CryptoQuant’s latest report, titled “DeFi Contagion,” argues that the KelpDAO rsETH exploit triggered one of the most severe liquidity crunches in decentralized finance since 2024. According to the report, the attacker siphoned unbacked rsETH, deposited it into Aave, and exchanged it for WETH and stablecoins, turning what began as a protocol-specific exploit into a broader market stress event across DeFi.
Aave Bore the Largest Direct Exposure
CryptoQuant estimates that within 72 hours of the April 18, 2026 incident, Aave was exposed to roughly $124 million to $230 million in potential bad debt linked to depegged rsETH collateral. The report adds that Aave’s aETHrsETH contract holds about 83% of the circulating rsETH supply, making it the most vulnerable venue in the aftermath of the exploit.
The pressure showed up quickly in protocol metrics. Aave’s total value locked fell 33% over the following three days, wiping out billions of dollars and marking what CryptoQuant described as one of the sharpest protocol-level liquidity contractions in recent DeFi history. The firm characterized the move as a classic liquidity crunch: depositors rushed to withdraw while borrowers increased demand at the same time, draining available liquidity and forcing rates higher.
Borrowing Costs Spiked Across Core Markets
Funding stress became visible almost immediately in Aave V3’s largest lending markets. CryptoQuant data showed USDT and USDC borrowing rates jumping from a steady 3.4% before the hack to 14% as users sought stablecoin liquidity and exits. ETH borrowing rates also climbed to 8%, the highest level recorded by CryptoQuant since at least January 2024, before easing back to around 5%, still well above the pre-hack level of roughly 2%.
Because ETH, USDC, and USDT are Aave’s three largest markets by TVL, the simultaneous move in all three was interpreted by the report as evidence of system-wide stress rather than isolated price action in a single asset.
USDe Contraction Added to Broader DeFi Strain
The report also highlighted pressure on yield-bearing stablecoin USDe, the fourth-largest asset on Aave with about $412 million in deposits. In the days after the exploit, CryptoQuant tracked a sharp drop in minting activity and a reduction in total supply from $5.8 billion to $5.0 billion in just three days, a decline of $800 million or roughly 14%.
CryptoQuant said the contraction reflected both contagion from the Aave crisis and persistently negative perpetual funding rates in ETH and BTC markets. Those negative rates compressed USDe’s delta-neutral yield and increased redemption incentives. In the firm’s view, the combination of hack-driven risk-off behavior and structural derivatives pressure signals a meaningful deterioration in DeFi liquidity conditions.
Collateral Concentration Risk Back in Focus
CryptoQuant concluded that the episode underscores the systemic danger of concentrated collateral exposure in DeFi lending protocols. Because Aave held such a large share of rsETH-linked positions, the fallout from a vulnerability in KelpDAO’s infrastructure spread far beyond the original exploit. Market attention is now likely to remain fixed on Aave’s risk management response, the stability of rsETH collateral, and whether major DeFi platforms can restore normal liquidity conditions.

