Kelp DAO Restores rsETH Bridging After 1st Tranche Transfer

On May 13, Kelp DAO and Aave announced the completion of the first tranche to restore full operations for rsETH after the recent hack incident, which is a liquid restaking token. The first batch of this transaction of rsETH was transferred by Aave into the LayerZero OFT Adapter under their plan to restore the operation with great coordination.

This is a major announcement as it will resume bridging, which will allow users to freely move rsETH between the Ethereum main network and different Layer 2 networks.

The update will provide major relief to users as well as the entire DeFi community after facing turmoil due to a cyberattack. According to the official announcement, rsETH contracts will be unpaused to allow withdrawals of tokens within the next 24 hours. After this, deposits for tokens are also expected to resume shortly after the announcement, along with exchange rates, which are expected to update within 48 hours.

This restoration of operations in some areas will also allow rsETH holders to get staking rewards that accumulated when the operations were closed.

“Remaining tranches from Aave’s recovery guardian and Kelp DAO will be sent over the next 2 weeks to fully refill the lockbox,” stated in the official post on X.

Kelp DAO and Aave Restore rsETH Operations

The latest announcement comes after Kelp DAO and Aave announced the completion of a major recovery process on May 12. They have burned the exploiter’s ETH holdings on the Arbitrum network. By doing this, they have destroyed the last batch of unbacked tokens, which were created after the hack. This process has helped Kelp DAO to restore the real backing for rsETH tokens with great supply integrity.

The joint operation between Aave and Kelp has led to the liquidation of Aave positions. They have also made a collaboration with Arbitrum governance to work on frozen assets.

On April 18, hackers linked to North Korea’s Lazarus Group exploited the Kelp DAO LayerZero bridge to steal rsETH tokens. They have taken advantage of loopholes present in the system of a one-of-one verifier on the cross-chain system. By using a fake message that came from another chain, a hacker has smartly deceived the bridge to release approximately 116,500 to 117,132 rsETH from the main network without proper backing. While hackers were executing this transaction, the cumulative worth of stolen tokens was approximately $292 million, which makes it the biggest hack of the DeFi sector.

After stealing these rsETH tokens, hackers have used the tokens as collateral on Aave, which is a leading lending protocol on Ethereum and Arbitrum. The hacker has then borrowed large amounts of Wrapped Ethereum and other assets against the fake tokens. This cyberattack has created “bad debt” for the lending protocol.

However, in response to this bizarre cyberattack, the entire DeFi community has reacted quickly. Aave has launched an operation to freeze the rsETH markets to avoid any further damage.

The Kelp DAO hack has created panic in the entire sector, as in just 2 days, around $13 billion worth of capital was wiped out from the sector.

The Kelp DAO hack has once again exposed the vulnerabilities present in the cross-chain bridges in the blockchain sector. Just because Kelp used a simple single-verifier setup to reduce the cost of operations. This has created a major loophole on the bridge, which allowed hackers to steal money by attacking nodes and false data.

After this cyber attack on Kelp, the DeFi platform has taken lessons. In yesterday’s post on X, Kelp revealed that they have changed, requiring verification from 4 independent attestors, increasing the block confirmations, and others. The platform is also planning to integrate more robust systems like Chainlink CCIP.

Aave is playing a major role in the recovery of the stolen tokens. To do this, the lending platform has announced the formation of the DeFi United program in collaboration with Kelp DAO and other DeFi platforms. They used on-chain tools and governance votes to liquidate attacker positions and recover assets. Other chains like Arbitrum have also frozen their funds. 

Not just this, they have filed an emergency motion to overcome a United States court restraining order. 

Right now, Aave Recovery Guardian multisig wallets are holding funds that are expected to be used in refilling the missing rsETH.

Another Day, Another Bridge Exploited: TAC Blockchain Suffers $3M Hack on TON-ETH Cross-Chain Bridge

On May 13, TAC Protocol faced a hack after the hacker stole approximately $3 million from its TON to Ethereum cross-chain bridge. In this hack, the hackers have stolen USDT, BLUM tokens, and other Jettons, which are tokens created on the TON network. In the latest post on X, TAC has confirmed this hacking incident.

TAC stated in the post, “We are actively working with law enforcement, SEAL 911, and our security partners to trace and block the stolen funds.”

TAC is a layer 1 blockchain, which is designed to connect Ethereum Virtual Machine-compatible decentralized applications with the Telegram TON blockchain. TAC is a major bridge to transfer assets between the Ethereum and TON blockchains. In this attack, hackers have likely exploited a cross-chain bridge, which is a major loophole in the bridge.

This hack has sparked a discussion in the DeFi sector amid the recent turmoil following the Kelp DAO hack. It is raising serious questions about the security of users’ funds on the cross-chain bridges.

Also Read: Kelp DAO Begins Recovering rsETH After the April Exploit

.