Compound faced sharp backlash after it froze key activity across several markets in response to the Kelp DAO rsETH exploit, turning a risk control move into a user trust problem. The platform did not suffer the original hack itself, but the impact spread into lending markets fast enough that Compound and its risk partners moved to shut down parts of the system before losses could grow. That response may have reduced further damage, yet many users said the way it was handled left them feeling trapped, misled, and ignored.

The trouble began after Kelp DAO’s rsETH was hit by a major exploit in April 2026. Reports said more than 116,000 rsETH were drained, with losses estimated at about $292 million to $294 million. Because rsETH was used across DeFi, the shock did not stay inside one protocol. Lending platforms had to assess whether bad collateral, broken backing, or fast-moving liquidations could spread the damage. Compound reacted by pausing activity in affected Comet markets while new guardrails were prepared. Those steps were meant to protect the protocol, but they also blocked normal actions for many users. Sources at end.

On Compound, the pause settings created a hard split between what users could still do and what they could not. In paused markets, users could still supply assets, post collateral, and repay debt. But they could not withdraw liquidity, withdraw collateral, or open new borrows. That design became the center of the anger. Some users added funds and only then learned that the actions they cared about most were blocked. Others found they could not exit positions or pull out assets even when the risky exposure seemed small compared with the size of the market.

That is where frustration turned into something more serious. Some users accused Compound of misleading people because the app did not clearly warn them before deposits that the market was under a partial freeze. Others used stronger words and said the experience felt like a scam, not because they believed Compound had staged the exploit, but because the platform appeared to accept deposits while failing to make the limits obvious. In crypto, where users expect open rules and fast updates, that kind of mismatch can damage trust as much as a direct loss.

Compound’s side of the story was more technical. The protocol’s emergency controls were broad, not precise. Once a Comet was paused, the same switch blocked several actions at once. That meant the platform could not easily isolate only the bad collateral path and leave unrelated user flows untouched. Compound and Gauntlet later said they were preparing governance actions to cut rsETH exposure by setting caps and borrow loan-to-value settings to zero where needed. They also shared estimated reopening dates for Ethereum and layer-2 markets. From a risk view, that was a clear plan. From a user view, it still looked like a blunt tool hitting everyone in the same market.

The event also showed how much DeFi depends on front-end communication during a crisis. Users did not only want markets protected. They wanted warnings on the interface, simple explanations of what still worked, and clear notice before new deposits went in. Compound representatives later acknowledged that a stronger banner should have been live and apologized for the gap. That admission mattered, but it came after users had already posted complaints about failed actions, stuck funds, and unclear messaging.

The wider market helps explain why Compound acted fast. Aave, another major lending platform, also froze rsETH and wrsETH markets after the exploit and later reported large bad debt in WETH markets. That made clear that the danger was not just one token with a broken bridge. It was the chance that a damaged asset could move through lending systems, weaken collateral quality, and create losses faster than governance could respond. In that setting, Compound chose safety first. The problem is that safety first can still feel unfair when regular users bear the cost.

What happened on Compound is now about more than one exploit. It is about how a lending platform handles emergency controls, how it explains those controls, and how much friction users will accept when outside risk hits the system. The protocol moved to defend itself. Users saw blocked withdrawals, blocked borrows, and poor warnings. That gap fed the anger, the claims of misinformation, and the talk of scams. Even if the pause helped contain risk, the episode showed that in DeFi, protecting the protocol is only half the job. The other half is making sure users know exactly what is happening before they click deposit.

Aave price dropped hard after the Kelp DAO hack turned a bridge exploit into a wider DeFi liquidity crisis. The attack began when about 116,500 rsETH, worth roughly $292 million, was drained from Kelp DAO’s LayerZero bridge. Those tokens were then used as collateral on Aave V3 to borrow large amounts of WETH. That move left Aave exposed to bad debt after the rsETH tied to the exploit could no longer be treated as normal collateral.

The key point is simple. Aave was not hacked at the smart contract level, but it still took a major hit because the attacker brought damaged collateral into its lending system. In DeFi, that can be enough to trigger a crisis. Once users saw the size of the hole, they rushed to pull funds from the protocol. That pressure appears to be one of the main reasons Aave price fell so sharply over the weekend.

The panic was not limited to traders selling the token. It spread to depositors trying to withdraw assets from Aave’s core markets. Reports and governance posts showed that several major pools reached 100% utilization, which means all available liquidity had been borrowed out. When that happens, users cannot make normal withdrawals until liquidity returns. That turned a bad debt problem into a liquidity problem.

This is where the story became much worse. Early withdrawals by large players drained the easiest exit routes first. After that, users who stayed behind found themselves stuck in crowded markets with little or no available liquidity. That appears to have affected not only ETH markets but also major stablecoin pools such as USDT and USDC. In practical terms, some users could still see their balances on Aave, but getting the money out became much harder.

That created a second layer of risk. If core pools remain fully utilized, liquidations can become harder to process during a fast market move. In a lending protocol, liquidations are meant to keep bad debt from growing. But if there is not enough usable liquidity in the right market, that safety valve starts to weaken. In a flat market, that problem can stay hidden for a while. In a sharp sell-off, it can get serious very fast.

Some ETH depositors still had a narrow exit. They could sell their interest-bearing aTokens, such as aETH-linked positions, on decentralized exchanges at a discount. That is not a clean withdrawal. It is more like paying a fee to escape early. Stablecoin users had fewer options. Some tried to borrow against locked USDT or USDC positions and leave through other assets, often at a steep loss. That kind of behavior shows how quickly a liquidity squeeze can spread across a lending system.

Aave also faced a trust problem. Even users with no direct exposure to rsETH had to think about whether the protocol itself could absorb the damage. Estimates of bad debt varied across reports, with many placing it above $190 million and some even higher depending on how losses are measured. That uncertainty pushed more users to leave first and ask questions later. As more funds left, more markets moved closer to full utilization, which deepened the sense of crisis.

The damage also spread beyond Aave. Compound paused several markets in response to the Kelp DAO hack, while other DeFi apps reviewed their own exposure. That matters because many protocols use Aave as a base layer for lending, yield products, and treasury management. If liquidity gets trapped on Aave, the problem does not stay on Aave. It can affect other apps and users that rely on it behind the scenes.

Aave responded by freezing rsETH and wrapped rsETH markets to stop new risk from building. That was a containment step, not a full solution. The bigger issue is who takes the loss and how confidence returns. Kelp DAO, Aave governance, service providers, and users are now all part of that debate. For now, Aave price reflects more than market fear. It reflects a larger question hanging over DeFi: what happens when one broken asset jams the plumbing of the whole system.

Kelp DAO is facing a major security crisis after an apparent exploit on its rsETH cross-chain bridge drained about 116,500 rsETH, worth roughly $292 million at the time of the attack. Based on reporting and onchain data, the attacker appears to have used LayerZero messaging to trigger a release of funds from Kelp DAO’s bridge system. The incident quickly spread across crypto markets because rsETH is widely used in DeFi, especially as collateral in lending platforms.

The case matters because rsETH is a liquid restaking token. That means users deposit assets tied to Ethereum staking and receive a token they can move, trade, or use in DeFi while still keeping staking exposure. Kelp DAO built rsETH to work across many blockchains, and that is where the risk grew. LayerZero’s OFT, or Omnichain Fungible Token, standard is designed to move one token across many chains while keeping one shared supply. That makes cross-chain use easier, but it also means bridge security becomes central to the token’s safety.

Reports say the first successful drain happened at 17:35 UTC. Kelp DAO then used its emergency pauser multisig about 46 minutes later to freeze core contracts. That pause appears to have blocked two later attempts to drain another 40,000 rsETH. Kelp said it had identified suspicious cross-chain activity and was working with LayerZero, Unichain, auditors, and outside security experts to investigate the root cause. In plain terms, the attack seems to have hit the bridge logic that lets rsETH move between networks, not a normal wallet or simple front-end bug.

The attack also raised concern because the wallet tied to the exploit was reportedly funded through Tornado Cash before the incident. In DeFi exploits, that often signals an attempt to hide the money trail. Blockchain investigator ZachXBT flagged the attack soon after it happened, and market watchers began to focus on how much of rsETH’s supply had been affected. Reports said the stolen amount was about 18% of circulating rsETH, which is large enough to create stress across lending markets, price feeds, and risk systems.

That is why Aave moved fast. Aave froze rsETH markets on V3 and V4 and said its own smart contracts were not the source of the exploit. The bigger issue for Aave is bad debt. In lending, bad debt can appear when collateral loses value or cannot be liquidated in time. Aave’s own docs note that bridge and network risk can feed into this problem. Its Umbrella system was built as an automated onchain risk tool meant to help cover deficits, though Aave later softened its public wording and said it would explore ways to offset any deficit from this event.

This is also not the first rsETH problem. Kelp DAO had another incident in April 2025, when it paused deposits and withdrawals after a fee contract bug caused excess rsETH minting. Kelp said no user funds were lost in that earlier case, but the new exploit is far more serious because it appears to involve direct loss of funds at scale. That history matters. In crypto, one incident can be treated as a mistake. Two incidents in about a year raise harder questions about design, testing, and operational controls.

The bigger lesson from the Kelp DAO exploit is that DeFi risk does not stop at one protocol. A bridge attack can hit a token, then spread into lending markets, then affect users who never touched the bridge at all. That is the hidden cost of composability. Systems like Kelp DAO, LayerZero, and Aave are built to connect crypto markets, but strong connections also carry stress faster when something breaks. For users, the Kelp DAO exploit is a reminder that liquid restaking, cross-chain tokens, and DeFi yield can offer flexibility, but they also add layers of smart contract risk, bridge risk, and collateral risk that can all fail at once.

The Ethereum Foundation’s latest ETH sale has reopened a debate that many traders thought was already settled. On April 8, the foundation said it would convert 5,000 ETH into stablecoins through CoW Swap’s TWAP feature, a tool that breaks a large trade into smaller pieces over time to reduce market impact. That move made one thing clear: Ethereum Foundation treasury strategy still depends on selling ETH when it needs cash.

For months, part of the market had started to believe the opposite. After the foundation moved treasury assets into DeFi, borrowed against ETH collateral, and later launched a major staking plan, many investors began to think Ethereum Foundation selling pressure was fading. The idea was simple. If the foundation could earn yield from staking and tap DeFi for liquidity, maybe it would not need to sell as much ETH.

That reading now looks too strong.

The Ethereum Foundation had already signaled its direction in its treasury policy. The policy tied spending to a fiat operating buffer, not to a promise to hold ETH at all costs. In plain terms, the foundation still needs cash reserves in stable assets to pay for grants, research, staff, and other work. That means staking, borrowing, and ETH sales are not separate ideas. They are all parts of the same treasury system.

The timeline shows why the confusion grew. In February 2025, the foundation said it had deployed 45,000 ETH across DeFi platforms including Spark, Aave, and Compound. In May 2025, it borrowed $2 million in GHO against its Aave position. That mattered because it showed the Ethereum Foundation using DeFi instead of selling spot ETH right away. Then, on February 24, 2026, it announced a staking initiative built around about 70,000 ETH, with rewards flowing back to the treasury. By early April 2026, that staking target was almost complete.

But the sales never stopped. The foundation completed a 5,000 ETH over-the-counter sale in mid-March, and then came the April 8 ETH conversion into stablecoins. Selling and staking were happening at the same time. That matters because the full-year yield from a 70,000 ETH staking sleeve is still modest next to the foundation’s spending needs. With Ethereum staking yield near 2.7% to 3.0% in early April, that stake would generate only about 1,900 to 2,100 ETH per year. At around current ETH prices, that is far less than the value of one 5,000 ETH sale.

This is the key point that many retail investors missed. Ethereum Foundation staking can improve treasury efficiency, but it cannot fully replace treasury sales at current yield levels. The foundation’s own numbers make that plain. Its first-quarter 2025 grants alone totaled $32.6 million. That is much larger than what one year of staking rewards on 70,000 ETH is likely to produce. Once research, operations, and staff costs are added, the funding gap gets even wider.

That does not mean the treasury plan is failing. It means the treasury plan is working as written. A modern crypto treasury does not rely on one lever. It uses several. DeFi borrowing can give short-term liquidity. Staking can add yield. TWAP execution and OTC blocks can help manage how ETH is sold. Stablecoins can hold operating reserves with less volatility than ETH. Put together, those tools can reduce the speed and size of ETH sales, even if they do not eliminate them.

The future path still depends on ETH price. If Ethereum rises and the foundation keeps spending under control, it may be able to sell fewer coins while keeping its reserve target intact. If ETH weakens and spending stays high, it may need to monetize more ETH to protect its runway. That is because its reserve goal is measured in fiat terms, not in ETH terms. When the market falls, the “less selling” story can break down fast.

The bigger lesson is not that the Ethereum Foundation misled the market. It is that the market built a cleaner story than the facts supported. Ethereum Foundation treasury management was never just about staking. It was always a mix of staking, DeFi, borrowing, and periodic ETH sales. The April 8 move did not change that strategy. It only made it harder to ignore.