Miami — Aave Labs has announced significant changes to its collateral and listing evaluation processes after the largest DeFi breach of 2026, potentially establishing a new industry benchmark. Linda Jeng, Aave’s chief legal and policy officer, stated at Consensus Miami 2026 that their current risk framework was too narrowly concentrated on financial risks and volatility.
Future assets listed on Aave will undergo comprehensive evaluations addressing interoperability, cybersecurity risks, and asset architecture. The exploit involving rsETH from KelpDAO in April has prompted this shift in strategy. Jeng also unveiled a formal playbook for asset issuers, outlining minimum standards that must be met before listing on the protocol. Additionally, Aave plans to analyze systemic interconnections across protocols rather than examining pools independently.
“Out of a crisis like this, it ups our standards,” she remarked.
Reflecting on an intense month described as “two weeks of no sleep,” Jeng recalled how an attacker exploited KelpDAO’s cross-chain bridge. This resulted in the minting of 116,500 unbacked rsETH tokens valued at about $293 million. These tokens were then used as collateral to borrow real wrapped ether from Aave, leaving the protocol with substantial impaired debt.
Drawing parallels to her experience as a regulator during the 2008 financial crisis, Jeng noted a strong sense of déjà vu but highlighted a different resolution approach. Instead of government intervention, the DeFi community self-organized through “DeFi United,” gaining support from entities like Lido, EtherFi, Ethena, and others to address collateral shortfalls and prevent further systemic debt issues in DeFi lending markets.
“In the financial crisis, we had to bail out the banks. Here, we came together as an ecosystem to bail ourselves out,” she explained.