Aave records $6 billion TVL drop as Kelp hack exposes structural risk at DeFi lender

Aave just watched $6.6 billion walk out the door, and it’s not because anyone hacked Aave.

The protocol’s total value locked dropped from $26.4 billion on April 18 to nearly $20 billion in U.S. morning hours on Sunday, per DefiLlama. The AAVE token fell 16% to $92, and daily fees spiked to $1.99 million as liquidations ripped through the weekend.

Depositors are running because Aave is carrying a hole it did not create. When attackers drained 116,500 rsETH from Kelp’s bridge on Saturday, they dumped the stolen tokens on Aave V3 as collateral and borrowed wrapped ether against them.

On-chain trackers put the Aave-specific borrow at roughly $196 million, with total positions across Aave, Compound and Euler around $236 million.

Aave is the largest lending protocol in DeFi, where users deposit crypto to earn yield and other users borrow against collateral. Kelp is a liquid restaking protocol, which takes ether that has already been staked on Ethereum and routes it through a separate yield-generating system called EigenLayer, issuing a receipt token called rsETH in exchange.

That rsETH is what users trade and, critically, what some users posted on Aave as collateral to borrow against.

On Saturday, attackers tricked Kelp’s cross-chain bridge into releasing 116,500 rsETH, about $292 million worth, to an address they controlled. They then deposited that stolen rsETH onto Aave V3 as collateral and borrowed wrapped ether against it.

A bridge is a blockchain-based took that transfers tokens between different networks, where they may not be originally supported.

Aave first said the Umbrella reserve would cover any deficit. By Saturday afternoon the language had softened to “explore paths to offset the deficit.” That is not how a protocol talks when it knows how much it owes and has the money to pay it.

The concentration explains why the damage lands here. Aave’s loan book spans 22 chains, but Ethereum alone holds $14.24 billion of the $17.82 billion in outstanding borrows. WETH is 39.49% of all loans on the protocol, meaning the attack hit the exact collateral-to-WETH pair that dominates Aave’s book.

Stani Kulechov, Aave’s founder, said the exploit was external and the protocol’s contracts were not compromised. But Aave accepted a liquid restaking token as collateral, and that token’s backing vanished on a bridge Aave does not control. The depositors lose either way.

Liquid restaking tokens were whitelisted across every major lending protocol because they carried yield and represented growing share of Ethereum’s locked value.

The risk models priced them as if they would hold peg under normal conditions. However, none of them priced a scenario where the collateral goes to zero because a bridge on a chain Aave does not touch got exploited on a Saturday.

“AAVE is the backbone of DeFi, has billions in there, and pretty much every single new DeFi infrastructure on new chains is a fork of it,” trader Altcoin Sherpa wrote on X. “When AAVE has contagion risk, it shows the fragility of the entire system.”

What the token price is trying to answer now is whether Umbrella is big enough to cover the hole, and whether stkAAVE holders who back that reserve are about to eat the loss.