Background
On Friday 18 April, an attacker exploited a vulnerability in Kelp DAO’s LayerZero V2 bridge route (Unichain to Ethereum), minting unbacked rsETH on Ethereum mainnet. The exploit triggered rsETH and WETH freezes on Aave, elevated borrow rates across several protocols, and a broader liquidity crunch in ETH-denominated markets.
rsETH is listed as an approved collateral type within the ENS Endowment’s ETH vault permissions (as introduced in EP 6.27). This post provides a full account of the actions taken to protect the Endowment.
Actions taken
At 18:54 UTC on 18 April, KPK received an alert regarding suspicious rsETH transfers. By 19:14 UTC, 20 minutes later, the incident was confirmed and KPK began executing precautionary exits on the ENS Endowment:
- Exited the Morpho ETH Prime v2 position, which included rsETH as one of several approved collaterals in the underlying market (tx)
- Exited the Aave USDS position to eliminate any indirect exposure to Aave market disruption (tx)
These exits were precautionary. The ENS treasury held no direct rsETH positions at the time of the incident. All actions were executed through the non-custodial Permissions Layer, which defines pre-approved actions for the treasury management team.
Impact on the ENS Endowment
The ENS Endowment was not materially affected by the rsETH exploit. No funds were lost and no bad debt was incurred. The precautionary exits were completed successfully and in full.
Resolution and current status
All precautionary positions have been fully unwound. The Endowment continues to operate normally.
We continue monitoring the situation across all protocols and will post further updates if any developments affect the Endowment.
We are happy to answer any questions from delegates and community members.