Aave has completed the first phase of its technical recovery for rsETH, the liquid restaking token compromised in a $292 million exploit on April 18. The protocol announced on May 12 that it burned the attacker’s remaining rsETH holdings on Arbitrum, neutralizing the immediate threat posed by the unbacked tokens.
The incident originated from a vulnerability in KelpDAO’s LayerZero-powered bridge between Unichain and Ethereum. The attacker forged a cross-chain message to mint 116,500 unbacked rsETH, which were then used as collateral on Aave V3 to borrow between $190 million and $236 million in WETH and wstETH. A global recovery coalition called DeFi United raised over $327 million in ETH commitments to restore the token’s backing, including contributions from Lido, EtherFi, LayerZero, and Aave founder Stani Kulechov.
On May 9, a U.S. federal judge amended an asset freeze, allowing the Arbitrum Security Council to transfer roughly 30,765 ETH (about $71 million) to an Aave-controlled wallet. With the burn now completed, Aave will progressively refill the LayerZero OFT adapter and reopen rsETH services over the next two weeks. Kelp confirmed that 117,132 rsETH will be restored, and withdrawals converting rsETH to ETH are expected to begin within 24 hours.
This recovery marks a departure from past DeFi exploits, relying on on-chain liquidation of the attacker’s positions, removal of unbacked tokens via the burn, and governance-coordinated reserve rebuilding rather than external bailouts or negotiated returns. Aave’s TVL has stabilized above $15 billion after initial outflows, and the overall effort is estimated to be 90% complete.
