Why I withdrew everything from Aave this weekend

Full disclosure: I am a DeFi user with active exposure to Aave V3, including lent stablecoins and ETH. This is an opinion piece on how I withdrew, why I decided to pull all of it, and what I am watching now. This is not financial advice in any way. Do your own research, talk to a professional, and never act on a single article, including this one.

I spent most of Sunday morning, April 19, doing two things, refreshing DefiLlama and waiting for transactions to confirm.

By the time I got coffee, Aave had lost roughly $6.6 billion in deposits in under 24 hours, the WETH pool was at 100% utilization, and depositors were quietly being told that withdrawals might not work the way they expected. I was one of those depositors. I am no longer.

This is the story of how I got there, what I saw, and the reasoning behind pulling out completely instead of waiting it out.

Related: Major DeFi hack becomes the largest of 2026 yet

The headline is misleading. Aave was not hacked. Its smart contracts performed exactly as written. The attack happened somewhere else and the damage rolled downhill into Aave like a flash flood.

On April 18, an attacker exploited a vulnerability in Kelp DAO’s cross-chain bridge, which uses LayerZero’s messaging infrastructure. By forging a message to the bridge’s lzReceive function, the attacker tricked the contract into releasing roughly 116,500 rsETH worth around $292 million to a wallet under their control, according to CoinDesk. Kelp’s team paused the contracts within the hour, but the rsETH was already gone.

Two follow-up attempts to drain another 80,000 rsETH were blocked by the freeze, sparing the ecosystem an additional $100 million or so in losses.

For readers new to this corner of crypto, rsETH is a liquid restaking token. You give Kelp your ETH, Kelp routes it through EigenLayer to earn extra yield, and you get rsETH back as a receipt. That receipt is supposed to be redeemable, eventually, for the ETH backing it. Critically, rsETH on every Layer 2 was backed by the reserves sitting in Kelp’s mainnet bridge contract. When that bridge was drained, the receipts on 20-plus chains were left pointing at an empty vault.

Now the part that matters for Aave depositors. The attacker took the stolen rsETH and used it as collateral on Aave V3 to borrow as much WETH as the protocol would allow. Approximately $196 million in WETH walked out the door against rsETH that was, by then, backed by nothing. Smaller exposures showed up on Compound and Euler. The attacker consolidated the stolen funds into around 74,000 ETH and moved on.

Think of it this way. Imagine a warehouse in New York that stores gold bars. A bank in London issues paper certificates that say “redeemable for one gold bar at the New York warehouse.” Those certificates circulate freely. People trade them, lend them, post them as collateral. As long as the gold is sitting in the warehouse, the certificates are as good as gold. Now imagine a thief breaks into the New York warehouse and walks out with every bar. The certificates in London still exist. They still say “redeemable for one gold bar.” But there is no gold left to redeem them against. The paper is suddenly worth nothing, even though nothing about the paper itself has changed. That is what happened to rsETH on Layer 2s the moment Kelp’s mainnet bridge was drained.

Aave was left holding the bag. The collateral was frozen and effectively worthless. The borrows could not be liquidated in any meaningful way because nobody wants to buy unbacked rsETH at any price. The bad debt on Aave alone is estimated at $177 million to $200 million, per CoinDesk reporting.

There is a detail that did not get enough attention in the first wave of coverage, and it changes how you should read this whole event.

In January 2026, Aave governance passed proposal 434, which added WETH to rsETH’s LST E-Mode and raised the maximum loan-to-value ratio for rsETH in that mode from 92.5% to 93%. In simple words, users could borrow $93 of WETH on Aave using $100 of rsETH as collateral. That compressed the safety buffer from 28% to 7%.

When rsETH lost its backing on Saturday and the price began to fall, the system kept treating the now-worthless rsETH as valid collateral. The thin buffer made positions unliquidatable before the bad debt crystallized. The exploit was external. The damage was amplified by a parameter Aave governance had set itself.

I am not saying Aave caused this. I am saying the size of the hole was a function of decisions made months earlier, and that is the part depositors should be most uncomfortable with.

Related: Exclusive: Aave founder sees U.S. push to lead in crypto, DeFi policy

I have been a lender on Aave V3 for a while. The setup is the same one most DeFi users will recognize. I connected my wallet, picked the Ethereum mainnet deployment of Aave V3, supplied USDT and ETH into the respective pools, and received aUSDT and aWETH receipts in return. The receipts accrue interest in real time. You watch the balance tick up. It is mildly addictive.

The yield on stables had been hovering in the mid single digits, the ETH yield a bit lower. Nothing exotic. I was not chasing 30% APYs on some new fork. Aave is the most battle-tested lending protocol in DeFi, with around $25 billion in deposits across multiple chains before this weekend. If you cannot lend on Aave, the argument goes, you cannot lend anywhere on-chain.

When you supply USDT or ETH on Aave, you are not putting your money in a vault. You are an unsecured creditor of a shared pool. The pool lends to many different borrowers against many different forms of collateral. If one of those collateral types fails badly enough, the loss does not stay neatly inside that one market. It bleeds into the pool that funded the bad loan.

In this case, the bad loan was WETH borrowed against rsETH. The pool that funded it is the WETH pool. That pool is the one I had ETH sitting in.

There is one insurance layer, and it is newer than most depositors realize.

Aave’s Umbrella system replaced the legacy Safety Module in late 2025, as Yahoo Finance flagged in its coverage of the incident. Under Umbrella, users who staked aWETH directly into the Umbrella vault face automatic slashing to cover the deficit, with no governance vote required. Once the slashing cycle completes, remaining WETH suppliers should regain partial withdrawal access, although a full recovery is not guaranteed and depositors may face a haircut.

This is the first major real-world stress test of Umbrella. Nobody, including the people who built it, knows exactly how the next two weeks play out.

In practice, the language coming out of Aave shifted in a way I did not love. The protocol initially said the Umbrella reserve would cover the deficit. By Saturday afternoon the wording had softened to “explore paths to offset the deficit.”

The other thing that pushed me to act was watching the WETH pool utilization climb toward 100%. Here is what that means.

Aave can only honor withdrawals out of liquidity that is actually sitting idle in the pool. When too much of the pool is lent out, withdrawals stop working. Not because Aave is broken, but because the math says there is nothing to give you until borrowers repay or new depositors arrive.

By Sunday morning the WETH market had hit 100% utilization. Reports put outflows at $5.4 billion in hours. People who tried to withdraw later in the day were getting failed transactions and partial fills.

Then came the part that, for me, settled the question. As a precautionary follow-up, Aave’s Protocol Guardian froze WETH on Core, Prime, Arbitrum, Base, Mantle, and Linea, preventing new borrows against WETH collateral while the team continues to monitor. Six deployments. The pool I was in was no longer behaving like a normal lending market.

Stablecoin pools, including USDC and USDT, had no direct rsETH exposure but were seeing utilization spike on certain deployments because the panic does not respect category boundaries. Money that wants to leave wants to leave everything.

I will not get into specific amounts because that is not the point of this piece. But I will say I pulled both my ETH position and my stablecoin position, in that order, and moved the funds to self-custody.

Three reasons.

First, I do not know what the bad debt resolution will look like. Aave may absorb the loss cleanly through Umbrella reserves. It may not. If Umbrella stakers are slashed and the deficit still is not closed, depositors get a haircut. I cannot model the probability of each outcome with any precision, and neither can anyone telling you confidently which one will happen.

Second, the WETH pool was already telling me the answer about liquidity. If utilization is at 100%, WETH borrowing is being frozen across deployments, and panic is still building, every hour I wait reduces the chance that I can exit at all in the short term. I would rather pay gas now than wait three weeks for an Umbrella resolution while my funds sit immovable.

Third, my stablecoins were not directly exposed to rsETH but they were exposed to Aave as a whole. If something goes badly wrong with the protocol’s solvency or governance response, the contagion does not stop at the WETH market. I do not need to be a hero about my USDT yield. The opportunity cost of sitting in a self-custody wallet for two weeks is small. The cost of being stuck in a bank run is not.

I am not anti-Aave. I will likely be back. The team’s response time on freezing the rsETH markets was quick and correct. The protocol architecture worked. The “Aave Will Win” governance vote that passed on April 13 redirects 100% of revenue from Aave-branded products back to the DAO, which is a structurally bullish change. V4 went live on Ethereum mainnet on March 30 with a hub-and-spoke design that should reduce exactly the kind of concentration that made this weekend so painful.

But I want to see specific things before I redeposit. I want a clear, on-chain accounting of how the bad debt is being absorbed and how much of the Umbrella vault gets burned. I want to see the slashing cycle complete and partial withdrawals open back up for WETH suppliers, as Aave has indicated will happen. I want to understand how Aave plans to revisit risk parameters for liquid restaking tokens going forward, because the assumption that LRTs would hold peg under normal conditions is no longer a defensible default. And I want to see whether the team revisits the E-Mode parameters that turned a $292 million bridge exploit into a nine-figure protocol-level event.

Until then, my Aave position is zero.

I am not going to tell you to withdraw. I am going to tell you what I think you should know before you decide.

Your USDT and USDC positions on Aave are not directly exposed to rsETH, but they are exposed to Aave the protocol, and Aave the protocol is in the middle of a stress event that is still unresolved. Your ETH position, if it is in the WETH pool, is in the exact pool that took the bad debt. Your withdrawal works only if the pool has liquidity. Right now the pool does not, on Ethereum mainnet at least, and the situation is fluid hour by hour.

There are good reasons to stay. Aave has navigated stress events before. The insurance layers exist precisely for this. If you trust the team to absorb the loss without touching depositors, sitting tight is a defensible choice and you keep earning high yield while you wait.

There are also good reasons to leave. If the resolution drags out, withdrawals stay congested. If Umbrella does not stretch, the order of operations is depositor-friendly but not depositor-immune. And if you are the kind of investor who values optionality more than 4% APR, the math is not complicated.

I chose to leave. You may choose to stay.

This story was originally published by TheStreet on Apr 19, 2026, where it first appeared in the MARKETS section. Add TheStreet as a Preferred Source by clicking here.