How Aave Recovered From Its $293M Bridge Exploit in 40 Days

 



On April 18, 2026, a single forged message inside a cross-chain bridge triggered what became the biggest decentralized finance exploit of the year. The target was not Aave's code. It was the bridge Aave trusted.

Kelp's LayerZero V2 bridge from Unichain to Ethereum was running a one-of-one verification setup, meaning one signer confirmed every cross-chain transaction. That signer got compromised through an RPC-poisoning attack. The result was 116,500 rsETH released onto Ethereum mainnet with no corresponding burn on the source chain. An attacker used those tokens as collateral on Aave and walked out with roughly $230 million in real assets.

What happened after is less covered but more important. Aave did not collapse. Within 90 minutes, the Protocol Guardian froze the affected markets. Within 48 hours, a coalition of DeFi protocols was already forming to restore backing for affected users.

That coalition, called DeFi United, eventually pulled together over $300 million in recovery commitments. Lido, EtherFi, Ethena, Mantle, KelpDAO, LayerZero, Compound, and Consensys all contributed. Aave Improvement Proposal 478 liquidated the attacker's eight positions on May 6. Five tranches of rsETH then refilled the LayerZero adapter between May 13 and May 26, restoring full backing.

Legal complications added a second layer. The Arbitrum Security Council had frozen 30,765 ETH from the attacker on April 21. In May, judgment creditors in an unrelated federal matter tried to seize it through a Manhattan court restraining notice. Aave LLC filed an emergency motion. That legal question was still open as of May 31.

The post-mortem Aave published this week covers the full incident timeline, the response actions, the five-tranche recovery, and the risk infrastructure improvements now underway. A new Technical Asset Listing Framework went to governance on May 28. A Bridge Assessment Framework is coming. The bug bounty was raised fivefold.

For anyone using DeFi lending or holding liquid restaking tokens, this incident is the clearest case study available on what bridge configuration risk actually costs in practice and what a coordinated DeFi recovery effort looks like when it has to move fast.

Read the full breakdown, including charts, the five-tranche timeline, and the legal update, at CryptoNewsLive.org.

Comments

Post a Comment

Popular posts from this blog

Ripple Is Building XRPL's Defense Against Quantum Computing, and the Clock Is Already Running

Image
  Ripple has released a detailed plan to protect the XRP Ledger from quantum computing threats, and the timeline it has set is not aspirational. The target is full post-quantum cryptography readiness by 2028, with active work already underway in 2026. The roadmap runs four phases. The first is an emergency contingency for a scenario where quantum computers break classical cryptography ahead of schedule. Ripple calls this Q-Day readiness. In that scenario, the XRP Ledger would enforce a hard network shift, stopping classical public-key signatures and requiring users to migrate to quantum-safe accounts. The second and third phases cover 2026. Testing begins on NIST-recommended post-quantum algorithms under real XRPL workload conditions. Performance, storage, and bandwidth costs all get measured. Then hybrid deployment begins on Devnet, running quantum-resistant signatures alongside existing ones before anything touches the live network. Project Eleven, an organization working on cr...
Read more

Hoskinson Just Said Everything Nobody Else Will Say About Crypto in 2026

Image
  Charles Hoskinson spent over an hour on the O Show with host Wendo in April 2026 and covered ground that most crypto founders avoid in public interviews. The Midnight Network mainnet went live on March 31 with nine institutional node operators including Google Cloud, MoneyGram, Worldpay, Telegram, Vodafone's Pairpoint, eToro, Bullish, Blockdaemon, and Shielded Technologies. That alone is a headline. But it was not the most important thing he said. The AI agent argument is where this interview breaks from the usual. His position is that zero-knowledge proofs are not primarily a privacy feature. They are the only mechanism by which AI agents can verify each other's behavior. When an autonomous agent is managing your funds across multiple blockchains while you sleep, it needs mathematical proof infrastructure underneath it to constrain what it can do, protect your data without exposing it, and settle value in real time without a middleman. Midnight is being built for that future...
Read more

Everclear Is Gone and the $500M Volume Story Should Worry Every DeFi User

Image
 Everclear, the cross-chain settlement protocol that processed $500M in monthly volume, announced this week that it is shutting down. The Foundation and Labs entities are winding down operations. The product UI is already offline. The chain is non-operational. This is not a rug pull. It is something arguably more instructive: a protocol that built real volume, real technology, and real partnerships, and still could not survive. The team's own explanation makes it plain. Users were highly price-sensitive. The solver-based model that Everclear was built around never developed the revenue depth it needed, even with hundreds of millions of dollars flowing through the system monthly. A B2B2C pivot was attempted. Major industry names signed on. But the timelines to go live were longer than the runway the team had left. Acquisition talks were explored. They did not succeed. The CLEAR token has lost more than 52% of its value in seven days. A potential buyback is being explored in the ...
Read more