Aave just saw $6.6 billion walk out the door, and it’s not because someone hacked Aave.
The protocol’s total value locked fell from $26.4 billion on April 18 to nearly $20 billion in US morning hours on Sunday, according to DefiLlama. The AAVE token fell 16% to $92, and daily fees soared to $1.99 million as liquidations spread over the weekend.
Depositors are fleeing because Aave has a hole it didn’t create. When attackers drained 116,500 rsETH from the Kelp bridge on Saturday, they dumped the stolen tokens into Aave V3 as collateral and borrowed ether wrapped against them.
On-chain trackers put Aave’s specific lending at around $196 million, with total positions in Aave, Compound and Euler at around $236 million.
Aave is the largest lending protocol in DeFi, where users deposit cryptocurrencies for yield and other users borrow against collateral. Kelp is a liquid recovery protocol, which takes ether that has already been staked on Ethereum and routes it through a separate yield generation system called EigenLayer, issuing a receipt token called rsETH in return.
That rsETH is what users trade and, fundamentally, what some users posted on Aave as collateral to borrow.
On Saturday, attackers tricked Kelp’s cross-chain bridge into releasing 116,500 rsETH, worth approximately $292 million, to an address they controlled. They then deposited that stolen rsETH into Aave V3 as collateral and borrowed wrapped ether as collateral.
A bridge is a blockchain-based socket that transfers tokens between different networks, where they may not be originally compatible.
Aave first said the Umbrella reserve would cover any shortfall. By Saturday afternoon the language had been softened to “explore avenues to make up the shortfall.” That’s not how protocol talks when you know how much you owe and have the money to pay it.
Concentration explains why the damage comes here. Aave’s loan portfolio spans 22 chains, but Ethereum alone holds $14.24 billion of the $17.82 billion in outstanding loans. WETH represents 39.49% of all loans on the protocol, meaning the attack affected exactly the collateral-WETH pair that dominates Aave’s book.
Stani Kulechov, founder of Aave, said the exploit was external and the protocol contracts were not compromised. But Aave accepted a liquid recovery token as collateral, and the backup of that token disappeared on a bridge that Aave does not control. The depositors lose in any case.
Liquid recovery tokens were whitelisted by all major lending protocols because they generated yield and accounted for a growing portion of Ethereum’s locked value.
The risk models set them as if they maintained parity under normal conditions. However, none of them considered a scenario in which the warranty reaches zero because a bridge in a chain that Aave does not touch was blown on a Saturday.
“AAVE is the backbone of DeFi, it has billions in there and virtually every new DeFi infrastructure on new chains is a fork of it,” Altcoin trader Sherpa wrote on X. “When AAVE is at risk of contagion, it shows the fragility of the entire system.”
What the token price is trying to answer now is whether Umbrella is big enough to cover the hole and whether the stkAAVE holders backing that reserve are about to take the loss.
