TLDR
- Kelp DAO lost $292 million in an April 18 hack via its LayerZero-powered bridge
- Hackers stole 116,500 rsETH tokens and used them as collateral on Aave v3 to borrow wrapped Ether
- Kelp claims LayerZero approved the single-verifier setup that enabled the exploit
- LayerZero denies this, saying Kelp manually downgraded from a multi-DVN to a 1-of-1 configuration
- Kelp is now migrating rsETH to Chainlink’s Cross-Chain Interoperability Protocol (CCIP)
On April 18, DeFi protocol Kelp DAO lost roughly $292 million when hackers drained 116,500 rsETH tokens from its LayerZero-powered bridge.
After the recent LayerZero exploit, we are taking steps to ensure rsETH is fully secure, which is why we are migrating to @chainlink CCIP.
From the April 18 incident, it is clear that LayerZero's own infrastructure was exploited, resulting in $300M in losses across DeFi.… https://t.co/beIrfZZLlh
— Kelp (@KelpDAO) May 5, 2026
The attackers then used those tokens as collateral on Aave v3 to borrow wrapped Ether. Two additional forged transactions, totaling more than $100 million, were processed before Kelp paused its contracts.
LayerZero linked the attackers to North Korea’s Lazarus Group. The hackers reportedly accessed the list of RPC nodes used by the LayerZero Labs DVN, compromised two of them, and swapped out the software running on them.
They then launched a DDoS attack against the remaining clean nodes, forcing traffic to the poisoned ones. The compromised DVN then confirmed transactions that had never actually occurred.
The hack has since sparked a public dispute between Kelp DAO and LayerZero over who is responsible for the vulnerability.
The DVN Configuration Dispute
LayerZero’s April 19 postmortem said the exploit happened because Kelp’s bridge used a single decentralized verifier network, or DVN, rather than multiple independent ones. LayerZero said this “directly contradicts” its recommended setup.
Kelp pushed back on Tuesday. The protocol released a memo saying LayerZero personnel reviewed its configuration across 2.5 years and eight integration discussions, and never flagged the single-verifier setup as a security risk.
Kelp included screenshots of Telegram messages it says show a LayerZero team member acknowledging the setup without objection. CoinDesk could not independently verify the screenshots.
Kelp also cited Dune Analytics data showing 47% of roughly 2,665 active LayerZero contracts used the same 1-of-1 DVN setup over a 90-day window ending around April 22. That pool of contracts held more than $4.5 billion in associated market value.
A security researcher named Sujith Somraaj, a prior LayerZero auditor, said he had submitted a bug bounty report describing the same attack pattern before the hack. He said LayerZero rejected it.
LayerZero Denies the Claims
LayerZero CEO Bryan Pellegrino said on X that many of Kelp’s claims were “just completely untrue.”
He said Kelp originally used the recommended multi-DVN default and later manually changed it to a 1-of-1 configuration. He added that a full postmortem from external security firms would be published soon.
In a written statement, a LayerZero spokesperson said protocol defaults across almost all pathways are multi-DVN. The spokesperson said where a 1-of-1 appears in templates, it points to a “DeadDVN” that rejects messages and prompts developers to configure properly before going live.
LayerZero also announced it would no longer sign messages for any application running a 1-of-1 configuration, a policy that took effect after the hack.
Kelp says it was its own team that flagged the exploit to LayerZero, not the other way around.
Kelp is now moving rsETH from LayerZero’s OFT standard to Chainlink’s Cross-Chain Token standard via its Cross-Chain Interoperability Protocol. On at least two integrated chains, Dinari and Skale, the LayerZero Labs DVN remains the only listed attestor, according to current documentation.
