WETH borrowing parameters on Aave V3 returned to pre-incident values across Ethereum Core, Ethereum Prime, Arbitrum, Base, Mantle and Linea on Monday, after more than 95 per cent of the unbacked rsETH from April's exploit was clawed back through liquidations.
Aave has restored wrapped ether loan-to-value ratios across six of its largest deployments to the levels they held before the Kelp DAO exploit drained $230 million from the lending market in April. WETH borrowing is back to pre-incident parameters on Ethereum Core, Ethereum Prime, Arbitrum, Base, Mantle and Linea, the protocol's risk providers said on Monday. It is the final operational step in what Aave has been calling Phase II of the recovery, and it amounts to a public declaration that the immediate systemic risk from the April 18 attack has been contained.
The contagion that justified the restrictions was specific and ugly. Attackers — later identified by multiple security firms as the Lazarus Group — drained 116,500 rsETH from Kelp DAO's LayerZero-powered bridge by exploiting a configuration flaw, then deposited the unbacked tokens as collateral on Aave V3 to borrow wrapped ether against them. Because rsETH is a yield-bearing restaked ether token, Aave's risk parameters had treated it as a comparable asset to ETH itself. The bridge breach meant 112,103 of the rsETH circulating across DeFi was no longer backed by anything, and Aave had unknowingly lent against it. The full sequence was laid out when Kelp DAO lost the $292 million in April and Aave's deposits haemorrhaged $6.6 billion in the days that followed.
The numbers since then have been better than the immediate panic suggested. Of the 112,103 unbacked rsETH, 106,993 has been recovered through coordinated liquidation actions — 89,567 through Aave's own liquidation engine and another 17,426 through Compound, which had similar exposure. That leaves a residual shortfall of roughly 5,200 rsETH, which the industry coalition known as DeFi United has pledged to cover. The coalition was formed in the days after the exploit and now manages a roughly $303 million pool of contributed capital, with Consensys providing 30,000 ETH and the rest sourced from a mix of foundations and treasury providers.
The shortfall is small enough to be a footnote, but the political battle around how it gets settled is not. Aave is still in court trying to unfreeze $71 million in recovered ETH that was caught in the immediate aftermath of the attack. The protocol filed an emergency motion in early May seeking access to the funds and has offered a $300 million bond if the court ultimately rules against it. That dispute is ongoing and independent of the WETH borrowing restoration; the legal status of the recovered ether is still tied up in proceedings between the various claimants.
LayerZero and Kelp DAO have spent the month trading public blame over which side bore responsibility for the bridge configuration that enabled the attack. LayerZero argues the integration was implemented incorrectly by Kelp; Kelp argues LayerZero's tooling did not flag the misconfiguration. Neither has paid for the gap. The attackers' wallets — believed to be North Korean — have not been recovered, and the funds that left the system through Tornado Cash and a series of bridge swaps in the hours after the breach are not coming back.
Aave's decision to restore the WETH parameters is a vote of confidence in the rsETH market's underlying solvency, but it is not a full vindication of the original risk model. Chaos Labs, one of Aave's longest-running risk providers, walked away from the protocol in early April — a departure that pre-dated the Kelp exploit but exposed the difficulty of pricing risk in restaked and tokenised assets whose backing depends on infrastructure outside the protocol's control. The Aave V4 upgrade, which went live on Ethereum mainnet in early April with a hub-and-spoke architecture designed to ringfence risk between asset categories, is now the architectural answer to the question the Kelp exploit posed. Phase II of the rsETH recovery is the operational answer to the immediate crisis.
For borrowers and lenders, the practical change is that WETH collateral on Aave V3 across the six restored networks now behaves the way it did before April 18. The emergency caps and reduced LTVs that had constrained borrowing capacity during the recovery have been lifted. Aave's total value locked has stabilised but not fully recovered to its pre-incident peak; the deposits that left in mid-April are still mostly sitting in competing markets or in stablecoin yield strategies.
The protocol has not signalled when, or whether, it will return rsETH itself to the V3 collateral list at pre-incident risk parameters. That question — whether restaked tokens with bridge-dependent backing belong in a top-tier money market — is the one the next exploit will answer for everyone. The April attack worked because Aave's risk model assumed the underlying bridge would not break. The new model, when it appears, will need to price that assumption explicitly rather than implicitly.
Phase III, if there is one, has not been announced. The most likely shape is a reworked collateral framework for restaked assets across V3 and V4, with explicit limits on how much unbacked supply can enter the system before automatic circuit breakers fire. That kind of redesign takes months; the WETH restoration took four weeks of liquidation work and a coalition fund. The harder question — what to do about the next Kelp — has not been answered.
