On the same day Aave introduced rsETH, why did Spark decide to exit?
On April 18, the cross-chain bridge of Kelp DAO was attacked, with the attacker minting 116,500 rsETH tokens not backed by real assets, then depositing them into Aave and borrowing WETH. Aave Guardians initiated an emergency freeze within hours. According to on-chain estimates by Lookonchain, Aave V3 and V4 face a potential bad debt of about $195 million.
In contrast, the lending protocol SparkLend in the MakerDAO (Sky) ecosystem did not suffer any losses.
This was not because Spark's team was smarter than Aave's, nor because they foresaw the vulnerability of this cross-chain bridge in advance. The reason Spark exited rsETH was outlined in a governance forum post 3 months ago, completely unrelated to the security of the bridge contract.
January 29, 2026, is the key date of this article. On that day, Spark executed a governance action called Spell, halting new rsETH supply. On the same day, Aave's rsETH E-Mode was launched, allowing users to borrow WETH using rsETH as collateral with a maximum Loan-to-Value (LTV) ratio of 93%.
One exiting, one expanding, both on the same day.
The decision to exit by Spark had its starting point in a governance post submitted by PhoenixLabs (Spark's ecosystem executor) on January 16, 2026. The reason for the exit was straightforward: low rsETH usage, with almost all volume coming from a single wallet (on-chain address 0xb99a), whose owner had expressed willingness to use alternative collateral like wstETH or weETH. The original governance post stated, "Exiting rsETH can improve SparkLend's safety margin and increase risk-adjusted returns." This was a periodic asset cleanup, with tBTC, ezETH, and the entire Gnosis Chain market exiting in the same batch, all for the unified reason of "low usage."
Aave's expansion decision had an earlier starting point, originating from a proposal launched by ACI (Aave Chan Initiative), a governance proposal organization led by Marc Zeller, on November 17, 2025. The proposal's motivation was clear: "Restore WETH utilization, expecting to attract $1 billion rsETH inflow." Chaos Labs completed risk parameter validation in January, confirming an E-Mode LTV of 93% and a liquidation threshold of 95%. Decision-making parties included ACI, Chaos Labs, LlamaRisk, and the Aave Community Voters. This was a multi-party-driven expansion decision, not a mistake by a single entity.
Three months later, the market provided the outcome.
In Aave's current Umbrella insurance mechanism, the available funds amount to around $50 million, covering only 25% of the potential $195 million default. The loss absorption order is as follows: aWETH stakers first, followed by WETH depositors pro-rata, then stkAAVE and the DAO treasury. Aave's TVL dropped from $26.4 billion to $19.8 billion, including panic withdrawals. The USDT market utilization reached 100% within hours, with approximately $300 million in new borrowing.
In Spark's rsETH market on SparkLend, the current frozen value is $37,300, equivalent to 15.32 rsETH. The wallet address 0xb99a, which almost entirely migrated to wstETH and weETH after new supply was halted on January 29, aligns perfectly with the governance forum's prediction.
Spark co-founder Sam MacPherson (@hexonaut) highlighted on April 19 that claiming no risk exposure to rsETH in a protocol does not mean there is truly no risk exposure, as indirect exposure remains for users with collateral in the affected lending markets. Spark did not incur direct losses, but indirect risks are still being assessed.
Two protocols made opposite decisions on the same day, indicating that it is not about who made the right decision between Spark and Aave; the root issues of the two systems are fundamentally different.
Spark's risk management logic uses the trigger of "whether marginal cost exceeds marginal revenue," with metrics such as utilization below the threshold, excessive concentration of a single user, and underperforming risk-adjusted returns, triggering assets to be placed on an exit candidate list. This is an active, efficiency-driven tightening mechanism unrelated to the asset's own security risk.
Aave's logic trigger is the "market expansion opportunity." With low WETH utilization and a sizable rsETH market, the E-Mode can attract incremental capital. From this entry point, the parameter direction is expansion, with an LTV of 93%, a generous supply cap, and multiple governing bodies pushing together.
These two protocols address completely different questions: "Is this asset worth holding further?" or "How much incremental value can this asset bring?" Both sets of questions are valid business logic before a risk event is triggered, with the referee appearing only after the trigger.
The security outcome of Spark has another layer of support.
In a post on April 19, Sam MacPherson announced the "exit of rsETH" and mentioned: "SparkLend has rate-limited deposit and borrowing caps. Its oracle mechanism also utilizes a three-party median." This statement points to the other two lines of defense in Spark's risk management system.
One is the on-chain physical constraints. The Rate-Limited Supply Cap restricts the maximum supply within a unit of time, while the Borrow Cap limits the maximum borrowing size. The implication of these two designs is that even if Spark had not exited rsETH at the time, an attacker would not be able to deposit $292 million worth of rsETH in one go, as the loss magnitude would be forcibly capped.
The other line of defense is at the price information level, with a three-party median oracle taking the median of prices from three independent sources: Chronicle, Chainlink, and RedStone. In extreme scenarios, it falls back to Uniswap TWAP. If a single price source is manipulated, it does not affect the liquidation trigger. In contrast, Aave faced an exposure window due to oracle price lag in this event, highlighting a design difference rather than an operational mistake.
The design logic of the three lines of defense is consistent: not relying on the prior identification of specific risks but rather limiting the maximum exposure of any single risk event at a system level.
The final loss figure depends on Kelp DAO's loss allocation plan. Currently, three options coexist: socialized loss among all on-chain rsETH holders (reducing the default scale), standalone losses for L2 rsETH holders (maintaining the Aave mainnet defaults), and snapshot rollback (extremely operationally difficult). This figure will be determined in the upcoming weeks.
However, the results of the two decision philosophies are now quantifiable, with a gap of approximately $195 million. The trigger date is the same, marked in the governance actions of the same day.
You may also like
ZachXBT: Humanity private key leak and abnormal surge in H token should be viewed separately
On June 9, according to related disclosures, on-chain investigator ZachXBT posted an update on Humanity’s roughly $31 million security incident, saying that after further analyzing fund flows, he currently tends to believe the project team was not involved in an “inside job” or a self-staged attack. According to him, the official explanation about the private key leak was broadly accurate, but before the token unlock, the price of H had been artificially pushed higher, and the hacker later took advantage of that market environment; therefore, the private key leak and the earlier abnormal price pumping should be regarded as two separate and independent events. This reframing has shifted the market’s understanding of the nature of the incident. Earlier discussion around Humanity had focused on whether the team directly participated in the attack or used the security incident to cover up internal operations. ZachXBT’s latest remarks shift the focus from “whether it was self-theft” to “whether there were pre-unlock market structure issues.” He also questioned whether the team may have.
Morning Report | OpenAI has submitted an S-1 registration statement draft to the U.S. SEC; Morpho completes $175 million financing
Morning Report | BitMine increased its holdings by 126,971 ETH last week; trader Eugene announced his exit from the crypto market
Wang Chuan: How can one not feel anxious after the neighbor Old Wang made thirty times profit by investing in storage stocks? (Seven) - A quarter-century cycle
Cryptocurrency CEXs are flocking to sell US stocks, and traditional brokerages are facing an "uninvited guest."
$75 billion in foreign capital has fled, and South Korean retail investors have absorbed it all using leverage
Japan’s Three Megabanks Plan Joint Stablecoin Issuance in Fiscal 2026
MUFG, SMBC, and Mizuho reportedly plan to jointly issue fiat-pegged stablecoins in fiscal 2026, signaling Japan’s growing push into bank-led digital payment infrastructure.
Humanity Discloses H Token Dual-Chain Attack Details, With Losses on Ethereum and BSC Exceeding $36 Million
Humanity said the H token attack across Ethereum and BSC caused more than $36 million in losses after leaked ProxyAdmin keys enabled malicious contract upgrades and token minting.
White House Discusses CLARITY Act With Law Enforcement Ahead of Senate Vote
The White House discussed the CLARITY Act with law enforcement ahead of a Senate vote, focusing on illicit finance risks and developer protections.
Bitcoin Trading Guide 2026: Strategies for Experienced Traders
What Is XAUT and PAXG? Why Tokenized Gold Is Booming in 2026
Will the SpaceX IPO Hurt Bitcoin? Here's What Traders Are Watching
Foreign selling in the South Korean stock market accelerates, with cumulative net sales reportedly reaching $75 billion this year
On June 9, The Kobeissi Letter, citing Goldman Sachs data, reported that global investors are selling South Korean stocks at an unusually rapid pace. In the latest trading session, foreign investors sold about $801 million worth of Kospi constituent stocks again; total foreign outflows last week reached about $10 billion, and the market has been in net foreign selling on nearly every trading day over the past month. According to the data cited in the report, foreign investors have sold about $75 billion worth of South Korean stocks so far this year. Meanwhile, South Korean retail and institutional investors together recorded roughly $69 billion in net buying over the same period, suggesting that the market’s main buying support has come from domestic capital rather than returning overseas funds. The information currently disclosed still mainly comes from The Kobeissi Letter’s retelling and Goldman Sachs data summaries, while public details on the statistical period and the specific definition of “selling” remain relatively limited.
Fortune Warns of Strategy’s Financing Structure Risks as Bitcoin Premium Narrows
Fortune warned that Strategy’s Bitcoin treasury model faces growing financing risks as MSTR’s net asset premium narrows and preferred stock dividend pressure increases.
Ferrari Challenge Le Mans: Carl Moon to Dominate in WEEX Livery
Sahara AI Responds to SAHARA’s Sharp Drop: No Contract or Product Security Issues Found, Internal Investigation Underway
Sahara AI responded to SAHARA’s 60% price drop, saying no token contract or product security issues have been found and an internal investigation is underway.
WEEX Deposit/Withdrawal Dynamic Island: Your Asset Status, Always in Sight
Scaling Crypto Derivatives: The Digital Asset Infrastructure Behind High-Volume Trading
In the fast-moving digital asset ecosystem, derivatives platforms face an extreme architectural test. High-leverage futures markets demand more than just standard security—they require absolute operational precision, zero-latency matching engines, and ironclad structural scalability, all while navigating intense market volatility.
As global platforms scale to meet these demands, the industry is shifting away from rigid, monolithic setups toward a more agile, "decoupled" infrastructure philosophy.
The Blueprint for High-Volume Copy TradingFor elite global exchanges like WEEX (founded in 2018), this architectural choice becomes critical when scaling high-volume retail features like social copy trading. When thousands of users automatically mirror the real-time strategies of elite traders simultaneously, it triggers sudden, monumental spikes in concurrent transactional volume.
To prevent execution latency or settlement bottlenecks during these peak volatility events, a platform's primary engine must remain entirely dedicated to risk management, copy-trade synchronization, and order matching.
The Architectural Rule: New-generation platforms must separate front-end user execution engines from heavy backend infrastructural overhead to eliminate operational friction.
By separating these layers, platforms can maintain complete sovereignty over their trading environments and user experiences while strategically aligning with institutional-grade infrastructure ecosystems. This strategic framework allows modern exchanges to leverage advanced Digital Asset Custody infrastructure such as Cobo’s behind the scenes, ensuring that backend wallet management scales elastically alongside trading spikes.
Capitalizing on Market Momentum and 400× LeverageIn a derivatives arena where platforms offer up to 400× leverage on perpetual contracts, capital efficiency and market agility are core business metrics. To capture market momentum, an exchange needs the ability to rapidly expand its asset offerings, supporting everything from legacy crypto assets to sudden, trending altcoins across a massive library of trading pairs.
Adopting a flexible, scalable Wallet-as-a-Service (WaaS) solution such as Cobo’s could completely rewrite the development timeline for high-growth exchanges. Instead of spending months of engineering capital building out custom backend wallet architectures for every new blockchain network, platforms can deploy localized infrastructure in days.
This agility allows platforms to instantly scale their listings to over a thousand trading pairs without compromising security or delaying time-to-market. It mirrors the exact operational advantages seen during high-velocity market events, similar to how advanced wallet infrastructure empowers platforms during sudden asset surges; allowing exchanges to pass that speed and liquidity directly to their global user base.
A Mature Foundation for GrowthThe synergy between trusted infrastructure ecosystems and global trading platforms represents the natural evolution of a maturing crypto market. As WEEX continues to scale its global spot and derivatives offerings for over 6 million users, adopting robust backend paradigms proves that platforms no longer have to compromise between cutting-edge trading velocity and uncompromised structural security.
ZachXBT: Humanity private key leak and abnormal surge in H token should be viewed separately
On June 9, according to related disclosures, on-chain investigator ZachXBT posted an update on Humanity’s roughly $31 million security incident, saying that after further analyzing fund flows, he currently tends to believe the project team was not involved in an “inside job” or a self-staged attack. According to him, the official explanation about the private key leak was broadly accurate, but before the token unlock, the price of H had been artificially pushed higher, and the hacker later took advantage of that market environment; therefore, the private key leak and the earlier abnormal price pumping should be regarded as two separate and independent events. This reframing has shifted the market’s understanding of the nature of the incident. Earlier discussion around Humanity had focused on whether the team directly participated in the attack or used the security incident to cover up internal operations. ZachXBT’s latest remarks shift the focus from “whether it was self-theft” to “whether there were pre-unlock market structure issues.” He also questioned whether the team may have.
Morning Report | OpenAI has submitted an S-1 registration statement draft to the U.S. SEC; Morpho completes $175 million financing
Morning Report | BitMine increased its holdings by 126,971 ETH last week; trader Eugene announced his exit from the crypto market
Wang Chuan: How can one not feel anxious after the neighbor Old Wang made thirty times profit by investing in storage stocks? (Seven) - A quarter-century cycle
Cryptocurrency CEXs are flocking to sell US stocks, and traditional brokerages are facing an "uninvited guest."
$75 billion in foreign capital has fled, and South Korean retail investors have absorbed it all using leverage
