The Risk Management Core Team has just been ousted, and Aave is now facing a $200 million default.

On the early morning of April 18, 2026, a few hours after the KelpDAO attack, Solidity developer 0xQuit posted on X.

「I wish I could bring better news, but it seems like WETH on Aave is toast. If withdrawals are possible, do so, but it might be too late. Post-Umbrella settlement, normal deposits should be partially withdrawable. This is a huge blow to the DeFi vision.」

At the time of this post, Aave's founder Stani Kulechov had just posted another statement on the same platform: rsETH has been frozen, Aave's smart contracts are 「unharmed,」 the issue lies with KelpDAO. The two posts were rolling side by side on the same timeline.

Both posts state facts, but they address different questions. Stani answers who made the code move, 0xQuit answers who will bear the consequences.

The answer is: no code was moved. And the consequences fall on everyone who deposited WETH into Aave, thinking they were just earning some interest.

Over the six months leading up to the attack, Aave's governance system greenlit every decision that made this possible. No one hacked any code. Someone used an approved set of rules to have the protocol collapse as designed. This is worth getting straight.

Twelve Days

On April 6, Chaos Labs founder Omer Goldberg posted on X announcing that Chaos Labs' collaboration with the Aave DAO would officially end.

Over the past three years, Chaos Labs has led Aave's risk parameter management. During this period, Aave's TVL grew from $5.2 billion to over $26 billion. Behind each billion-dollar increase, Chaos Labs' models calculated the boundaries: what parameters could be pushed, what couldn't.

Goldberg gave three reasons for the departure. One is a fundamental disagreement on risk strategy, especially after the introduction of the new architecture in Aave V4. Second, the significant increase in operational complexity brought by V4 was not adequately compensated for. Third, even under a $5 million budget scenario, Chaos Labs remained in a loss-making position, making it economically unsustainable.

“This partnership no longer reflects how we believe risk should be managed,” he wrote.

Aave's response came quickly. Stani Kulechov stated that the protocol would not halt its operations, and the risk management entity LlamaRisk would take over all responsibilities, with the "two-layered risk management system continuing to be in place." LlamaRisk then issued a statement, pledging "full operational continuity," and submitted a formal renewal proposal to the Aave DAO within a week. Externally, this was seen as an orderly transition.

Three days later, on April 9, LlamaRisk, as the new risk manager, submitted the first set of routine adjustments: increasing the supply cap of rsETH on the Aave V3 mainnet from 480,000 to 530,000 tokens. The rationale provided was on-chain data, healthy utilization, sufficient liquidity, and concentration well within thresholds. No anomalies were noted.

Nine days later, on April 18 at 17:35 UTC, an attacker on the Ethereum mainnet called the LayerZero EndpointV2 contract, injecting a forged cross-chain message into the rsETH bridge contract of Kelp DAO. The bridge contract did not detect that the message was fake. 116,500 rsETH tokens flowed to the attacker-controlled address.

Forty-six minutes later, Kelp DAO's emergency pause mechanism was triggered, thwarting the attacker's subsequent two additional theft attempts, which together amounted to around $100 million. However, the initial batch could not be recovered. The attacker's target was approximately $390 million, of which they obtained three-quarters.

Prior to the pause mechanism activation, the attacker had deposited the stolen rsETH into Aave V3 as collateral, borrowing a significant amount of WETH and ETH. Following the spread of the attack message, the market price of rsETH began to collapse, causing the collateral value to evaporate. Positions that were technically solvent became unliquidatable. Bad debt was thus incurred.

The Document That Was Never Written

On January 19, 2026, the Aave community passed governance proposal 434. The core of the proposal was to add WETH to rsETH's LST E-Mode, while increasing the maximum loan-to-value ratio for rsETH in this mode from 92.5% to 93%. The numerical changes were minor, but the implications were clear: users could borrow $93 worth of WETH on Aave using $100 worth of rsETH.

The proposal is driven by the ACI (Aave Chan Initiative, Aave's core governance facilitator). The proposal text outlines the expectation: by introducing the rsETH/WETH circular strategy to absorb idle ETH liquidity in the protocol, it is anticipated to bring in "up to $1 billion of rsETH inflow," while optimizing the utilization rate of the WETH pool.

The proposal has another, more direct, rationale, which is to "stay competitive" with ezETH and weETH. Since competitors' LRT assets have already received similar parameters on Aave, rsETH should also align.

This is a common decision-making logic in DeFi called competitive benchmarking. What your competitor has, you should have as well; otherwise, liquidity will drain away. In the context of pursuing capital efficiency, this logic is almost impeccable. It also has an inherent one-way pressure, where parameters can only be increased, not decreased. Any proposal aiming to tighten parameters will be labeled as "weakening competitiveness." The result is an industry drifting in the same direction without questioning where it is drifting to.

When you turn to the governance document of Proposal 434, one thing is missing: a risk assessment report specifically addressing the question, "Can the LTV of rsETH be increased to 93%?" When rsETH was first listed in November 2024, LlamaRisk submitted a comprehensive collateral risk assessment, analyzing rsETH's yield accumulation mechanism, smart contract structure, and liquidity characteristics. However, that report answered the question "Can rsETH be listed on Aave." When Proposal 434 raised the LTV to 93%, the rationale in the governance document was based on benchmarking and protocol revenue expectations.

Two other DeFi protocols that accepted rsETH provided different answers. SparkLend set the LTV for rsETH at 72%, while the Fluid protocol's fixed minimum collateral ratio equates to approximately a 75% LTV. Both froze the rsETH market within hours of an attack. Aave's figure is 93%. The extra 21 percentage points bring a competitive advantage.

On April 6, Chaos Labs announced its withdrawal from Aave's risk management. On April 9, the newly appointed LlamaRisk submitted a routine Risk Stewards adjustment proposal, increasing rsETH's supply cap from 480,000 to 530,000 tokens. The reason cited was on-chain data health, normal utilization, sufficient liquidity, and acceptable concentration of positions. All metrics are on-chain.

Those on-chain metrics record the circulation status of rsETH within Aave, how many people are using it, whether the risk is diversified, and if the liquidity is sufficient. What they do not cover is: what kind of bridge rsETH crossed before reaching Aave.

An Unread Alert

In the early hours of March 10th this year, the Ethereum blockchain saw a series of unusual liquidation transactions. 34 highly leveraged positions using wstETH as collateral were liquidated one after another without any warning. Before users could react, liquidation bots had already completed the operation.

The trigger was a configuration error in Aave's CAPO oracle system, where a snapshot rate discrepancy with the snapshot timestamp led to a reported wstETH price of around 1.1939, while the actual market rate was around 1.228. The deviation was 2.85%, almost negligible under normal circumstances.

However, in E-Mode environment, a 2.85% price underestimation was enough to push 34 highly leveraged positions past the liquidation threshold, resulting in approximately $27 million in erroneous liquidation losses. From Chaos Labs' Edge Risk system issuing recommendations to BGD's AgentHub executing in the next block, and then the liquidation bots performing the operation, the entire chain of events unfolded within minutes. There was no window left for human intervention.

Post-event, Chaos Labs released an analysis report. The conclusion was: "The event does not reflect a flaw in the underlying CAPO or off-chain risk oracle design but rather an on-chain configuration discrepancy due to different update constraints on the snapshot rate and timestamp."

A configuration issue, not a design flaw. An accident, not a warning.

Aave, through a governance proposal, provided full compensation to affected users from the recovery fund and DAO treasury. The matter was thus closed. A later industry report stated, "Despite this event, Aave's overall deposits and borrowing remained stable in early 2026, with no substantial weakening of confidence in the protocol's core design."

Six weeks later, the term "core design" would face another test on a different scale.

The Bill Arrives

Approximately an hour after the attack, Stani Kulechov emphasized on X that Aave's smart contracts themselves were "unaffected." There were no technical issues, no code was compromised, no private keys were stolen, the contracts operated precisely as they were intended.

The problem lies here. When rsETH suffered an attack and a sharp drop in value, E-Mode's "highly correlated" design backfired: the system continued to consider the significantly devalued rsETH as valid collateral, preventing the normal liquidation of borrowed WETH and ETH. The mechanism designed to increase capital efficiency turned into a mechanism that locked up bad debt in extreme situations.

The estimated scale of the bad debt is between $177 million and $200 million (according to various sources such as Phemex and Yahoo Finance), with the total borrowed amount by the attacker exceeding $236 million (according to CryptoBriefing). With 116,500 rsETH as collateral, under a 93% E-Mode LTV, one could borrow up to around $272 million WETH, approximately $62 million higher than the limit of a standard 72% LTV. E-Mode compressed the safety buffer from 28% to 7%, making the position vulnerable to even a slight price fluctuation.

Aave has a security mechanism specifically designed for this situation called Umbrella. Users can deposit aWETH into Umbrella's safety vault to earn additional yield. In the event of a protocol deficit due to bad debt, these assets will be automatically burned to cover the losses without requiring governance voting. Users who actively choose to deposit are mostly those who understand the mechanism's design, are willing to trade their principal for a higher yield, and are willing to support the protocol's safety net. Umbrella was launched at the end of 2025, replacing the old Safety Module, and this is its first real test.

There is approximately $50 million worth of WETH in Umbrella available to absorb losses (according to Forbes). The scale of bad debt ranges from $177 million to $200 million, leaving a gap between the two numbers of around $127 million to $150 million.

This portion is borne by non-depositing ordinary WETH depositors. According to official Aave documentation on the Umbrella mechanism, after the collateral assets are burned, "the remaining WETH suppliers should be partially withdrawable, but full recovery is not guaranteed, and depositors may face a haircut." The term "haircut" means a partial loss of the principal.

On the night of the attack, Marc Zeller spoke out. He is the founder of ACI and a key proponent of Proposals 205 and 434, and will be leaving Aave in July this year. He dismissed external "extreme estimates" of the bad debt size, stating that the actual number was "much lower than that figure," and urged users to withdraw WETH from Aave V3 to reduce risk. He also added that "this event will effectively test Umbrella," as if it were a stress test rather than users' actual principal loss.

On that day, the AAVE token fell by 10.27%, closing at $105.73. This happened while the bad debt size was still undetermined, and a large number of WETH depositors were waiting for the Umbrella settlement.

Epilogue

The 0xQuit post was widely circulated on the night of the attack. Many of those who posted it were WETH depositors in Aave. Before reposting it, they read those few lines over and over again. "After the Umbrella settlement, normal deposits should be partially withdrawable." How much is "partially"? What does "normal" mean? What does the word "should" imply?

The final sentence of 0xQuit was, "This is a huge blow to the DeFi vision." The DeFi vision includes a principle: your assets, your rules, and no one can make decisions on your behalf behind your back.

Those decisions were made in the past six months, in the text of governance forum proposals. There was no hacker breaking in with brute force, and no single code vulnerability that predetermined this outcome. It was the repeated pursuit of "efficiency," the disregard for "signals," and a crucial window of inactivity that together issued this bill. The cost of governance is ultimately borne by those who neither participated in governance nor knew that governance had ever taken place.

The code ran as approved. The bill was sent to those who were not part of those approvals.