Aave service providers on Monday published an incident report quantifying the protocol's exposure to the April 18 Kelp DAO rsETH bridge exploit, outlining two bad-debt scenarios ranging from $123.7 million to $230.1 million, and recommending an immediate pause of the protocol's Umbrella safety module.
According to the report, posted to the Aave governance forum, 89,567 of the 116,500 rsETH stolen from Kelp's LayerZero bridge were deposited across seven attacker-controlled wallets on Aave. Those positions borrowed 82,650 WETH ($190.86 million) and 821 wstETH ($2.33 million).
The single largest position, on Aave’s Ethereum Core market, supplied 53,000 rsETH and borrowed 52,460 WETH, or $121 million, from one wallet. The remaining positions were distributed across Aave's Arbitrum deployment. All attacker positions currently sit at health factors between 1.01 and 1.03.
To continue reading this as well as other DeFi and Web3 news, visit us at thedefiant.io
