LayerZero Admits $292M Kelp Exploit Was Its Fault as Chainlink Gains $2B in TVL

LayerZero has issued a public apology admitting its own infrastructure misconfiguration enabled the $292 million Kelp DAO exploit on April 18, reversing weeks of statements that blamed the victim protocol. The confession, published Friday in a blog post cross-posted to X, came three weeks after the attack drained rsETH from Kelp DAO’s cross-chain bridge. The delay alone tells a story about how seriously the team treated its own accountability.

What LayerZero Admitted and Why It Matters

The core admission is this: LayerZero allowed its own Decentralized Verifier Network to operate as a 1/1 DVN for high-value transactions, creating a single point of failure. “We made a mistake by allowing our DVN to act as a 1/1 DVN for high-value transactions,” the company wrote. “We didn’t police what our DVN was securing, which created a risk we simply didn’t see. We own that.” That is a structurally meaningful concession from a protocol that had previously framed the entire incident as an application-level developer error by Kelp DAO, as covered in our earlier reporting on the Kelp-LayerZero blame game escalation.

LayerZero also disclosed that North Korea’s Lazarus Group compromised its internal RPC nodes while simultaneously launching DDoS attacks against external RPC providers, forcing the verifier system onto poisoned infrastructure. A separate, previously unreported incident surfaced as well: a multisig signer used their production hardware wallet to execute a personal trade roughly three and a half years ago. The signer was removed, wallets were rotated, and anomaly detection software was added. A Dune analysis cited by Kelp DAO found that 47% of approximately 2,665 active LayerZero OApp contracts were using the same vulnerable 1/1 configuration at the time of the exploit, a detail that reframes the incident as a systemic defaults problem rather than one developer’s isolated choice.

In response, LayerZero says its Labs DVN will no longer support 1/1 configurations. Defaults across all pathways are being migrated to 5/5 verifiers where possible, with a minimum of 3/3 on smaller chains. The protocol is also building a second DVN client in Rust to improve client diversity and reworking its RPC architecture for more granular quorum controls. These are credible technical commitments, but commitments made after $292 million is gone carry a different weight than proactive defaults would have.

Market OverviewTop 10 by market cap

1Bitcoin BTC$60,170.00▲0.44%

2Ethereum ETH$1,574.26▲0.00%

3Tether USDT$0.9986▲0.00%

4BNB BNB$557.37▼1.45%

5USDC USDC$0.9998▼0.00%

6XRP XRP$1.05▼0.13%

7Solana SOL$70.73▼1.04%

8TRON TRX$0.3217▲0.51%

9Figure Heloc FIGR_HELOC$1.04▲1.52%

10Hyperliquid HYPE$61.76▼2.67%

Prices via CoinGecko · Updated 3 min ago

Chainlink CCIP Absorbs $2B in Protocol Migrations

The market response has been immediate and measurable. On-chain analyst Tom Wan flagged on X that three protocols have already announced migrations to Chainlink’s Cross-Chain Interoperability Protocol: Kelp DAO with $1.5 billion in TVL, Solv Protocol with $600 million, and re with $200 million, totalling approximately $2 billion in assets seeking a more defensible bridge infrastructure, as Kelp DAO confirmed when it announced the move. Chainlink’s LINK token was trading at $10.45 at time of publication, down 0.07% over 24 hours, reflecting a market that is digesting the structural shift rather than reacting emotionally to it.

LayerZero retains meaningful positions: Ethena’s USDe and sUSDe, Etherfi’s weETH, Tether’s USDT0, and Bitgo’s WBTC all remain on the protocol for now. That retention matters and should not be dismissed, but it does not neutralise the reputational cost of three weeks of deflection followed by a forced apology. CoinDesk noted that LayerZero maintained its underlying protocol was not compromised, a distinction the team will lean on heavily as it rebuilds. Whether that distinction holds credibility with protocol teams managing billions in user funds is the real test ahead: infrastructure trust, once broken at this scale, requires more than corrected defaults to restore it. The changes LayerZero announced are the right ones. They simply should have been the defaults from day one.