Aave proposes new framework setting stricter standards after KelpDAO exploit

Aave is moving toward a stricter risk framework designed to govern every asset listed across Aave V3, V4, and Aave Horizon, setting new standards for onboarding, monitoring, bridge exposure, and chain deployments.

The framework is structured around four layers: asset risk, bridging risk, monitoring and automated risk oracle systems, and chain risk. Together, the layers define how assets are evaluated before listing, how they are reviewed after onboarding, and when exposure should be reduced or deprecated.

The proposal follows April’s KelpDAO exploit, which exposed how weaknesses in bridge configuration and offchain infrastructure can turn a listed collateral asset into protocol wide risk.

Attackers minted roughly $292 million in unbacked rsETH through KelpDAO’s LayerZero bridge and used the asset as collateral on Aave, prompting new standards around bridge disclosures, verifier independence, rate limits, automated monitoring, and defensive freeze mechanisms.

Under the asset risk layer, every listed asset would need to meet requirements tied to audits, bug bounty coverage, liquidity, timelocks, signing authority, legal disclosures, backing visibility, and issuer operations.

Missing or materially weak bug bounty coverage, unresolved audit findings, no timelocks on critical upgrade paths, undisclosed signer structures, or opaque backing arrangements would be treated as hard block conditions.

The framework also makes asset reviews a continuous process rather than a one time approval. Each asset would face a quarterly due diligence refresh, with out of cycle reviews triggered by material changes such as new chain deployments, contract upgrades, bridge route changes, oracle updates, or shifts in reserve backing.

Aave’s bridge risk layer introduces stricter rules for cross chain assets. Bridge routes would need documented topology, at least three independent verifiers, timelocked authority changes, separate pause pathways, per route rate limits, 24/7 incident response coverage, and dedicated monitoring teams.

Routes that fall short of mandatory bridge requirements could face lower caps, lower loan to value ratios, or restrictions on cross chain expansion.

The framework also adds faster defenses for risks that can spread before governance has time to react. Aave would be able to automatically freeze assets or reduce exposure when warning signs appear, while any move to restore limits would still require human review.

Aave’s Risk Stewards would handle recovery and parameter changes after an , while Umbrella would act as the final safety layer if losses still reach the protocol.

The framework also sets standards for the chains where Aave deploys. Chains with weaker infrastructure, liquidity, governance, or monitoring support would face tighter limits across every asset listed there.