Kelp DAO, Aave Advances rsETH Recovery
Ethereum liquidity recovery platform Kelp and decentralized lending protocol Aave have completed a series of steps to restore rsETH support, including burning the exploited rETH tokens.
Kelp DAO listed a post-exploit recovery for liquid staking token rETH on Tuesday, confirming that the hacker's tokens were burned on the Layer-2 Arbitrum network.
117,132 rETH – roughly $278 million at current prices – will be gradually recovered over two weeks using funds from the Aave Recovery Guardian multisignature wallet, which is controlled by the Defy United recovery team and Kelp's own recovery security.
The funds are transferred through the LayerZero OFT adapter, a smart contract responsible for locking, capturing, burning and releasing rETH during cross-chain transfers.
Kelp DAO, with a capitalization of $1.5 billion, has confirmed that rETH is fully supported on the mainnet and layer-2 networks.
The move to reclaim Liquid Staking Tokens will bring users the impact that this year's biggest DeFi will use one step closer to recovery.
Kelp was hacked in April when North Korea's Lazarus Group, widely believed to be the attackers, took its RsETH adapter bridge contract, the software that manages the platform's liquidity-retention token, and spent about $293 million.
Blockchain security firm OpenZeppelin reported at the time that no smart contract flaws had been publicly identified, saying that “the system has fallen into disrepair” and that it is a risk category that the DeFi industry is “persistently underweight.”
Tracking of embezzled funds. Source: Syvers
Withdrawal continues within 24 hours
Kelp says it will pause withdrawals “within 24 hours” after returning the first unit to the modern contract. All rETH operations, including deposits, redemptions, bridging and claims, will continue as normal after the contracts are reopened.
The protocol has completed a “security hardening pass” and connecting security now requires four independent credentials and 64 block authentications, but bypasses some Layer-2 lines.
Related: At least a dozen crypto entities have been attacked since the Drift Protocol Hack
It is also migrating to the ChainLink Cross-Chain Interoperability Protocol (CCIP) for “more robust cross-chain bridging.”
Distribution traders are not interrupted by DeFi hackers
Kelp is a popular liquidity staking protocol on Ethereum, primarily built on top of EigenLayer, where users deposit ETH or other supported liquidity staking tokens for additional production.
The total value of the protocol, which was locked in September 2025, reached an all-time high of more than $2 billion, but has since declined by about 26 percent to $1.55 billion, according to Defilama.
Cointelegraph reported this week that ETH derivatives traders have not been spared from the recent wave of DeFi exploits, with a sense of professionalism remaining despite heightened security concerns.
Magazine: Diffie's Billion Dollar Secret: Insiders Responsible for Hacking
