Aave on Tuesday published the technical proposal that will determine whether DeFi can claw back the $292 million Kelp DAO lost to North Korean hackers ten days ago. The two-part plan re-collateralises rsETH with fresh ETH and uses a temporary oracle adjustment to liquidate seven attacker positions stranded across Aave and Compound.
Aave on Tuesday published the technical proposal that will determine whether DeFi can claw back the $292 million Kelp DAO lost to North Korean hackers ten days ago. Backed by $303 million of pledged capital from a coalition the protocol has christened DeFi United, the plan does two things at once — and the second one is more interesting than the first.
The hack itself is settled fact. On 18 April, attackers minted 116,500 unbacked rsETH — roughly 18 per cent of the token's circulating supply — and laundered the proceeds through 20 chains using a misconfigured LayerZero V2 bridge route. Roughly 107,000 of those tokens are still sitting in active borrowing positions on Aave and Compound. The collateral is worthless. The debt against it is real.
That's the second problem. The first is the token itself. rsETH is a liquid restaking token; ordinarily it trades within basis points of ETH because every unit on the market is backed one-for-one with ether held in a Kelp vault. Right now it isn't. DeFi United's first move is to fix that. Consensys and Joseph Lubin pledged up to 30,000 ETH between them, Aave Labs CEO Stani Kulechov added 5,000 ETH from his own holdings, Lido proposed allocating up to 2,500 stETH, and Compound's DAO is contributing up to 3,000 ETH. The total commitments now sit at 132,650 ETH, enough to fully re-collateralise the missing supply. The pledged ETH will be converted to rsETH and fed back into the system in tranches so the token's peg holds.
The second move is where the engineering gets aggressive. Because the attacker's collateral is unbacked, ordinary liquidations don't work — there's no value to seize. DeFi United's solution is a temporary oracle adjustment on Aave's Ethereum and Arbitrum deployments, executed through governance proposals, that lets the protocol price the seven affected positions at a level enabling efficient liquidation. Aave estimates this could free up around 13,000 ETH from its books alone. Compound is implementing parallel mechanics on its end.
Adjusting an oracle to make positions liquidatable is the kind of move that, in any other context, would look like the precursor to a manipulation attack. Here it's coordinated, time-limited, and on-chain. Aave is essentially conceding that automatic liquidation logic does not anticipate scenarios where collateral becomes worthless overnight through fraud rather than market move. The fix is governance-driven and temporary, but it sets a precedent: lending protocols can rewrite their own price feeds when the alternative is leaving a hacker's bad debt parked indefinitely on the system.
The DeFi United framing is doing some narrative work, too. After three years of contributors quietly walking away — Chaos Labs ended its Aave engagement earlier this month — the protocol has needed a coordinated industry win. Joseph Lubin's statement struck the right note: "The Ethereum ecosystem has always been at its best when it moves together." Translation: nobody wants to be the protocol that did nothing while $292 million in unbacked collateral sat on a competitor's balance sheet.
The recovery plan is not without risk. Re-collateralising rsETH means the contributing DAOs are absorbing exposure to whatever residual technical issues remain in Kelp's contracts. The oracle adjustment is a one-shot tool — it works once, after a hack of this specific shape, and it requires governance speed Aave has not always demonstrated. The proposal will need to clear Aave's standard governance vote in the next few days, and Compound's its own.
None of this addresses the question of who actually pays. North Korea's Lazarus Group is the named perpetrator; the laundered ETH is presumably already being shuffled through mixers. The 132,650 ETH being committed to backstop the system is real money from real treasuries — Consensys, Lido, Compound, Aave's own. The contributors have been deliberately vague about whether they treat the commitments as loans, donations, or something more structured. For now the rescue is being framed as solidarity. If the recovered liquidations cover the gap, the contributors get most of their ETH back. If they don't, the math gets harder.
Roughly 9,500 rsETH of the original 116,500 has already moved out of Aave and Compound through orderly redemptions and OTC trades. The remaining 107,000 is the part that needs governance to act. The proposal's authors are aiming for execution within the week.
The Kelp hack was 2026's largest crypto exploit by some distance. The recovery effort, if it works, will be the largest coordinated DeFi response to one. That's a milestone of sorts. Whether it becomes a template for the next attack — or simply a one-off plumbing operation that worked because the right people were paying attention — depends on a vote that hasn't happened yet.
