TechFlow reports that on April 23, Lido released an update regarding the Kelp security incident, stating that its Earn-series vaults are working with the management team to resolve the issue. Two key risk points have been identified: exposure to rsETH and liquidity strain in lending markets. Lido emphasized that its core staking protocol remains unaffected, and both stETH and wstETH remain secure and stable.
Currently, only the EarnETH vault holds approximately 9% of its TVL in rsETH exposure; related deposits and withdrawals have been paused by the management team pending implementation of a resolution. Around $70 million worth of ETH stolen in the earlier attack has already been recovered, and further asset recovery and loss allocation efforts remain ongoing. To address liquidity pressures, the management team has reduced leverage and optimized position structures, significantly decreasing wETH debt exposure. Should losses ultimately materialize, EarnETH will activate its $3 million “first-loss protection mechanism,” funded by the DAO. Other vaults—DVV and EarnUSD—remain unaffected and operate normally. The GGV sub-vault, however, is currently generating negative returns due to a combination of its re-staking strategy and rising borrowing rates, though active adjustments are underway. Withdrawal requests submitted by users prior to the incident will be processed at pre-incident valuations.
