Aave Proposes Stricter Risk Framework Following KelpDAO Exploit

Aave has proposed a new risk framework to enhance asset governance across its platforms, following the KelpDAO exploit in April 2026. The exploit involved attackers minting approximately $292 million in unbacked rsETH using KelpDAO’s LayerZero bridge, which highlighted vulnerabilities in bridge configurations and offchain infrastructure. The proposed framework consists of four layers: asset risk, bridging risk, monitoring and automated risk oracle systems, and chain risk. Each listed asset must meet stringent requirements, including audits and bug bounty coverage. Continuous asset reviews will occur quarterly, with additional reviews triggered by significant changes. Stricter rules for cross-chain assets will be implemented, including documented bridge routes and independent verifiers. The framework aims to improve incident response and asset freeze capabilities. Overall, the new standards are designed to mitigate risks and enhance the security of Aave's ecosystem.

Key Points: • Aave's new framework aims to set stricter risk standards across its platforms. • The KelpDAO exploit revealed significant vulnerabilities, leading to a $292 million loss. • Continuous asset reviews and stricter cross-chain asset rules are central to the proposal.