General Crypto
April 19, 2026
Circle Q1 Earnings Set to Reveal Stablecoin Strength
Hackers executed the Kelp DAO hack on April 18, draining $292 million worth of rsETH through a sophisticated rsETH bridge exploit. The attack used fake cross-chain messages via LayerZero to release reserves backing wrapped ether across more than 20 networks. Tron founder Justin Sun quickly offered to negotiate with the hacker. Kelp DAO paused contracts within 46 minutes, yet the incident stranded assets and forced lending platforms like Aave to freeze markets. This marks 2026’s largest DeFi exploit so far.
Also Read: Circle Q1 Earnings Set to Reveal Stablecoin Strength
Kelp DAO Hack Becomes the Biggest Crypto Exploit in 2026
On April 18 at 17:35 UTC, attackers executed the Kelp DAO hack, draining 116,500 rsETH worth $292 million. This rsETH bridge exploit stands as 2026’s largest exploit, leveraging a LayerZero vulnerability to release reserves.
The attacker, using a Tornado Cash-funded wallet, struck ten hours after funding, removing 18% of the rsETH supply and leaving wrapped ether stranded in compromised channels. Kelp DAO’s emergency multisig froze contracts within 46 minutes, but the market remains shaken.
Amid the fallout, Justin Sun issued a direct proposal to negotiate: “Kelpdao hacker, how much you want? Let’s just talk… It’s simply not worth it to sacrifice both Aave and KelpDAO.” Sun argued the hacker couldn’t spend the $300 million anyway, urging a settlement to save the protocols.
As Lookonchain tracks the stolen funds, DeFi watchers view this event as a definitive wake-up call for bridge security. The industry now waits to see if the hacker responds to Sun’s outreach or if the funds remain lost.
Also Read: Airlines Brace for Europe Jet Fuel Crisis Amid Iran Conflict
Impact of the rsETH Bridge Exploit on Layer 2 Networks
The rsETH bridge exploit sent shockwaves through Layer 2 ecosystems, causing immediate liquidity crunches on platforms like Arbitrum and Blast. As the LayerZero vulnerability compromised cross-chain trust, decentralized exchanges saw slippage skyrocket, leaving significant wrapped ether stranded in bridge contracts.
This fragmentation forced several L2 protocols to enter “risk-mitigation mode,” temporarily halting reward emissions to prevent further contagion. The Kelp DAO hack also triggered an automated de-pegging event for secondary liquid restaking derivatives. Arbitrageurs struggled to stabilize the market as RPC providers faced heavy congestion from panic-selling.
Governance forums are now debating mandatory “delay-locks” for high-value exits to prevent similar drains. Beyond the immediate theft, the event has prompted a migration of TVL back to Ethereum Mainnet, as users weigh the yield benefits of L2s against the systemic risks exposed by this breach.
