#v3

The post Aave overhauls listing standards after $230 Million rsETH exploit exposed bridge risks appeared on BitcoinEthereumNews.com. The most expensive DeFi attack of 2026 began with KelpDAO’s restaked ether (rsETH) bridge, not a bug in Aave’s code. That, the lending protocol argues in an official postmortem published this week, is precisely why the industry needs to rethink how it measures risk. Aave said it is launching a review of every asset listed on V3 and rewriting its listing standards after April’s $230 restaked ETH exploit exposed a new class of DeFi risk. The protocol’s postmortem traced the attack not to a flaw in Aave’s smart contracts but to a LayerZero bridge verification failure, where a single verifier approved a forged cross-chain message that released 116,500 unbacked rsETH. Going forward, Aave says collateral assessments will weigh bridges, oracle dependencies, custodians and operational security alongside the financial and smart-contract risks it has traditionally