No Result
View All Result
Global Finances Daily
  • Alternative Investments
  • Crypto
  • Financial Markets
  • Investments
  • Lifestyle
  • Protection
  • Retirement
  • Savings
  • Work & Careers
No Result
View All Result
  • Alternative Investments
  • Crypto
  • Financial Markets
  • Investments
  • Lifestyle
  • Protection
  • Retirement
  • Savings
  • Work & Careers
  • Login
Global Finances Daily
No Result
View All Result
Home Crypto

Kelp DAO blames LayerZero defaults for $290m rsETH bridge disaster

April 20, 2026
in Crypto
0
Sui-based Nemo Protocol exploited for $2.4m



Kelp DAO says a LayerZero “default” single‑validator setup helped enable a $290m rsETH bridge hack, forcing a messy blame game and a rushed security migration.

Summary

  • Kelp DAO disputes LayerZero’s post‑mortem on the $290m rsETH bridge hack, saying a risky 1/1 validator setup was LayerZero’s own default
  • The exploit drained 116,500 rsETH, around $290–$293m and roughly 18% of rsETH’s supply, in what analysts call 2026’s largest DeFi loss so far
  • LayerZero now says it will stop signing messages for any app using a single‑validator DVN and force a migration to multi‑verifier security

Kelp DAO has pushed back against LayerZero’s official explanation of a $290 million bridge exploit, arguing that the “single‑validator” setup that let an attacker walk off with 116,500 rsETH was not reckless customization but a default configuration in LayerZero’s own guidelines.

The liquidity re‑staking protocol told CoinDesk the 1‑of‑1 Decentralized Verifier Network (DVN) used on its rsETH cross‑chain route “followed LayerZero’s documented defaults” and that the validator stack compromised by the attacker “is part of LayerZero’s own infrastructure,” rather than an unvetted third party.

The attack, which hit on April 18, minted or released 116,500 rsETH to an attacker‑controlled address — about 18% of the token’s supply — and translated into losses of roughly $290–$293 million at the time, making it the largest DeFi exploit of 2026 so far.

In its investigation report and follow‑up statements, LayerZero has insisted that “LayerZero’s protocol was not broken,” arguing instead that Kelp DAO “deployed a single‑point‑of‑failure DVN in production” for a token with more than $1 billion in total value locked.

The interoperability firm said “operating a single‑point‑of‑failure configuration meant there was no independent verifier to catch and reject a forged message” and claimed it had previously communicated “best practices around DVN diversification” to Kelp DAO and other partners.

Security researchers and auditors, including SlowMist co‑founder Yu Xian, have confirmed that the rsETH bridge route used a 1/1 DVN — effectively a single signature — rather than a 2/2 or multi‑DVN stack, calling it a “single‑signature single point” vulnerability that may have been aided by social engineering.

A detailed post‑mortem from DeFi tracking site DeFiPrime notes that LayerZero’s OApp model lets applications choose how many DVNs must sign off on a message, with 2‑of‑3 or 3‑of‑5 configurations commonly recommended for high‑value deployments, but says Kelp’s adapter “was configured to accept the attestation of a single verifier” run by LayerZero Labs.

That design meant “one forged signature was enough to make any cross‑chain message look real,” allowing the attacker to feed the bridge a fake instruction that mimicked a valid message from another chain and triggered the release of 116,500 rsETH “out of thin air” to their wallet.

Kelp DAO’s team counters that they implemented LayerZero’s own public code and defaults across multiple networks and that the DVN exploited “was operated by LayerZero itself,” implying that responsibility sits at least partly with the infrastructure provider rather than solely with the application.

LayerZero has now taken the unusual step of promising it “will stop signing messages for any applications using a single‑validator setup” and is forcing a “security migration” that will require all OApps to move to multi‑DVN architectures if they want to keep using the protocol.

The fallout goes well beyond one re‑staking token.

As crypto.news reported in an earlier story on the rsETH exploit and LayerZero’s attribution of the attack to North Korea’s Lazarus Group, the incident has reignited a broader debate over bridge design, default configurations and who ultimately bears responsibility when modular cross‑chain infrastructure goes wrong.

Related crypto.news stories you can link in copy include coverage of the Kelp DAO–LayerZero exploit and Lazarus attribution, analysis of earlier cross‑chain bridge hacks, and reporting on how re‑staking and liquid‑staking protocols concentrate smart‑contract risk across multiple chains.

Editorial Team

Editorial Team

Related Posts

Cointelegraph
Crypto

New Hampshire Council Votes Down $100M Bitcoin Bonds

July 10, 2026
Trump refuses housing bill as CBDC ban moves toward becoming law - 1
Crypto

Trump refuses housing bill as CBDC ban moves toward becoming law

July 10, 2026
Cointelegraph
Crypto

Backpack Expands Tokenized Equities with 24/7 Trading

July 10, 2026
CFTC approves first Bitcoin Perpetual Futures on regulated U.S. exchange
Crypto

Standard Chartered backs Bitcoin despite Strategy selloff fears

July 10, 2026
Cointelegraph
Crypto

Bitcoin Whales Due Credit for $64,000 BTC Price Rebound, Says CryptoQuant

July 10, 2026
Robinhood wins bigger Wall Street bets as $135 price target emerges - 1
Crypto

Robinhood stock slides even as Morgan Stanley lifts target to $124

July 10, 2026
Load More
Next Post
Kevin Warsh’s testimony to Congress is out early. He wants the Fed to ‘stay in its lane.’

Kevin Warsh’s testimony to Congress is out early. He wants the Fed to ‘stay in its lane.’

Popular News

  • Where to get high yield on stablecoins in 2025: Top 5 projects

    Where to get high yield on stablecoins in 2025: Top 5 projects

    0 shares
    Share 0 Tweet 0
  • Virtuals Moves Tokens to CCIP as KelpDAO Hack

    0 shares
    Share 0 Tweet 0
  • I Tested United’s New Starlink Wi-Fi. Here’s My Honest Review.

    0 shares
    Share 0 Tweet 0
  • Dubai Airports Resume Limited Service After 48 Hours of Total Shutdown

    0 shares
    Share 0 Tweet 0
  • If the stock market’s double bubble bursts, it could usher in the next crash

    0 shares
    Share 0 Tweet 0

Latest News

SK Hynix shares jump in marquee US debut as AI euphoria persists

SK Hynix shares jump in marquee US debut as AI euphoria persists

July 10, 2026
0

SK Hynix shares jump in marquee US debut as AI euphoria persists

Trump Accounts for foster children: What to know

Trump Accounts for foster children: What to know

July 10, 2026
0

Catherine Delahaye | Stone | Getty ImagesTrump Accounts could provide kids in the foster care system with a more secure...

Cointelegraph

New Hampshire Council Votes Down $100M Bitcoin Bonds

July 10, 2026
0

Policymakers in New Hampshire’s executive council voted against a proposal that would have allowed the state to issue $100 million...

13 Hotels in Cape Town That Are as Bold and Beachy as the City Itself

13 Hotels in Cape Town That Are as Bold and Beachy as the City Itself

July 10, 2026
0

Morea House’s contemporary, angular facade faces right out onto the beach from where the lively V&A Waterfront is a 20-minute...

Global Finances Daily

Welcome to Global Finances Daily, your go-to source for all things finance. Our mission is to provide our readers with valuable information and insights to help them achieve their financial goals and secure their financial future.

Subscribe

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Use
  • Editorial Process

© 2025 All Rights Reserved - Global Finances Daily.

No Result
View All Result
  • Alternative Investments
  • Crypto
  • Financial Markets
  • Investments
  • Lifestyle
  • Protection
  • Retirement
  • Savings
  • Work & Careers

© 2025 All Rights Reserved - Global Finances Daily.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.