sector, with losses exceeding $620 million in April, as reported by AMBCrypto.
DeFi lending giant Aave was directly impacted by the KelpDAO exploit.
The attackers created 116.5K uncollateralized rsETH and used it as collateral to borrow high-quality assets, leaving the protocol exposed.
As a result, Aave was left with more than $200 million in bad debt, triggering a sharp wave of capital outflows.
Why did Aave’s liquidity collapse so quickly?
This feat quickly tightened liquidity on Aave’s markets.
Within hours, users began withdrawing funds, pushing usage rates to extreme levels. WETH reserves have reached 100%, leaving no liquidity immediately available in the pool.
This change triggered broader releases across the protocol.
Aave saw approximately $16.4 billion leave the platform, with deposits dropping from $45.6 billion to $29.2 billion.
The increase in capital outflows pushed the platform’s total value locked (TVL) to $15 billion, levels last seen in November 2024.
Along with this, stablecoin usage on AAVE decreased by 54.2%, from $15.95 billion to $7.31 billion. At the same time, the amount of borrowed stablecoins decreased by 37.9%, from $10.6 billion to $6.63 billion.
Interestingly, as AAVE experienced increased capital outflows, investors and market participants sought refuge in Sparklend.
Sparklend’s TVL increased from $1.9 billion to $3.5 billion, a gain of over $1.3 billion. So, in the midst of this crisis, Sparklend absorbed significant funds, leaving Aave (AAVE), notably large entities.
What really broke inside Aave?
The exploit revealed how Aave’s liquidity was heavily tied to closure strategies. These strategies relied on depositing ETH-based assets like rsETH and borrowing Ethereum (ETH) to amplify returns.
Data from the Blockworks thread showed that 98.5% of collateral backing WETH borrowing came from ETH LST.
However, this created a concentrated risk structure rather than a diversified loan portfolio. When the exploit was detected, this structure quickly collapsed.
Depositors who were not directly exposed to rsETH still suffered losses because their funds secured these positions. This change revealed a key imbalance.
Aave treated all lenders the same, even when risk levels differed. Depositors took on higher risks without additional compensation.
Can Aave’s safety net absorb the damage?
With liquidity drying up, Aave’s Umbrella module faced its first real stress test. Umbrella was designed to absorb bad debts using staked junior capital.
However, the coverage appeared limited compared to the scale of potential losses.
In a modeled scenario, the safety net could cover only part of the deficit, leaving the rest of the losses to depositors or the DAO.
At the same time, growing utilization and lack of liquidity have weakened liquidation mechanisms, slowing recovery. This left markets in a holding pattern, with participants awaiting clarification before returning.
Final summary
- Aave absorbed over $200 million in bad debt after attackers created 116.5k unsecured rsETH and drained liquidity through leveraged borrowing.
- Capital shifted to more secure protocols like Sparklend, which gained more than $1.3 billion as investors prioritized liquidity and risk control.
