TL;DR:
- Aave is reviewing every V3 asset and rewriting listing standards after a $230 million rsETH exploit tied to KelpDAO’s LayerZero-powered bridge.
- The attack allowed one verifier to approve a fake cross-chain message and mint 116,500 unbacked rsETH on Ethereum, creating unrecoverable loans.
- Aave will broaden reviews to bridges, oracles, custodians and operational security, while adding automated defenses and tightening supply and borrow caps across its V3 markets after the incident.
Aave is tightening its asset-listing framework after a $230 million rsETH exploit exposed a risk that did not come from Aave’s own smart contracts. The lending protocol’s postmortem traced the April attack to KelpDAO’s LayerZero-powered bridge, where a verification failure allowed forged collateral to enter the system. The unsettling lesson is that good code can still inherit bad collateral, because DeFi protocols increasingly depend on infrastructure outside their immediate contracts. Aave will now review every V3 asset and rewrite standards around that wider exposure for lenders, users and risk teams watching increasingly modular markets.
— Aave (@aave) May 31, 2026
Bridge risk forces a broader collateral review
The exploit centered on rsETH, KelpDAO’s restaked ether token, which represents a claim on ETH already locked for staking and reused for extra yield. To move rsETH across chains, KelpDAO used LayerZero bridge infrastructure. In the attack, a single verifier approved a fake cross-chain message, allowing 116,500 unbacked rsETH to be minted on Ethereum. Aave functioned as designed, but the asset it accepted was false, leaving the protocol with loans that could not be recovered once the collateral proved worthless. The failure converted bridge verification into lending risk inside Aave almost instantly.
That distinction is driving the overhaul. Aave said traditional reviews of volatility, liquidity and smart contract audits were not enough for assets whose value depends on bridges, verification networks and operational controls. Future collateral assessments will also examine bridge infrastructure, oracle dependencies, third-party contracts, custodians, operational security and secondary-market liquidity. The listing question is expanding from token risk to dependency risk, a shift that feels overdue but difficult, since DeFi assets often arrive wrapped in multiple systems that can fail far from the lending market itself, even if each component once appeared individually acceptable to listing reviewers separately.
Aave is also adding faster defenses after the exploit. One proposed mechanism would automatically cut an asset’s loan-to-value ratio to zero when predefined risk thresholds are breached, removing borrowing power before losses spread. Since the attack, risk managers have already made roughly 295 parameter changes across V3 markets, including 168 supply-cap reductions and 66 borrow-cap reductions. The immediate response is containment through tighter limits, but the broader message is more structural: asset listings can no longer be treated as isolated token approvals when cross-chain infrastructure, bridges and external validators can quietly determine whether collateral is real.
