•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
DeFi United, the multi-protocol coalition formed after the April 18 Kelp DAO bridge exploit, has published a detailed technical recovery plan aimed at restoring full backing for rsETH and unwinding the attacker’s remaining positions across Aave and Compound.
The plan operates on two tracks: staged rsETH re-backing and a governance-approved liquidation process to recover assets from affected lending positions.
Committed ETH from ecosystem contributors will be converted into rsETH in staged tranches and deposited into Kelp DAO’s bridge lockbox contract, identified as the RSETH_OFTAdapter. The objective is to restore rsETH full backing at the token’s current Kelp exchange ratio of 1.07 ETH per rsETH.
In parallel, the coalition will transfer recovered rsETH to a DeFi United multisig. The multisig will then redeem the rsETH through Kelp’s standard redemption process and use the proceeds to clear the remaining deficit.
Both LayerZero and Kelp have implemented new security measures ahead of any bridge restart. DeFi United said it chose a staged deposit approach rather than a single lump-sum commitment to validate the measures in a live production environment before deploying the full balance.
A governance-approved liquidation sequence is designed to recover an estimated 13,000 ETH from eight affected Aave V3 positions across Ethereum and Arbitrum, and roughly 16,776 ETH from Compound.
Total disclosed pledges have surpassed $300 million. Reported commitments include a 30,000 ETH contribution from Consensys and founder Joe Lubin, a pending 25,000 ETH Aave DAO treasury proposal, and prior contributions from Mantle (30,000 ETH), Stani Kulechov (5,000 ETH personally), EtherFi, Ethena, LayerZero, and others.
Separately, the Arbitrum Security Council had already frozen 30,766 ETH worth roughly $71 million tied to the exploiter’s address. Aave, Kelp, and LayerZero have since proposed releasing those funds into the recovery effort via Arbitrum governance.
The April 18 exploit, attributed with preliminary confidence to North Korea’s Lazarus Group, involved an attacker forging a cross-chain message through Kelp’s single-verifier LayerZero bridge configuration. This enabled the minting of 116,500 unbacked rsETH worth $292 million.
The attacker then used the unbacked rsETH as collateral on Aave V3 to borrow roughly $190 million in wrapped ETH and wstETH. The resulting collateral impairment contributed to a $10 billion decline in Aave total value locked (TVL).
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
