Aave recovers $71M ether

Aave didn’t just “get money back.” What happened is more specific — and more interesting. A New York federal judge on May 9 cleared the way for about 30,765 ETH, worth roughly $71 million, to move from an Arbitrum freeze wallet into Aave’s recovery process after April’s rsETH exploit. The money had already been trapped onchain. The news is that the legal and governance blockade around it just loosened. ### What actually broke? The original failure was not inside Aave. It was in KelpDAO’s rsETH bridge route from Unichain to Ethereum. On April 18, an attacker used a forged LayerZero message to release 116,500 rsETH on Ethereum without any matching burn on the source chain. Basically, the system minted economic claims without the backing that was supposed to sit underneath them. (coindesk.com) ### Why did Aave get dragged in? Because the attacker took that improperly released rsETH and used it inside Aave. The incident report says the exploiter spread funds across multiple wallets, supplied rsETH as collateral on Aave V3, and borrowed against it on Ethereum and Arbitrum. Aave’s contracts kept working as designed — but they were now holding collateral tied to an asset whose cross-chain backing had blown open. (governance.aave.com) ### Where does the $71 million come from? From one chunk of the attacker’s ETH that Arbitrum managed to immobilize. Arbitrum’s Security Council froze 30,765.67 ETH on April 21 and parked it at a designated address, with the expectation that governance would later decide what to do with it. A joint proposal from Aave Labs, KelpDAO, LayerZero, EtherFi, and Compound asked Arbitrum governance to release that ETH into a coordinated remediation effort. (governance.aave.com) ### So what changed this weekend? Two things lined up. Arbitrum governance approved the release plan, and Judge Margaret Garnett modified the restraining setup enough to let the transfer proceed while preserving outside claimants’ legal arguments over the funds. That second part matters because terrorism-judgment creditors had tried to keep the ETH frozen by arguing the exploit was tied to North Korea. The court didn’t erase that dispute — it just stopped it from blocking the recovery step. (forum.arbitrum.foundation) ### Is Aave now “made whole”? Not fully. The Arbitrum proposal spells out that the 30,765 ETH is only a partial fix. LlamaRisk’s incident analysis put the rsETH backing shortfall at about 76,127 rsETH at the time, and Aave’s later funding update said several recovery streams together covered only about 54% of the original shortfall. So this is a big chunk, not the end of the story. (coindesk.com) ### Why does this matter beyond one protocol? Because it shows what DeFi crisis management looks like when the code wasn’t hacked but the collateral stack broke anyway. Onchain tracing helped isolate assets. DAO governance created a release path. And then old-school courts still had to sign off before the money could move. That mix — smart contracts, emergency councils, token votes, and federal judges — is the real story here. (forum.arbitrum.foundation) ### What’s the catch now? Time and residual risk. Aave’s own funding update warned that the broader recovery still depends on outside parties reopening systems, finishing liquidations, and coordinating across protocols over the coming weeks. In other words, $71 million coming back is huge, but it doesn’t magically erase every hole the exploit opened. (forum.arbitrum.foundation) ### Bottom line? Aave just won the most tangible recovery step since the April 18 rsETH exploit. The protocol now has a court-cleared path to reclaim a frozen 30,765 ETH pile that otherwise might have stayed stuck in legal limbo. That sharply reduces the damage. But the deeper lesson is harsher — in DeFi, even when your own contracts are fine, someone else’s bridge can still hand you the bill. (coindesk.com) (governance.aave.com)