LayerZero Admits Fault in Single-Verifier Setup After Kelp DAO Exploit

LayerZero issued a public apology for its handling of the fallout from the April 18 exploit that drained roughly $292 million in rsETH from Kelp DAO’s cross-chain bridge. The apology marks a significant tonal shift from LayerZero’s earlier post-mortem, which characterized the protocol as having “functioned exactly as intended.”

Apology and Admission of Fault

LayerZero acknowledged a critical operational failure in a blog post published Friday: “We’ve done a terrible job on comms over the past three weeks. We wanted to prioritize completeness in the form of a comprehensive post-mortem, but we should have led with directness.”

Most notably, the protocol conceded that it should not have allowed its Decentralized Verifier Network (DVN) to serve as the sole verifier for high-value transactions. “We believe developers should choose their own security configurations, but we made a mistake by allowing our DVN to act as a 1/1 DVN for high-value transactions,” the company wrote. “We didn’t police what our DVN was securing, which created a risk we simply didn’t see.”

This represents a significant reversal from LayerZero’s initial incident statement, which placed blame squarely on Kelp DAO’s configuration choices, describing the 1-of-1 DVN setup as a decision Kelp made against guidance.

Technical Details of the Exploit

LayerZero said its internal RPC nodes, which the DVN relied on to read source-chain state, were compromised by North Korea’s Lazarus Group. The attackers poisoned those nodes’ data feeds while simultaneously launching a DDoS attack against LayerZero’s external RPC providers, forcing the DVN to fall back to compromised infrastructure and sign off on transactions that never actually occurred. LayerZero had earlier attributed the attack to the Lazarus subgroup known as TraderTraitor.

Kelp DAO’s Dispute and Industry Context

Kelp DAO publicly disputed LayerZero’s initial blame, pointing to LayerZero’s own documentation, quickstart guides, and developer examples as evidence that the single-verifier setup was the platform’s default onboarding recommendation. A Dune analysis cited by Kelp found that 47% of approximately 2,665 active LayerZero OApp contracts were running the same configuration at the time of the attack.

LayerZero acknowledged the scope was limited: the exploit affected a single application, representing roughly 0.14% of total applications on the network and about 0.36% of the value of assets using LayerZero. More than $9 billion has moved across the protocol since April 19.

Multisig Signer Security Incident

LayerZero disclosed a previously unreported operational security incident. Roughly three and a half years ago, one of LayerZero’s multisig signers used their production hardware wallet to execute a personal trade, intending to use a separate personal device. LayerZero said the signer was removed from the multisig, wallets were rotated, and the company has since added anomaly detection software to each signing device.

This disclosure arrives amid separate, ongoing scrutiny over the operational security of LayerZero’s multisig signers. Onchain researchers and security figures, including Chainlink community liaison Zach Rynes, flagged evidence that production multisig keys were used for unrelated DEX activity, including what appeared to be a swap for the memecoin McPepes on Uniswap. LayerZero CEO Bryan Pellegrino said the transactions were OFT testing by former signers who have since been removed.

Planned Infrastructure and Security Changes

LayerZero outlined several changes implemented since the exploit:

• The LayerZero Labs DVN no longer services 1/1 DVN configurations
• Default settings on all pathways are being migrated to require at least five verifiers where possible, with a floor of three on chains where only three DVNs are available
• A second DVN client written in Rust is being built for client diversity
• RPC setup has been reconfigured to allow more granular quorum controls across internal and external node providers

On the infrastructure side, LayerZero plans to raise its own multisig threshold from 3-of-5 to 7-of-10 using OneSig, an open-source multisig tool the company introduced last year. OneSig allows signers to download transactions and hash them locally before signing, preventing the backend from inserting unauthorized transactions. LayerZero is also building a platform called Console for asset issuers to configure and monitor security settings, with built-in anomaly detection for flagging risky configurations.

Protocol Migrations and Competitive Pressure

The apology comes at a difficult moment for LayerZero. Two major protocols have migrated their cross-chain infrastructure to Chainlink’s CCIP in the weeks since the exploit. Kelp DAO announced its departure earlier this week, becoming the first major protocol to leave LayerZero since the hack. Solv Protocol followed, announcing it would move more than $700 million in tokenized bitcoin off LayerZero, citing security concerns.

Recovery Efforts

Meanwhile, the DeFi United recovery initiative formed in the wake of the exploit has raised more than $300 million in ETH and stablecoins. LayerZero contributed 10,000 ETH, split between a 5,000 ETH donation and a 5,000 ETH loan to Aave, which faces an estimated $124 million to $230 million in bad debt from the incident. The Arbitrum DAO voted to release 30,766 frozen ETH to the recovery effort, and a judge allowed the transfer to continue despite a restraining notice from North Korea terrorism victims and creditors.

LayerZero said an official post-mortem will follow once its external security partners conclude their work.