Kelp DAO and Aave Prepare to Resume rsETH Operations After $292 Million Exploit Recovery

Kelp DAO and Aave are preparing to restart rsETH-related operations after making early progress in recovering from the $292 million exploit that struck the protocol in April. The attack remains one of the largest decentralized finance security breaches recorded in 2026.

Kelp DAO confirmed that 117,132 rsETH, the amount stolen during the April 18 exploit, will be gradually restored through transfers from the Aave Recovery Guardian and Kelp Recovery Safe into the LayerZero OFT adapter on Ethereum mainnet over the next two weeks.

rsETH Deposits and Withdrawals to Resume

According to Kelp DAO, rsETH withdrawals could reopen within 24 hours after the first recovery tranche is completed. Once smart contracts are reactivated, services including deposits, redemptions, bridging, and claims are expected to function normally again.

Security Upgrades Introduced After Exploit

Kelp DAO said it strengthened security across LayerZero bridging systems by requiring four independent attestors, increasing block confirmations from 42 to 64, and removing Layer-2 to Layer-2 routes. The platform is also moving toward Chainlink’s CCIP infrastructure for improved safety.

Aave and Arbitrum Continue Recovery Efforts

Aave confirmed that the attacker’s rsETH on Arbitrum has already been burned as part of the recovery process. Earlier, an industry-led recovery effort raised more than $300 million in ETH to reduce damage caused by the exploit, which investigators suspect may be linked to North Korea’s Lazarus Group.