The $292 million exploit of Kelp DAO has set off a wave of reactions across the crypto industry, with developers and traders warning that the incident exposed deeper flaws in how decentralized finance (DeFi) is built. Data shared by market participants shows the immediate fallout spread far beyond the hacked protocol. “The rsETH hack is leading to withdrawals across all lending protocols, even on solana and unaffected protocols,” 0xngmi said in one post on Sunday, pointing to steep outflows including “Aave: -6,200m (-23%) net inflows” and smaller but notable declines across Morpho, Sky and JupLend. rsETH is liquid restaking protocol Kelp DAO's restaked ether and is a Liquid Restaking Token (LRT) that allows users to earn ether staking and restaking rewards while keeping their assets liquid, even when they are locked in staking. That pressure quickly turned into something more severe. One widely circulated post by Josu San Martin described cascading liquidity stress inside lending markets: “ETH depositors cannot withdraw the ETH so they are borrowing stables to ‘withdraw’ funds… This is a full on run on AAVE.” While Stani Kulechov, Aave's founder, said the exploit was external and that the protocol's contracts were not compromised, the depositors panicked. The total value locked (or deposits) dropped from $26.4 billion on April 18 to nearly $20 billion in U.S. morning hours on Sunday, per DefiLlama. The AAVE token also fell more than 18% as depositors scrambled to withdraw their money through the weekend. The exploit itself has become a focal point for engineers and developers. Several developers pushed back on early assumptions that the issue stemmed from core infrastructure. “The KelpDAO exploit (~$290M, is NOT a LayerZero protocol bug. It's a configuration issue and a case study every project with a cross-chain token needs to look at today,” one technical breakdown by cryptogoblin read. The thread detailed how a single verification point enabled the attack.