•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Kelp DAO has pushed back against LayerZero’s explanation of the massive rsETH bridge exploit, arguing that the interoperability protocol approved the exact verifier configuration later blamed for the $292 million loss.
In a newly released memo titled “Setting the Record Straight Around the LayerZero Bridge Hack,” Kelp said LayerZero personnel reviewed its setup for more than two years without warning that a single-verifier configuration posed a major security threat.
Kelp’s memo states the protocol relied on a 1-of-1 DVN structure using LayerZero Labs as the only verifier. Kelp alleges attackers exploited this arrangement to drain 116,500 rsETH.
The dispute conflicts with LayerZero’s earlier postmortem, in which the company argued that Kelp’s bridge architecture did not follow recommended multi-DVN security practices.
Kelp counters that screenshots from Telegram discussions show LayerZero team members were aware of the setup and did not raise objections during integration conversations. CoinDesk has not independently verified the screenshots.
Kelp also criticized LayerZero’s developer documentation and GitHub examples, saying they encouraged builders to adopt simplified verifier configurations.
The memo further notes that the protocol referenced LayerZero’s bug bounty rules, which classify verifier-network setups as application-level decisions rather than vulnerabilities within the LayerZero protocol itself.
Security researcher Sujith Somraaj added to the controversy after revealing he previously submitted a bug bounty report describing a similar attack scenario.
Somraaj said the report was rejected because the issue required all DVNs to fail simultaneously.
Following the exploit, Kelp announced plans to migrate rsETH infrastructure from LayerZero to Chainlink’s Cross-Chain Interoperability Protocol (CCIP).
LayerZero, meanwhile, said the attackers were likely linked to North Korea’s Lazarus Group. LayerZero alleged the group compromised RPC nodes used by the LayerZero Labs DVN before launching a coordinated DDoS attack.
The incident has intensified debate across the crypto industry over cross-chain bridge security and verifier decentralization.
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
