Aave 发布 Kelp rsETH 桥攻击事后调查
ChainCatcher 消息,针对 4 月 18 日发生的 Kelp rsETH LayerZero V2 桥被攻击事件,Aave 在 X 平台发布事后调查,强调此次暴露主要源于第三方桥基础设施,而非协议本身。攻击者通过 RPC 中毒攻击,针对 LayerZero 的单一验证器,伪造了一条跨链消息。导致 Ethereum 侧在 Unichain 没有实际销毁的情况下,释放了 116,500 rsETH。攻击者随后将窃取的 rsETH 存入 Aave V3(Ethereum Core 和 Arbitrum),借出约 82,650 WETH 和 821 wstETH。
Aave Protocol Guardian 和 Risk Steward 立即对 rsETH 和 WETH 储备实施保护措施。目前受影响的 V3 部署中,WETH 和 rsETH 市场运行正常。攻击者在 Arbitrum 上的 rsETH 已被销毁,LayerZero OFT 适配器已分五批完全充值,rsETH 支持已全部恢复,Kelp 已重新开放 rsETH 的提现、桥接和索赔功能。受影响市场的 WETH LTV 已重置为攻击前的值,除 rsETH 外,Aave V3 在所有市场均已全面运行。
Arbitrum DAO 已投票通过,授权将冻结的 ETH 转移至 Aave LLC,目前正在等待链上执行。法院仍在审理限制令的实质性内容,Aave LLC 将在法院审议期间继续遵守限制令。目前仍在进行的项目包括:Llama Risk 的 Aave 风险框架、桥接评估框架、发布当前已上线资产的评估报告、Arbitrum DAO 投票的链上执行,以及法院对限制令的审理。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
After seven months of silence, an Ethereum whale deposited 1,504 ETH into OKX
Santiment: Bitcoin's long-short ratio surged to 2.23, a new high for the year, possibly signaling a short-term pullback
Crypto June Outlook: The World Cup intensifies liquidity and attention divergence, and historical performance is also not optimistic
AAVE released an investigation into the RSETH incident, showing that the attacker has destroyed part of its assets
Aave releases rsETH event review: cross-chain forgery led to an abnormal release of 116,500 rsETH, fully restored
The Base ecosystem token POD rebounded by over 35%, with a market cap surpassing $137 million
Opinion: The greatest threat to quantum computing is not Bitcoin private keys; the financial system is facing the risk of "collect first, decrypt later."
Base experienced withdrawal delays due to TEE enclave status updates being delayed for over 30 hours
The Chicago Mercantile Exchange has launched 24/7 trading of Bitcoin and Ethereum futures options
Blackstone ETH ETF saw an outflow of $40.2 million, with a position of 294,955 ETH
Trending crypto
