Justin Sun publicly offered the KelpDAO hacker negotiations for the return of funds after a hack totaling nearly $292 million. The incident has already spread beyond a single platform and hit Aave, where a large amount of bad debt has formed.
The attack occurred on April 18. The perpetrator withdrew 116,500 rsETH through a vulnerability in the bridge and used these assets as collateral in Aave v3. This triggered a chain reaction that affected liquidity and trust in the protocol.
The Hack Quickly Escalated Into Systemic Risk
The key issue is not just the size of the theft. The stolen tokens turned out to be unbacked, but were used as collateral for borrowing.
The hacker borrowed significant amounts of wETH. Since rsETH effectively lost its backing, the positions became unliquidatable. As a result, the system accumulated more than $200 million in bad debt. This is a critical scenario for lending protocols. The liquidation mechanism stops working.
Aave Takes the Main Hit
The Aave team responded quickly. rsETH markets were frozen on v3 and v4 versions to stop further risk spread.
At the same time, it was emphasized that the platform itself was not hacked. The vulnerability was outside its infrastructure. But for the market, this is secondary. The economic damage was concentrated specifically in Aave.
Justin Sun Acts Immediately
Justin Sun’s response was swift. He not only offered the hacker negotiations, but also began reducing his own risks.
According to onchain analytics, Sun withdrew more than 65,000 ETH, exceeding $150 million, from Aave shortly after the attack. The funds were transferred to Spark. This is an important signal. Major players are not waiting for events to unfold, but are acting proactively.
Liquidity Redistribution Accelerates
After the withdrawal, Sun’s total exposure in Aave dropped to about $380 million. At the same time, his positions in other protocols increased significantly.
This behavior increases pressure. When large holders reduce positions, it accelerates liquidity outflow. As a result, the protocol faces not only a technical problem, but also a crisis of trust.
Negotiation Offer Is a Signal to the Market
Sun’s public appeal looks unusual. He essentially proposed to the hacker to discuss terms for returning the funds. The meaning is clear. Losses of this scale can affect several major protocols at once. His statement carries a direct message. Destroying the infrastructure is not beneficial to any party.
Cause of the Attack Points to a Weak Spot
The incident is related to a bridge based on LayerZero. The vulnerability allowed forging cross-chain messages and issuing tokens without real backing.
This points to a structural problem. Bridges remain one of the most vulnerable parts of the ecosystem.
In this case, the situation could have been worsened by an architecture with a limited number of validators.
Pressure on Security Standards Is Growing
After the attack, industry participants began openly discussing the need to strengthen bridge security. This concerns moving to more complex validation schemes. In particular, to multi-node models. Such changes are inevitable. The scale of the incident shows that current solutions are insufficient.
What This Means for DeFi
The situation around KelpDAO and Aave is not an isolated case. It is an example of how risk quickly spreads through interconnected protocols.
One hack leads to collateral problems. Then to bad debt. After that, liquidity outflow begins.
This scenario repeats. And the market is once again reminded of systemic vulnerability.
What’s Next?
The immediate question is whether an agreement with the hacker can be reached. If some of the funds are returned, the pressure on Aave may ease. If not, the protocol will have to deal with the consequences on its own. This means a long recovery of liquidity and trust. For now, the situation remains tense. And it will determine market behavior in the coming days.
Read More: Polymarket Raises $400 Million at $15 Billion Valuation
