LlamaRisk, an independent risk management provider for the Aave DAO, published a new security proposal on June 9, 2026, to establish binding standards following the KelpDAO exploit earlier this year.
The document, titled the [ARFC] Aave Risk Framework, introduces rigorous requirements for asset listings, cross-chain bridges, and real-time monitoring across Aave V3, V4, and Aave Horizon.
Aave founder Stani Kulechov disclosed the plan on the same day, signaling a move toward automated defenses after attackers minted between $292 million and $293 million in unbacked rsETH in April 2026.
The urgency behind this framework stems from the April 18 breach where the North Korean Lazarus Group’s “TraderTraitor” unit exploited a single-verifier flaw in KelpDAO’s LayerZero bridge.
By minting hundreds of millions in phantom rsETH, the attackers were able to use the unbacked tokens as collateral on Aave to borrow real Wrapped Ether (wETH) and Staked Ether (wstETH). The impact was severe: Aave’s wETH pools reached 100% utilization, which effectively froze liquidity across major chains.
Simultaneously, the platform saw roughly $8 billion to $10 billion in deposits withdrawn within a 48-hour window as market participants reacted to the event.
While Aave’s own smart contracts were not compromised, the exploit left Aave V3 with an estimated $123.7 million to $230.1 million in bad debt. The new framework seeks to prevent such vulnerabilities by mandating technical redundancies for integrated partners and asset issuers. This strategy aligns with 2026 market trends where com/crypto-market-forecast-2026-narrowing-window-analysis/”>utility shifts dictate 2026 winners, rewarding protocols that prioritize security over rapid growth. The proposal is currently in the Aave Request for Final Comment (ARFC) stage.
Establishing stricter asset onboarding and risk standards
The first layer of the new framework focuses on the lifecycle of assets listed on the platform, ranging from initial onboarding to potential deprecation. LlamaRisk has proposed “hard-block” conditions that will disqualify tokens if they lack robust bug bounty programs or fail to disclose signing authority compositions.
This addresses the “opaque governance” and off-chain infrastructure issues identified during the April crisis. Assets will now require quarterly due diligence refreshes and out-of-cycle reviews if material changes occur, such as contract upgrades or shifts in reserve backing.
To eliminate single points of failure, the framework mandates specific security configurations for privileged roles. A “Level 5” configuration, involving on-chain DAO governance with a timelock, is the preferred standard. Conversely, single-key “Level 0” setups are now labeled as weak. This shift is critical as com/ethereum-price-accumulation-generational-opportunity-2026/”>Ether enters rare accumulation phase territory, making the security of liquid restaking tokens vital for decentralized finance (DeFi) stability. Timelocks are now required to gate parameter changes, oracle authority, and mint/burn authority.
Mandatory bridge configurations and verifier requirements
Bridging risk is a primary focus of the proposal, given that the KelpDAO exploit succeeded through a bridge configuration flaw. The framework demands at least three independent verifiers—which can include validators, nodes, or message verifiers—for every route carrying Aave exposure. Configurations such as “one-of-N” or “two-of-N” are explicitly deemed unacceptable.
This protocol ensures that no single compromised verifier can authorize the creation of unbacked assets across different chains.
Beyond verifier counts, bridge providers must document their topology and implement per-route rate limits. They are also required to maintain 24/7 incident response coverage and dedicated monitoring teams.
If a bridge route fails to meet these mandatory baselines, the framework allows Aave to respond by lowering Loan-to-Value (LTV) ratios or restricting further cross-chain expansion for the affected asset. These measures serve as internal circuit breakers to limit the potential blast radius of a bridge failure.
Automated monitoring and the role of Risk Stewards
The third layer of the framework introduces enforced automated monitoring of layers external to Aave. This system includes continuous risk oracles and automated “freeze guardians” designed to act between the onset of an adverse event and a human response.
While the Aave Protocol Guardian froze rsETH markets within hours in April, the new system aims for faster intervention through automated defenses. These guardians can pause markets if they detect anomalies like unbacked minting or oracle failures.
Once an automated alert is triggered, Aave’s Risk Stewards will handle the subsequent recovery and parameter changes. If losses still manage to reach the protocol despite these defensive layers, the framework designates “Umbrella” as the final safety layer.
This multi-tiered defense system is specifically designed to protect the protocol from the kind of bad debt scenario that hampered Aave V3. By setting these standards, Aave aims to insulate its core liquidity from the risks of interconnected third-party infrastructure.
Chain infrastructure and deployment standards
Finally, the framework addresses “Chain Risk,” setting standards for the networks where Aave is deployed. Chains with weaker infrastructure, lower liquidity, or less mature governance will face tighter limits across all assets listed on that network.
This approach indicates that Aave will become more selective about its presence on various blockchains, prioritizing those with proven monitoring support. This shift follows a period where Cardano price outlook and other ecosystems have focused on long-term sustainability and network stability.
The Aave community is now reviewing these binding standards to ensure they are sufficient to restore confidence after $10 billion was pulled from the platform in April. By shifting the burden of security compliance to asset issuers and bridge providers, the DAO is attempting to formalize a new era of risk management.
The proposal move toward a final vote follows months of discussion about the “Aave Will Win” framework and related security initiatives.
Resolving the impact of the KelpDAO bad debt
The KelpDAO exploit served as a pivotal moment for Aave, emphasizing that protocol security is only as strong as its weakest integration. Although Aave’s smart contracts held up, the creation of $293 million in unbacked rsETH created a systemic risk that required immediate intervention.
The [ARFC] Aave Risk Framework represents a transition from reactive emergency measures to a proactive, automated security architecture. This includes mandates for audits from reputable firms and visible backing for all collateral assets.
As the Lazarus Group and its “TraderTraitor” unit continue to target DeFi infrastructure, Aave’s new rules provide a blueprint for how lending protocols can defend against sophisticated nation-state actors. The framework doesn’t just address the bridge flaw; it covers the entire asset lifecycle and chain environment.
As the community moves toward final implementation, the focus will remain on whether these stricter standards can truly decouple Aave’s solvency from the vulnerabilities of the broader cross-chain ecosystem.