The protocols Kelp and Aave have commenced the recovery of assets following the April hack amounting to $292 million. Developers plan to return 117,132 rsETH within two weeks.
Kelp and Aave have successfully completed a series of steps for rsETH backing, including burning the exploiter’s rsETH on Arbitrum.
117,132 rsETH will be progressively refilled from Aave Recovery Guardian and Kelp Recovery Safe into the LayerZero OFT adapter on mainnet over the…
— Kelp (@KelpDAO) May 12, 2026
The first portion of funds will be transferred to the mainnet shortly. Following this, Kelp will reopen asset withdrawals—expected within 24 hours. Users will once again have access to deposits, minting, and cross-chain transfers.
The Kelp team has updated the security settings of the LayerZero bridge. Now, four independent nodes are required to confirm transactions instead of one, and the number of necessary blocks has increased from 42 to 64. The protocol has also begun transitioning to Chainlink’s CCIP technology.
Representatives from Aave confirmed the commencement of payouts and burned the rsETH tokens held by the hacker on the Arbitrum network.
The first set of steps in the rsETH technical recovery plan are complete, including burning the exploiter’s rsETH on Arbitrum. Progressively refilling the LayerZero OFT adapter and reopening rsETH operations will follow over the coming days. https://t.co/p1tiIzp5Nr
— Aave (@aave) May 12, 2026
Previously, the lending protocol team challenged in court the freezing of some funds imposed by lawsuits from terrorism victims against North Korea. The court allowed the transfer of assets to the protocol but prohibited their sale until a final decision is made.
LayerZero developers admitted fault in the incident. The company confirmed that the default security configuration was insufficiently protected for protocols with a large volume of locked funds.
In April, Kelp was attacked, allegedly by the Lazarus Group. This hack was the largest in the DeFi sector since the beginning of the year.
In May, Aave liquidated the remaining positions of the Kelp hacker in rsETH as part of the approved recovery plan.
Later, the Arbitrum community supported the transfer of 30,765 ETH worth $70 million to the DeFi United fund.