1INCH 1inch

+1.41% $0.10

Exclusive: 1inch co-founder has blunt advice for Aave users

By TheStreet Roundtable

about 17 hours ago

1INCH

AAVE

MAJOR

VALU

DEFI

Send

The crypto industry faced the largest shock of 2026 last weekend when the Kelp protocol got hacked for approximately $293 million on Apr. 18.

The hackers then used the stolen funds as collateral to borrow $195 million from Aave, one of the largest decentralized finance (DeFi) lending protocols.

The blame game is on, and crypto users are extremely frustrated.

TheStreet Roundtable asked 1inch co-founder Sergej Kunz what Aave users can do to avoid such crises in the future, and he has some blunt advice.

2026's largest DeFi hack

Kelp DAO is a liquid restaking protocol which offers rsETH, a liquid restaking token connected to Ethereum (ETH) via LayerZero.

In simple words, the protocol lets users deposit staked crypto assets like staked Ether (sETH) to the platform and gives them a "receipt" token called restaked Ether (rsETH) in return.

rsETH not only earns rewards, but it can also be used for other on-chain activities, such as lending.

Kelp also uses a cross-chain bridge called LayerZero to let digital assets like rsETH move across different blockchain networks.

What happened at 17:35 UTC on Apr. 18 was that a bad actor targeted the LayerZero bridge and tricked it into believing that another network had sent a legitimate instruction.

As a result, Kelp minted them 116,500 rsETH without any backing. The amount, worth approximately $293 million, accounted for around 18% of the entire 630,000 circulating supply of rsETH.

The attacker didn't just cash out and stop there.

Instead, they went ahead and used the stolen rsETH as collateral to borrow crypto assets worth approximately $236 million from different platforms.

The bulk of the activity took place on Aave, where the hackers borrowed wrapped Ether (wETH) worth around $195 million.

Aave responded by freezing the rsETH markets and clarified its own contracts have not been exploited; it's an rsETH-related exploit on Kelp DAO.

Aave loses around $10 billion in TVL

As per Lookonchain, Aave has $195 million in "bad debt" now. Whales such as the MEXC crypto exchange ($431 million), a Nonco-linked wallet ($405.7 million) and Abraxas Capital ($392 million) quickly withdrew funds from the Aave protocol.

Due to the KelpDAO exploiter borrowing over 82,600 $ETH ($195M) from #Aave using $RSETH as collateral, bad debt has appeared on #Aave.

Many whales have withdrawn funds from #Aave, causing its TVL to drop from $26.396B to $20.114B — a decline of $6.28B.

Major withdrawals… pic.twitter.com/rhN28AMul9
— Lookonchain (@lookonchain) April 19, 2026

Following the incident, the AAVE token's price crashed from around $113 on Apr. 18 to as low as $86.99. At press time, the token was trading at $93.43.

As per DeFiLlama, the total value locked (TVL) on Aave has dropped from $26.39 billion on Apr. 18 to $16.53 billion at press time.

The near $10 billion withdrawal on Aave also spread to panic withdrawals from other DeFi lending protocols.

The TVL on all DeFi lenders listed on DeFiLlama has dropped from $53.39 billion on Apr. 18 to $41.80 billion at press time.

In fact, the overall TVL on all DeFi protocols has fallen from $99.5 billion on Apr. 18 to $85.79 billion at the time of writing, as per DeFiLlama.

Total Value Locked in DeFi, Source: DeFiLlama

1inch co-founder shares harsh advice

Sergej Kunz is the co-founder of 1inch, a popular DeFi ecosystem. He recently addressed the above exploit and offered potential steps the DeFi industry and users can take to avoid such incidents.

"The shared-pool model is fundamentally broken if one bad asset can trigger 100% utilization and freeze an entire protocol."

Kunz told TheStreet Roundtable in emailed comments that the shared pool model used by protocols like Aave has a core flaw: the model has many assets sitting in one common lending pool, so depositors in “safe” assets get indirectly exposed to “weaker” collateral getting listed on the protocol.

“That is the core flaw: risk gets socialized across everyone,” he remarked.

Even users who just want to lend simple assets like USDC or ETH get exposed to the “weaker” collateral in such instances.

Aave’s own governance materials now discuss moving beyond the classic pooled setup toward more segmented, isolated models, he said. The DeFi industry already recognizes the limits of the one-big-pool approach, the 1inch co-founder underlined.

Kunz also addressed the “first exit wins” dynamics that play out in the aftermath of such exploits.

What happens is that whales and professional desks are quick to monitor risks and move faster, but retail users are late to react and get trapped to staring at 100% utilization with no easy withdrawal path, he explained.

In such a system, not everyone is guaranteed to lose but not everyone can leave at once. And it begins to look like a bank run, he decried.

Kunz suggested that DeFi protocols should deploy an intent-centric model.

In this model, each user mentions:

Collateral amount
Loan-to-value ratio
Terms and conditions

In response to the specific requirements of the user, market makers step in to match the demand.

Kunz highlighted that the intent-centric model doesn’t dump everyone into one curator-defined pool and it is closer to a true peer-to-peer (P2P) market with price discovery.

It means risk is matched explicitly instead of spreading to unrelated participants.

“If one asset gets compromised, the damage is contained to the counterparties who accepted that exposure, while liquidity for clean pairs can keep flowing instead of freezing the whole venue.”

The design is already very close to how intent-based execution already works in 1inch, he said.

TheStreet Roundtable asked Kunz what steps DeFi users can take to keep their funds safe on protocols like Aave.

His simple advice: avoid lending markets and vaults that can be admin-controlled by people whose keys can be hacked or abused.

If a user is availing the services of a shared pool like Aave, they are not just limited to the risk on their own assets. Instead, they get exposed to the risk of the entire pool and the protocol’s risk management quality, he warned.

The safest move for an average user is to stay away from markets with weak risk management, admin key exposure, and shared risk across questionable assets, the 1inch co-founder advised.