Key Takeaways
- Dragonfly’s Haseeb Qureshi says Aave has enough capital to absorb bad debt from the rsETH hack without breaking.
- A $292 million KelpDAO exploit involving unbacked rsETH triggered panic withdrawals, draining nearly $8 billion from Aave’s TVL in days.
- Arbitrum’s Security Council froze $100M (30k ETH) of stolen funds using emergency powers.
Decentralized finance (DeFi) is once again under pressure following a major exploit on KelpDAO’s rsETH bridge.
The attack, which drained roughly $292–293 million in unbacked rsETH tokens, quickly spilled into Aave, one of the largest lending protocols in the ecosystem.
While user withdrawals triggered a sharp drop in Aave’s total value locked (TVL), a prominent venture capital investor is pushing back against concerns, arguing the protocol remains resilient.
Dragonfly’s Vote of Confidence: Aave Can Absorb the Bad Debt
Dragonfly Capital Managing Partner Haseeb Qureshi offered a measured but optimistic assessment in a widely shared statement.
Drawing comparisons to past DeFi shocks—including the 2020 liquidation cascade, the 2022 Terra-Luna collapse, and the stETH depeg—he argued that such events have historically strengthened the ecosystem.
“DeFi has withstood severe shocks,” he noted, adding that protocols evolve through “repeated corrections,” much like traditional finance over time.
Crucially, Qureshi does not view the current situation as systemic.
He pointed to Aave’s capital reserves, saying the protocol “has enough capital to absorb bad debt” without breaking.
“The important thing is that these failures are not fatal. The heart of DeFi is risk-averse and robust. AAVE might take on some bad debt, but it has the equity to pay it. DeFi isn’t going away. And seeing the vigorous debate around how to improve it is exactly the process by which it keeps getting better.”
His comments come as Aave deals with an estimated $177–236 million in bad debt after attackers used stolen rsETH as collateral to borrow wrapped ETH (WETH) across V3 and V4 markets.
Aave moved quickly, freezing rsETH markets on both versions to prevent further borrowing.
Founder Stani Kulechov also clarified that Aave’s smart contracts were not exploited—the issue originated from KelpDAO’s LayerZero-powered bridge.
Fallout From the KelpDAO Hack: $8 Billion Leaves Aave
The exploit unfolded on April 18, 2026.
Attackers exploited KelpDAO’s cross-chain bridge to mint 116,500 rsETH (about 18% of the circulating supply) without proper backing.
Valued at roughly $292–293 million, those tokens were quickly deposited as collateral on Aave and other lending platforms.
Borrowers then withdrew large amounts of WETH, leaving Aave exposed to positions that could not be liquidated once rsETH lost credibility.
Within 48 hours, withdrawals accelerated sharply.
Data from DeFiLlama shows Aave’s TVL dropping from about $26.4 billion to $18.6 billion—a decline of nearly $8 billion.
This contributed to a broader $13 billion drop in total DeFi TVL, which fell from $99.5 billion to around $86.3 billion.
The AAVE token also declined by roughly 16–20% during the period.
Liquidity stress followed. Some pools reached near-100% utilization, temporarily limiting withdrawals.
Other protocols, including SparkLend, Fluid, and Curve, paused related activity, amplifying the impact across Ethereum and Layer-2 networks.
Analysts describe this as a “collateral contagion” event: a failure in one asset turned it into toxic collateral, exposing how interconnected DeFi systems can amplify risk.
Arbitrum Moves Fast: $100 Million in Stolen Funds Frozen
Arbitrum responded quickly.
The network’s Security Council used emergency powers to freeze 30,766 ETH (worth about $100 million) linked to the attacker.
Arbitrum moved the funds to a secure intermediary wallet, effectively removing a large portion of the stolen assets from circulation on Arbitrum.
The action targeted wallets tied to the exploit and, according to some observers, showed patterns consistent with past attacks linked to the Lazarus Group.
By acting quickly, Arbitrum limited further movement or laundering of the funds, giving protocols and investigators more time to respond.
A Stress Test for DeFi
The KelpDAO rsETH exploit stands as one of the largest DeFi incidents of 2026 and reinforces ongoing concerns around bridge security and collateral risk.
At the same time, the response from Aave’s market controls to Arbitrum’s intervention shows how the ecosystem is evolving.
Combined with reassurances from investors like Dragonfly, the episode suggests DeFi may be better positioned than in previous cycles to absorb shocks, even as risks remain.
Top Trending Crypto Articles
Prashant Jha is a seasoned crypto journalist based in Delhi, India, with a Bachelor’s Degree in Computer Science Engineering. Passionate about the evolving world of blockchain and cryptocurrencies, he has been a dedicated voice in the industry since 2018. Prashant’s expertise lies in regulatory reporting, where he unravels complex legal and financial developments with clarity and precision. Before joining CCN in 2024, he honed his craft at Cointelegraph, establishing himself as a trusted name in crypto journalism.
His coverage spans major industry events, including the high-profile collapses of FTX, Three Arrows Capital (3AC), and LUNA, offering readers insightful analyses of their regulatory and market implications. Prashant’s technical background enables him to bridge the gap between intricate blockchain technology and its real-world applications, making his work accessible to novices and experts.
Beyond his professional pursuits, Prashant is an avid music enthusiast, often exploring diverse genres to unwind. A sports lover, he has a particular passion for cricket and frequently engages in discussions about the game. His multifaceted interests and sharp journalistic instincts make him a valuable contributor to CCN, where he continues shaping the crypto landscape's narrative.
