{"id":26366,"date":"2026-04-20T17:06:00","date_gmt":"2026-04-20T17:06:00","guid":{"rendered":"https:\/\/bitunikey.com\/news\/kelp-dao-blames-layerzero-defaults-for-290m-rseth-bridge-disaster\/"},"modified":"2026-04-20T17:06:10","modified_gmt":"2026-04-20T17:06:10","slug":"kelp-dao-blames-layerzero-defaults-for-290m-rseth-bridge-disaster","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/kelp-dao-blames-layerzero-defaults-for-290m-rseth-bridge-disaster\/","title":{"rendered":"Kelp DAO blames LayerZero defaults for $290m rsETH bridge disaster"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Kelp DAO says a LayerZero \u201cdefault\u201d single\u2011validator setup helped enable a $290m rsETH bridge hack, forcing a messy blame game and a rushed security migration.<\/p>\n<div id=\"cn-block-summary-block_89f89ebc436608aaf806dead073cf67b\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Kelp DAO disputes LayerZero\u2019s post\u2011mortem on the $290m rsETH bridge hack, saying a risky 1\/1 validator setup was LayerZero\u2019s own default<\/li>\n<li>The exploit drained 116,500 rsETH, around $290\u2013$293m and roughly 18% of rsETH\u2019s supply, in what analysts call 2026\u2019s largest DeFi loss so far<\/li>\n<li>LayerZero now says it will stop signing messages for any app using a single\u2011validator DVN and force a migration to multi\u2011verifier security<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Kelp DAO has <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.coindesk.com\/tech\/2026\/04\/20\/kelp-dao-claims-layerzero-s-default-settings-are-what-actually-caused-the-usd290-million-disaster\" target=\"_blank\" rel=\"nofollow\">pushed back <\/a>against LayerZero\u2019s official explanation of a $290 million bridge exploit, arguing that the \u201csingle\u2011validator\u201d setup that let an attacker walk off with 116,500 rsETH was not reckless customization but a default configuration in LayerZero\u2019s own guidelines.<\/p>\n<p>The liquidity re\u2011staking protocol told CoinDesk the 1\u2011of\u20111 Decentralized Verifier Network (DVN) used on its rsETH cross\u2011chain route \u201cfollowed LayerZero\u2019s documented defaults\u201d and that the validator stack compromised by the attacker \u201cis part of LayerZero\u2019s own infrastructure,\u201d rather than an unvetted third party.<\/p>\n<p>The attack, which hit on April 18, minted or released 116,500 rsETH to an attacker\u2011controlled address \u2014 about 18% of the token\u2019s supply \u2014 and translated into losses of roughly $290\u2013$293 million at the time, making it the largest DeFi exploit of 2026 so far.<\/p>\n<h1 class=\"wp-block-heading\" id=\"singlevalidator-blame-game-after-rseth-exploit\">Single\u2011validator blame game after rsETH exploit<\/h1>\n<p>In its investigation report and follow\u2011up statements, LayerZero has insisted that \u201cLayerZero\u2019s protocol was not broken,\u201d arguing instead that Kelp DAO \u201cdeployed a single\u2011point\u2011of\u2011failure DVN in production\u201d for a token with more than $1 billion in total value locked.<\/p>\n<p>The interoperability firm said \u201coperating a single\u2011point\u2011of\u2011failure configuration meant there was no independent verifier to catch and reject a forged message\u201d and claimed it had previously communicated \u201cbest practices around DVN diversification\u201d to Kelp DAO and other partners.<\/p>\n<p>Security researchers and auditors, including SlowMist co\u2011founder Yu Xian, have confirmed that the rsETH bridge route used a 1\/1 DVN \u2014 effectively a single signature \u2014 rather than a 2\/2 or multi\u2011DVN stack, calling it a \u201csingle\u2011signature single point\u201d vulnerability that may have been aided by social engineering.<\/p>\n<p>A detailed post\u2011mortem from DeFi tracking site DeFiPrime notes that LayerZero\u2019s OApp model lets applications choose how many DVNs must sign off on a message, with 2\u2011of\u20113 or 3\u2011of\u20115 configurations commonly recommended for high\u2011value deployments, but says Kelp\u2019s adapter \u201cwas configured to accept the attestation of a single verifier\u201d run by LayerZero Labs.<a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/defiprime.com\/kelpdao-rseth-exploit\"><\/a><\/p>\n<p>That design meant \u201cone forged signature was enough to make any cross\u2011chain message look real,\u201d allowing the attacker to feed the bridge a fake instruction that mimicked a valid message from another chain and triggered the release of 116,500 rsETH \u201cout of thin air\u201d to their wallet.<\/p>\n<p>Kelp DAO\u2019s team counters that they implemented LayerZero\u2019s own public code and defaults across multiple networks and that the DVN exploited \u201cwas operated by LayerZero itself,\u201d implying that responsibility sits at least partly with the infrastructure provider rather than solely with the application.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>LayerZero has now taken the unusual step of promising it \u201cwill stop signing messages for any applications using a single\u2011validator setup\u201d and is forcing a \u201csecurity migration\u201d that will require all OApps to move to multi\u2011DVN architectures if they want to keep using the protocol.<\/p>\n<p>The fallout goes well beyond one re\u2011staking token.<\/p>\n<p>As crypto.news reported in an earlier story on the rsETH exploit and LayerZero\u2019s attribution of the attack to North Korea\u2019s Lazarus Group, the incident has reignited a broader debate over bridge design, default configurations and who ultimately bears responsibility when modular cross\u2011chain infrastructure goes wrong.<\/p>\n<p>Related crypto.news stories you can link in copy include coverage of the Kelp DAO\u2013LayerZero exploit and Lazarus attribution, analysis of earlier cross\u2011chain bridge hacks, and reporting on how re\u2011staking and liquid\u2011staking protocols concentrate smart\u2011contract risk across multiple chains.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Kelp DAO says a LayerZero \u201cdefault\u201d single\u2011validator setup helped enable a $290m rsETH bridge hack, forcing a messy blame game and a rushed security migration. Summary Kelp DAO disputes LayerZero\u2019s&hellip;<\/p>\n","protected":false},"author":1,"featured_media":10096,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-26366","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=26366"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26366\/revisions"}],"predecessor-version":[{"id":26367,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26366\/revisions\/26367"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/10096"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=26366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=26366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=26366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}