Aave Sees $300 Million Surge in Borrowing Amid Liquidity Crisis Following KelpDAO Exploit

The aftermath of the KelpDAO hack has triggered a chain reaction in stablecoin markets, resulting in unexpected outcomes. Within the first 24 hours following the attack, Aave users borrowed around $300 million against their USDT deposits, according to data from Chaos Labs. This borrowing surge is not driven by demand, but rather by users' inability to withdraw their funds due to maxed-out stablecoin pools. As a result, depositors are taking out loans against their own assets at a loss, simply to access liquidity. This phenomenon can be likened to a bank refusing to process customer withdrawal requests, prompting customers to take out loans on their deposits out of desperation. A pseudonymous head of strategy at Spark, a rival DeFi lending platform, noted that the illiquidity in Aave's stablecoin markets has led to a $300 million increase in borrowing with USDT collateral. To comprehend how a single exploit on KelpDAO resulted in the simultaneous locking of every stablecoin exit on Aave, it is essential to understand the underlying mechanics of the system and where it failed. Aave is a decentralized finance protocol that enables users to lend and borrow cryptocurrencies without intermediaries. Users deposit assets into lending pools and earn interest, while others borrow from these pools by posting crypto assets as collateral. The system is designed to self-correct through interest rates, but it relies on the core assumption that there is always sufficient liquidity for lenders to withdraw their deposits and for borrowers to unwind their positions. When this assumption breaks down, the entire system collapses. The KelpDAO exploit, which involved the manipulation of the protocol's bridge infrastructure to release 116,500 rsETH tokens, triggered a chain reaction that ultimately led to the $300 million borrowing surge on Aave. The exploit allowed an attacker to borrow real ETH and other assets against fake tokens, resulting in a significant loss of liquidity. Aave's subsequent freeze on rsETH markets stopped the bleeding but also set off a chain reaction that produced the borrowing surge. As the news of the exploit broke, large investors withdrew billions of dollars worth of cryptocurrencies from Aave's liquidity pools, draining the pools and causing utilization rates to reach 100%. This, in turn, led to a $300 million secondary borrowing surge, as trapped depositors borrowed against their locked assets at a loss, simply to extract any liquidity from the system. The incident serves as a reminder that decentralized finance does not mean risk-free, and that even seemingly secure systems can be vulnerable to exploits and liquidity crises.