In a striking turn of events reminiscent of the popular Spiderman meme where three superheroes point fingers at one another, Kelp DAO is set to counter LayerZero’s analysis of last Sunday’s $290 million exploit. A source familiar with the matter told CoinDesk that Kelp plans to refute claims made by the cross-chain messaging firm, which essentially blames Kelp for ignoring warnings about its verifier setup. CoinDesk has reviewed and verified a memo from Kelp intended for publication.
Kelp DAO operates as a liquid restaking protocol. It processes user-deposited ether through EigenLayer’s yield-generating system and issues receipt tokens, rsETH, in exchange. LayerZero facilitates the transfer of rsETH across blockchains using entities known as DVNs (decentralized verifier networks) to verify cross-chain transactions.
On Saturday, attackers siphoned 116,500 rsETH—valued at approximately $290 million—from Kelp’s LayerZero-powered bridge by targeting and poisoning the servers relied upon by LayerZero’s verifier. According to a source, Kelp intends to argue that the compromised DVN was part of LayerZero’s own infrastructure, not an external verifier.
The attackers managed to corrupt two of LayerZero’s verification servers and overwhelmed backup servers with false data, forcing the verifier to depend on the compromised servers. This compromised setup was built and maintained by LayerZero, as per the source.
Contrary to LayerZero’s depiction of its ‘1/1 configuration’ as an outlier choice made against recommendations, a 1/1 configuration requires only one validator to authorize cross-chain messages for execution. The Kelp source emphasized that no specific guidance from LayerZero was provided via their direct communication channel since July 2024.
LayerZero’s quickstart guide and default GitHub configurations suggest the same 1/1 DVN setup, which is currently in use by around 40% of protocols on the platform. This configuration also appears in LayerZero’s V2 OApp Quickstart with each pathway requiring one mandatory DVN without optional alternatives.
Kelp’s core restaking contracts remained unaffected; the exploit was confined to the bridge layer. An emergency pause activated 46 minutes after the drain thwarted two additional attempts, potentially releasing another ~$200 million in rsETH.
CoinDesk reached out to LayerZero for comments but received no response by publication time.
Security experts are skeptical of LayerZero’s narrow assignment of blame solely on Kelp. Kelp’s integration with LayerZero relied heavily on the latter’s documentation and default settings, as stated by a source. Artem K, also known as @banteg, from Yearn Finance, posted an analysis stating that LayerZero’s setup defaults to single-source verification across major chains like Ethereum and BSC.
Banteg noted in his review that he couldn’t confirm Kelp’s exact configuration but mentioned LayerZero typically advises new operators to adopt its default setup, which it later criticized. Chainlink’s Zach Rynes suggested on X that LayerZero was ‘deflecting responsibility’ for its own compromised infrastructure and accused the firm of scapegoating Kelp for adopting a supported setup.
In response, LayerZero declared it will no longer endorse messages from applications using a single-verifier configuration, necessitating a protocol-wide migration.