Kelp DAO’s $292 million exploit has raised new questions about risk in the liquidity redemption and DeFi lending markets.
Summary
- Kelp DAO’s $292 million exploit has raised concerns about hidden risks in liquid buyout and lending markets.
- Aave, SparkLend, Fluid and Lido took risk control measures after rsETH markets came under pressure.
- The incident has reignited debate over whether yield stacking hides risk in connected DeFi protocols.
The attack reportedly affected the protocol’s rsETH bridge and involved 116,500 rsETH, or approximately 18% of the circulating supply.
The incident was not limited to Kelp DAO. Aave saw significant withdrawals, while SparkLend and Fluid suspended rsETH markets. Lido also suspended EarnETH, which was exposed to rsETH, although its main product stETH was not affected.
A post from a DeFi-focused account known as @whatexchange on
Stratified yield products face increased scrutiny
The post claimed that rsETH had gone through several layers before the exploit. Users first staked ETH via Lido and received stETH. This stETH could then be transferred into Kelp DAO and EigenLayer, where rsETH was created.
The rsETH token was later used as collateral on lending platforms such as Aave, SparkLend and Fluid. It was also linked via LayerZero to other chains, creating wrapped versions that depended on the same underlying asset.
The analysis compared this structure to mortgage products before the 2008 crisis. Both systems repackaged a core asset across multiple financial layers, while each layer built on the previous one functioning as intended.
Market Response Shows Hidden Exposure
After the Kelp DAO exploit, several DeFi platforms decided to reduce risks. Aave froze rsETH markets for several hours, while SparkLend and Fluid suspended similar markets. Ethena has also suspended LayerZero OFT bridges as a precaution, despite having no direct exposure to rsETH.
According to the post, more than $6.2 billion left Aave in less than 36 hours. The account said the main problem was not only the size of the exploit, but also the difficulty of mapping indirect exposure between protocols.
The message stated: “No participant, including the protocols themselves, can fully map their exposure network. » He adds that when users cannot check their exposure in real time, they often respond by withdrawing funds.
DeFi risk debate shifts to system design
The message also focused on bridge safety. He claimed that Kelp used a 1-of-1 verifier setup, meaning one node verified cross-chain messages before funds were transferred. The post claimed that this design created a single point of failure inside a product marketed as decentralized.
The analysis also called into question the accumulation of returns. He said each layer adds new risks, including validator shrinkage, takeover risks, bridging bugs, contract failures and loan liquidations.
The post states that users should not judge DeFi products by APY alone. He argued that higher returns often reflect hidden risk in multiple connected systems, not simple passive income.
The Kelp DAO exploit has become part of a broader debate about DeFi security, leverage, and transparency. The incident showed how an outage can affect users across multiple platforms, including users who have not interacted directly with Kelp DAO.
