Aave Founder Stani Kulechov: Multiple Plans to Systematically Address KelpDAO Crisis Risks
Aave founder Stani Kulechov stated on X that the team is working with multiple partners to advance several plans aimed at an "orderly return to normal market conditions" after the crisis, while ensuring optimal outcomes for Aave users. He emphasized that the current focus is entirely on the Aave protocol and its users, expressing gratitude to industry developers for their assistance during the incident. Stani pointed out that the Arbitrum Security Council has used emergency powers to freeze and transfer approximately 30,766 ETH related to the KelpDAO attack, worth about $70 million, significantly reducing the potential bad debt risk Aave may face. Discussions and plan designs regarding specific disposal paths are still ongoing.
Several English media outlets cited Aave and third-party risk assessments indicating that the KelpDAO-related attack triggered a chain reaction on-chain, which previously exposed Aave to potential risks ranging from $170 million to $200 million. The recovered $70 million in ETH will play a key hedging role in the final gap size, with subsequent measures possibly involving the protocol's security module, governance resolutions, or external recovery plans to comprehensively address the remaining risks. Stani stated that the short-term priority is to stabilize the market and liquidity through technical and governance means, and that a review of responsibility and institutional aspects will be further developed once the situation stabilizes. All significant updates will be continuously disclosed through official Aave channels.
Source: Public Information
ABAB AI Insight
Stani's statement shifts the narrative from a "single attack event" to "systemic risk management": Aave does not define the issue as an isolated hacking incident but views the KelpDAO-related attack as an extreme stress test on cross-chain staked assets and lending combinations. Within this framework, the recovered $70 million in ETH is not just about "how much was recovered" but directly reduces the potential bad debt range in the risk model, allowing for greater operational space in subsequent governance negotiations and the use of security modules.
The involvement of the Arbitrum Security Council indicates that the L2 infrastructure layer plays a "last line of defense" role at critical moments: by multi-signing and using emergency powers to freeze the attackers' addresses, then migrating assets to controlled wallets, it buys time for negotiation and governance for the protocol and affected parties. This essentially exposes a structural fact within the so-called "decentralized" system—at high-risk asset aggregation points, security councils and multi-sign governance become de facto "systemic risk managers," similar to clearinghouses and regulatory coordination mechanisms in traditional finance.
From the historical structure of DeFi, such events are pushing the industry from "single protocol risk management" to "ecosystem-level risk coordination." As a leading lending protocol, Aave's assets and collateral are highly embedded in LST, LRT, and cross-chain bridge assets, and a KelpDAO-level attack is sufficient to penetrate multiple protocol layers, forming "vertical transmission." This forces protocol founders like Stani to expand their focus from single risk control parameters (such as collateral ratios and liquidation thresholds) to the overall security structure of upstream staking protocols, cross-chain bridges, and L2 security councils.
On a deeper level, Stani's emphasis on "multiple plans, orderly return, user priority" sets boundaries for future governance decisions: on one hand, it leaves narrative space for using security modules, restructuring debts, or introducing external funding for rescue; on the other hand, it seeks to avoid simply attributing the event to a specific project or single technical error, to prevent tearing apart the internal alliances of DeFi. In a highly interconnected on-chain financial system, any large-scale bad debt and liquidation handling will serve as a reference for the next round of risk pricing and governance design—Aave's response is likely to be written into the "institutional memory" of future cross-chain staking and lending combinations.