#KelpDAOFacesAttack *Kelp DAO Faces Attack – April 2026*

Kelp DAO had a security incident this week, but it wasn’t a hack or exploit of user funds. Here’s what happened:

*What is Kelp DAO*

Liquid restaking protocol on top of EigenLayer. Users deposit LSTs like stETH, Kelp restakes for you, and gives you *rsETH* tokens you can still trade/use in DeFi. Also runs “Gain” vaults for L2 yield farming.

*The incident: Fee contract bug, not an attack*

- *Date*: Reported ~April 15-16, 2026

- *Issue*: Bug in Kelp DAO’s fee contract caused *excess rsETH minting*

- *Impact*: Too much rsETH was minted vs actual underlying assets. Not a drain of user deposits

*Kelp’s response*

1. *Paused deposits and withdrawals* immediately to prevent further minting

2. *User funds confirmed safe*: Team stated all deposited assets remain secure in smart contracts. Bug hit the token minting mechanism, not custody

3. *Fix in progress*: Team actively working on a solution and will resume operations after testing

*Key points for users*

- *No funds lost*: This is a supply/minting bug, not a treasury drain like the $7.6M Rhea Finance oracle attack

- *Services paused*: Can’t deposit or withdraw until fix deploys

- *rsETH holders*: Excess supply may temporarily affect rsETH peg/value until resolved

- *Action*: No action needed. Watch Kelp’s official channels for resumption timeline f5aa

*Context: DeFi security in 2026*

March saw $52M in crypto hacks, up 96% from February. But this Kelp incident is closer to a protocol bug than an external exploit. Audited by SigmaPrime, Code4rena, and MixBytes, but bugs still happen.

*Bottom line*: Kelp DAO had a minting bug, not an asset theft. Funds are safe per the team, but rsETH operations are paused until patched.

Want me to monitor for their post-mortem or when withdrawals reopen?#DAO $BTC $XRP $ETH