Ethena's USDe Sees $1.6bn Outflows as Kelp DAO Fallout Spreads Across DeFi

Ethena is a DeFi protocol built on the Ethereum blockchain, mainly known for its synthetic dollar, USDe, which is designed to maintain a 1:1 peg with the US dollar. 

USDe supply has dropped to about $4.3bn on 23 Apr, according to data from DeFiLlama. Once the third-largest stablecoin, it now ranks sixth by circulating supply. At the same time, borrowing costs on Aave – DeFi's second-largest protocol with a total value locked (TVL) of over $14bn – have jumped to around 13 to 16% in recent days, up from roughly 2 to 3% just a week earlier, based on Sandmark analyst data. 

The shift follows a liquidity squeeze triggered by the Kelp DAO exploit, in which hackers stole about $292mn of Restaked ETH (rsETH) and used it to borrow Wrapped Ether (wETH), highlighting how the fallout is spreading across DeFi.

"It broke the carry trade that supported demand for sUSDe," said Shane Molidor, founder of Forgd, a Web3 investment bank and advisory firm. "One of the biggest use cases for sUSDe was looping – stake into sUSDe, borrow stablecoins like USDC against it, or buy Pendle PTs, then redeploy and repeat to lever the carry."

Sandmark analysts explained this is a common strategy used to boost returns. But with borrowing costs now exceeding yields, the trade has turned unprofitable, prompting users to close positions and withdraw funds, Forgd Molidor said.

"DeFi risk simply stopped being worth it," Molidor emphasized. "Between liquidity risk, bad debt risk, and smart contract risk, the incremental yield no longer justified the exposure – especially when the base, unlevered sUSDe rate is already roughly in line with US T-bill yields. Once the looping premium disappears, there's little reason to hold USDe at scale."

The Aave effect

The hack's impact appears most visible on Aave where its main USDC pool on Ethereum has been near 100% utilization, leaving little liquidity for withdrawals or new borrowing. 

Aave's TVL dropped to $14.2bn on 23 Apr from about $26bn on 18 Apr as users withdrew funds. The protocol's native token has also come under pressure, with AAVE down 14% over the past week to $94, according to CoinGecko. 

In a recent governance proposal aimed at easing the liquidity crunch, Circle's chief economist and head of research, Gordon Liao, said the pool had been "pinned at full utilization" for several days, adding that current rates were not high enough to attract new capital.

"Once the Kelp [and] Aave stress hit, lenders pulled liquidity, borrow rates spiked, and capped borrow rates meant that net-new lending liquidity wasn't willing to step in," Molidor told Sandmark. "That flipped the carry negative, forcing unwinds."

Contagion spreads

Elsewhere, the fallout continues to ripple through the DeFi landscape. Lido, the largest DeFi protocol by TVL, said in a post on X on Thursday that EarnETH, one of its earn vaults, which has exposure to rsETH, has paused deposits and withdrawals while the situation is resolved. 

The Lido team reassured that if EarnETH ends up suffering a loss its "first-loss protection mechanism ($3M, funded by the Lido DAO treasury) will be applied by burning the DAOs vault shares."

The Lido DAO also on 23 Apr shared a governance proposal to allocate up to 2,500 stETH as part of a coordinated relief measure. The funds are meant to help cover losses to the rsETH shortfall and lower the risk of liquidations.

Arbitrum, a layer-2 blockchain, announced on 21 Apr the freeze of about 30,766 ETH tied to the exploit, preventing the attacker from accessing roughly $72mn of the funds.

"The Arbitrum Security Council's unprecedented freeze of 30,766 ETH held by the attacker exposed a tension institutions will scrutinize: protocols marketed as ‘decentralized’ retain centralized intervention capabilities, regardless of the moral dilemma around the situation," Jake Kennis, a senior research analyst at Nansen, told Sandmark. "Expect institutions to demand stricter collateral standards, isolated-vault architectures over shared-pool models, and clearer disclosure of multisig powers, essentially distinguishing DeFi from a multisig."

Kennis also explained that the fallout is spreading unevenly. "More broadly, DeFi TVL dropped across the board as a direct side effect of the hack," he said. "The contagion hit hardest where rsETH was accepted as collateral (i.e Aave), but fear-driven withdrawals touched protocols without direct exposure as well in the form of fleeing capital and TVL stats coming down."