Kelp DAO says a LayerZero “default” single‑validator setup helped enable a $290m rsETH bridge hack, forcing a messy blame game and a rushed security migration.

Kelp DAO has pushed back against LayerZero’s official explanation of a $290 million bridge exploit, arguing that the “single‑validator” setup that let an attacker walk off with 116,500 rsETH was not reckless customization but a default configuration in LayerZero’s own guidelines.

The liquidity re‑staking protocol told CoinDesk the 1‑of‑1 Decentralized Verifier Network (DVN) used on its rsETH cross‑chain route “followed LayerZero’s documented defaults” and that the validator stack compromised by the attacker “is part of LayerZero’s own infrastructure,” rather than an unvetted third party.

The attack, which hit on April 18, minted or released 116,500 rsETH to an attacker‑controlled address — about 18% of the token’s supply — and translated into losses of roughly $290–$293 million at the time, making it the largest DeFi exploit of 2026 so far.

Single‑validator blame game after rsETH exploit

In its investigation report and follow‑up statements, LayerZero has insisted that “LayerZero’s protocol was not broken,” arguing instead that Kelp DAO “deployed a single‑point‑of‑failure DVN in production” for a token with more than $1 billion in total value locked.

The interoperability firm said “operating a single‑point‑of‑failure configuration meant there was no independent verifier to catch and reject a forged message” and claimed it had previously communicated “best practices around DVN diversification” to Kelp DAO and other partners.

Security researchers and auditors, including SlowMist co‑founder Yu Xian, have confirmed that the rsETH bridge route used a 1/1 DVN — effectively a single signature — rather than a 2/2 or multi‑DVN stack, calling it a “single‑signature single point” vulnerability that may have been aided by social engineering.

A detailed post‑mortem from DeFi tracking site DeFiPrime notes that LayerZero’s OApp model lets applications choose how many DVNs must sign off on a message, with 2‑of‑3 or 3‑of‑5 configurations commonly recommended for high‑value deployments, but says Kelp’s adapter “was configured to accept the attestation of a single verifier” run by LayerZero Labs.

That design meant “one forged signature was enough to make any cross‑chain message look real,” allowing the attacker to feed the bridge a fake instruction that mimicked a valid message from another chain and triggered the release of 116,500 rsETH “out of thin air” to their wallet.

Kelp DAO’s team counters that they implemented LayerZero’s own public code and defaults across multiple networks and that the DVN exploited “was operated by LayerZero itself,” implying that responsibility sits at least partly with the infrastructure provider rather than solely with the application.

LayerZero has now taken the unusual step of promising it “will stop signing messages for any applications using a single‑validator setup” and is forcing a “security migration” that will require all OApps to move to multi‑DVN architectures if they want to keep using the protocol.

The fallout goes well beyond one re‑staking token.

As crypto.news reported in an earlier story on the rsETH exploit and LayerZero’s attribution of the attack to North Korea’s Lazarus Group, the incident has reignited a broader debate over bridge design, default configurations and who ultimately bears responsibility when modular cross‑chain infrastructure goes wrong.

Related crypto.news stories you can link in copy include coverage of the Kelp DAO–LayerZero exploit and Lazarus attribution, analysis of earlier cross‑chain bridge hacks, and reporting on how re‑staking and liquid‑staking protocols concentrate smart‑contract risk across multiple chains.