Aave has successfully executed a controlled liquidation sequence on rsETH collateral from the April 18th KelpDAO attacker's positions on the lending protocol. Approximately 89,567 rsETH was seized from the attacker across the Ethereum mainnet and Arbitrum V3 markets.

A temporary oracle adjustment put the attacker's rsETH positions into a liquidatable state, after which the collateral was seized and swept to a recovery guardian multisig. The guardian flag was enabled, payloads executed, and then the flag was disabled, with all configuration changes fully reverted upon completion.

No other users were affected by the liquidation process. The recovered rsETH is now being redeemed for ETH through Kelp's standard redemption procedure, with the resulting ETH used to clear the deficit across affected Aave markets on Ethereum and Arbitrum. The full restoration of rsETH backing remains in its final stages.

Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created

• EIP-8250 Keyed Nonces.

• ACTA extension for ERC-8004.

• Kelp migrates rsETH to CCIP.

• a16z Crypto $2.2b fund.

Thiery, Wahrstätter, Lightclient, and Vitalik proposed replacing the single sender nonce in frame transactions with a keyed nonce system, where each key operates as an independent replay-protection domain. The change eliminates a throughput bottleneck for privacy protocols, routing multiple users through one shared address. Vitalik has framed it as a first step toward a broader state scaling strategy for Ethereum. EIP-8250 is targeted for the Hegota upgrade. Read more →

The Ethereum Foundation PSE team introduced ACTA, a privacy extension to ERC-8004 that uses zero-knowledge proofs to let AI agents prove claims about reputation, jurisdiction, model provenance, without revealing underlying data on-chain. It addresses five gaps in ERC-8004, including its permanent public interaction graph and lack of anonymous reputation feedback. Read more →

KelpDAO is migrating rsETH to Chainlink CCIP following the April 18 exploit. Kelp says that LayerZero's own infrastructure was the cause, not just a Kelp misconfiguration. Kelp added that it detected the breach itself before LayerZero. LayerZero CEO Bryan Pellegrino disputed the claim, citing onchain records showing Kelp manually switched to the vulnerable 1-1 DVN configuration. Read more →

• Ethrex v11.0.0 release

• Ethresearch: Native proof verification

• Gerstein Harrow replies to Aave

• Aave increases v4 caps

• Alchemix increases v3 caps

• a16z Crypto $2.2b fund

• Abritrum security council members

• Lido stVaults products overview

• Tydro pauses markets

• Coinbase cuts 14% of staff

• Ekubo suffers $1.4m exploit

Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created

KelpDAO announced it is migrating rsETH from LayerZero to Chainlink's Cross-Chain Interoperability Protocol (CCIP) following the April 18 exploit that resulted in over $300M in losses. KelpDAO says the exploit originated within LayerZero's own infrastructure, not a misconfiguration.

KelpDAO also pushed back on LayerZero's public framing of the incident, arguing that the 1-1 DVN configuration was not unique to Kelp and was used by over 47% of LayerZero’s ecosystem at the time. Kelp also highlights that it detected the exploit itself and alerted LayerZero, rather than being warned by them.

LayerZero CEO Bryan Pellegrino responded to the claims, stating that KelpDAO started with a multiDVN setup of LayerZero Labs and Google, but later changed its configurations to the 1-1 DVN.

Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created