Aave announced June 1 that it has restored full liquidity to its lending pools following a $300 million cross-chain exploit that threatened the protocol's cash reserves. The decentralized finance protocol mobilized a $300 million industrywide rescue fund and secured an emergency federal court order to replace the drained assets, shield depositors from losses, and restore normal borrow-and-lend operations. The announcement came more than a month after an attacker exploited a third-party bridge operated by Kelp and Layerzero, minting 116,500 counterfeit rsETH tokens and using them as collateral to siphon out 82,650 wrapped ethereum and 821 wrapped staked ethereum from Aave's V3 platform.
Attacker Exploited Kelp-Layerzero Bridge to Mint Counterfeit Collateral
The attacker exploited a third-party bridge operated by Kelp and Layerzero by fabricating cross-chain messages. The hacker minted 116,500 counterfeit rsETH tokens and deposited them into Aave's V3 platform as collateral. The attacker immediately used the fake rsETH as collateral to borrow 82,650 wrapped ethereum (WETH) and 821 wrapped staked ethereum (wstETH). The sudden mass withdrawal structurally weakened Aave's core liquidity pools, forcing risk managers to freeze affected markets to prevent a cascading run on the platform's capital.
Aave Labs Mobilized $300M Recovery Fund with Industry Coalition
Aave Labs helped mobilize an emergency coalition of major industry players, including Lido, Ether.fi, Ethena and Compound. Together, the group structured a $300 million recovery fund. This capital injection effectively backstopped the compromised rsETH assets, guaranteeing that every dollar of user deposits remained fully collateralized by authentic reserves.
Federal Court Granted Emergency Transfer of $71M Recovered Funds
On May 1, judgment creditors in an unrelated federal case intercepted the recovery process. The creditors obtained a restraining notice that froze roughly $71 million in ethereum that had been clawed back from the attacker and was slated to refill Aave's pools. Aave responded by filing an emergency motion in U.S. federal court on May 4. Four days later, on May 8, a judge granted a crucial modification to the freeze, permitting the immediate transfer of the $71 million back into Aave's direct custody. This legal breakthrough allowed developers to instantly route the funds back into the protocol's active lending pools, restoring the liquidity depth required for safe market operations.
Aave Executed 295 Parameter Updates and LTV0 Circuit Breaker
With capital reserves fully replenished and pre-exploit market parameters restored, Aave is overhauling its risk architecture to insulate its liquidity from future third-party systemic failures. To prevent future attackers from converting exploited tokens into liquid protocol assets, Aave developers executed 295 individual parameter updates, heavily slashing borrowing and supply caps across 168 separate asset pools. Additionally, the protocol is implementing an automated LTV0 (loan-to-value zero) circuit breaker. Going forward, if any asset's underlying cross-chain infrastructure experiences a security breach, the system will instantly strip that asset of its collateral value. This ensures that compromised tokens can no longer be used to borrow or drain authentic liquidity from Aave's markets.
Frequently Asked Questions
What did Aave announce on June 1?
Aave announced on June 1 that it has restored full liquidity to its lending pools following a $300 million cross-chain exploit. The protocol mobilized a $300 million industrywide rescue fund and secured an emergency federal court order to replace the drained assets and restore normal borrow-and-lend operations.
How did the attacker exploit Aave's platform?
The attacker exploited a third-party bridge operated by Kelp and Layerzero by fabricating cross-chain messages to mint 116,500 counterfeit rsETH tokens. These fake tokens were deposited into Aave's V3 platform as collateral and immediately used to borrow 82,650 wrapped ethereum and 821 wrapped staked ethereum.
What security measures did Aave implement after the exploit?
Aave executed 295 individual parameter updates, slashing borrowing and supply caps across 168 separate asset pools. The protocol also implemented an automated LTV0 circuit breaker that will instantly strip any compromised asset of its collateral value if its underlying cross-chain infrastructure experiences a security breach.
