TLDR
- A devastating bridge exploit cost Kelp DAO $292 million on April 18 through its LayerZero-integrated infrastructure
- Attackers extracted 116,500 rsETH tokens and leveraged them on Aave v3 to obtain wrapped Ether loans
- Kelp DAO asserts LayerZero validated the single-verifier architecture that facilitated the breach
- LayerZero refutes these allegations, claiming Kelp independently modified settings from multi-DVN to a 1-of-1 structure
- The protocol is transitioning rsETH to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) infrastructure
A significant security breach struck DeFi protocol Kelp DAO on April 18, resulting in approximately $292 million in losses when malicious actors extracted 116,500 rsETH tokens through its LayerZero-integrated bridge system.
The stolen tokens were subsequently deployed as collateral within Aave v3, enabling the perpetrators to secure wrapped Ether loans. Before Kelp could freeze its smart contracts, two more fraudulent transactions exceeding $100 million were successfully executed.
LayerZero attributed the attack to North Korea’s notorious Lazarus Group. According to reports, the threat actors obtained the list of RPC nodes utilized by the LayerZero Labs DVN, successfully infiltrated two nodes, and replaced their operational software.
The attackers subsequently executed a distributed denial-of-service (DDoS) offensive against the uncompromised nodes, redirecting network traffic toward the infected infrastructure. This allowed the compromised DVN to validate fraudulent transactions that never legitimately took place.
The incident has triggered an intense public disagreement between Kelp DAO and LayerZero regarding accountability for the security weakness.
The DVN Configuration Dispute
In LayerZero’s April 19 incident analysis, the company stated the vulnerability existed because Kelp’s bridge infrastructure operated with a single decentralized verifier network (DVN) instead of multiple independent verifiers. LayerZero characterized this as a “direct contradiction” of its recommended security protocols.
Kelp DAO responded forcefully on Tuesday, publishing a detailed statement asserting that LayerZero representatives examined its configuration throughout 2.5 years across eight separate integration reviews, never identifying the single-verifier arrangement as problematic.
Kelp provided screenshots from Telegram conversations purportedly demonstrating a LayerZero team member accepting the configuration without raising concerns. CoinDesk has not independently authenticated these screenshots.
Kelp DAO further referenced Dune Analytics metrics indicating that 47% of approximately 2,665 active LayerZero contracts employed the identical 1-of-1 DVN architecture during a 90-day period concluding around April 22. These contracts collectively represented over $4.5 billion in market capitalization.
Security expert Sujith Somraaj, who previously conducted audits for LayerZero, disclosed that he had filed a bug bounty submission detailing the same attack methodology prior to the breach. According to Somraaj, LayerZero dismissed his report.
LayerZero Denies the Claims
LayerZero CEO Bryan Pellegrino responded via X, characterizing numerous aspects of Kelp’s statements as “just completely untrue.”
Pellegrino asserted that Kelp initially implemented the recommended multi-DVN default configuration before deliberately modifying it to a 1-of-1 structure. He indicated that comprehensive incident reports from independent security organizations would be released imminently.
In an official statement, a LayerZero representative emphasized that protocol defaults across nearly all pathways utilize multi-DVN configurations. Where 1-of-1 configurations appear in templates, they reference a “DeadDVN” that blocks messages and requires developers to establish proper configuration before deployment.
LayerZero has announced it will cease signing messages for any application operating a 1-of-1 configuration, a policy implemented immediately following the security incident.
Kelp DAO maintains that its internal team discovered and reported the vulnerability to LayerZero, not vice versa.
The protocol is now transitioning rsETH from LayerZero’s OFT standard to Chainlink’s Cross-Chain Token standard through its Cross-Chain Interoperability Protocol. Current documentation indicates that on at least two integrated blockchains—Dinari and Skale—the LayerZero Labs DVN continues to serve as the sole listed attestor.
