A $300 million hole doesn’t usually come with a careful repair manual. This time, the group leading the Kelp DAO recovery effort is attempting to write one.
DeFi United, a coalition of several blockchain projects and individuals across the crypto ecosystem, has outlined a detailed, step-by-step plan to restore support for rsETH after this month’s Kelp DAO hack sent shockwaves through DeFi lending markets, releasing more than 116,000 tokens that were not properly accounted for.
The proposal, posted on Aave’s official
The incident dates back to April 18, when an attacker exploited a vulnerability in the rsETH bridge. By forging a message that appeared legitimate, the attacker tricked the Ethereum side of the system into releasing 116,500 rsETH, making the system believe the funds had been moved when they had not, allowing the creation of a large batch of rsETH without support.
These tokens did not remain unused. They were spread across multiple wallets and deployed on DeFi, with a significant portion used as collateral on Aave and other lending platforms.
This is where the problem became systemic: protocols like Aave suddenly found themselves holding collateral that, at least temporarily, was not fully guaranteed.
According to the proposal, most of the mined funds are still in play. Around 107,000 of the original 116,500 rsETH remain stuck in active positions on Aave and Compound.
This leaves two issues to resolve at once: restoring actual support for rsETH itself and unwinding loans created using these additional tokens.
The DeFi United proposal aims to address both sides of this equation simultaneously.
On the support side, the group claims to have already made enough ETH commitments to fully re-collateralize rsETH. The plan is to inject this ETH back into the system in stages, converting it to rsETH and depositing it back into the system so that the token is fully backed up again.
At the same time, attention is focused on credit markets, where the damage is most visible.
Instead of letting things play out chaotically, the plan is to step in and carefully untangle the mess.
A big part of this is managing positions opened by the attacker on Aave. These are essentially rsETH-backed loans that should not have existed in the first place. Rather than waiting for these loans to collapse on their own — which could cause more market disruption — the proposal suggests giving the system a boost so they can be closed in a more controlled manner.
In practice, temporarily adjusting how rsETH is valued within the system will make it easier to liquidate or close out these bad positions. As these positions are unwound, the underlying assets (like ETH) can be recovered. The proposal estimates that this could free up around 13,000 ETH just for Aave.
Once this collateral is back in hand, it is converted to ETH and used to cover the deficit created by the exploit, essentially filling the hole left behind.
The process is not without risk. This depends on governance approval across multiple chains, successful deployment of committed funds, and successful execution of the settlement.
Still, the plan reflects a more coordinated response than DeFi has often managed before. If executed as planned, the end goal is simple: “support for rsETH is fully restored and all affected markets are stabilized,” as the proposal states.
Read more: Industry Leaders Invest Hundreds of Millions in Rescue Plan for Aave Users After Massive Crypto Hack
