On May 4, Tydro, a non-custodial lending protocol built on Ink and powered by Aave, paused all markets after detecting issues with a third-party oracle provider. The protocol, which holds over $247 million in deposits and $206.7 million in active loans, stated the pause was ‘out of an abundance of caution’ and that user funds remained safe, but offered no timeline for restoration. The shutdown comes just two weeks after Tydro participated in a coordinated DeFi relief effort for Aave following the April 18 exploit that drained approximately $290 million from the lending giant.
That exploit, attributed to North Korea's Lazarus Group, involved the minting of uncollateralized rsETH tokens via a KelpDAO bridge vulnerability. The attacker used the worthless collateral to borrow real assets, triggering over $15.1 billion in outflows from Aave as its deposits plummeted from $48.5 billion to $30.7 billion. Aave, along with Tydro and the Ink Foundation, had moved to mitigate bad debt and support affected lenders, but the fallout continues.
Meanwhile, a legal battle over $71 million in frozen ETH tied to the exploit is intensifying. In a May 6 hearing in Manhattan federal court, lawyers for victims of North Korean terrorism are seeking to preserve a restraining order by reframing the incident as fraud rather than theft. The filing argues that North Korea ‘borrowed assets from users of the Aave Protocol and did not pay it back,’ obtaining legal title to the assets through deception, much like a Ponzi scheme. This classification could allow victims to seize the frozen ether under the Terrorism Risk Insurance Act, potentially overriding Aave’s attempts to return the funds to users. Aave disputes the freeze, arguing the protocol does not custody assets, but its terms of service may weaken its standing. The outcome may set a precedent for how courts treat crypto tied to state-backed hackers in DeFi exploits.
