The popular Spiderman meme showing three identical superheroes pointing fingers at each other is now having its crypto moment.
Kelp DAO is set to push back on LayerZero’s post-mortem on Sunday’s $290 million exploit, which essentially blames Kelp, an L2 source familiar with the matter told CoinDesk. Kelp plans to challenge the cross-chain messaging company’s claim that it ignored repeated warnings to move away from a single-verifier setup. CoinDesk has reviewed and verified the company’s discussions.
Kelp is a liquid takeover protocol that takes user-deposited ether, routes it through a yield-generating system called EigenLayer, and issues a receipt token, rsETH, in exchange.
LayerZero is the cross-chain messaging infrastructure that moves rsETH between blockchains, using entities called DVNs (decentralized verification networks) to verify whether a cross-chain transfer is valid.
On Saturday, attackers drained 116,500 rsETH, worth approximately $290 million, from Kelp’s LayerZero-powered bridge by poisoning the servers that LayerZero’s verifier relied on to verify transactions.
Kelp, the source said, plans to say that the DVN that was compromised via what he calls a “sophisticated state-sponsored attack” was LayerZero’s own infrastructure, not a third-party verifier.
The attackers compromised two of LayerZero’s own servers that check whether cross-chain transactions are legitimate, then flooded the backup servers with unwanted traffic to force LayerZero’s checker to visit the compromised ones.
All of this infrastructure was built and managed by LayerZero, not Kelp, the source claimed.
The source took issue with LayerZero’s definition of the “1/1 configuration” as a marginal choice made against all direction. The LayerZero post-mortem stated that KelpDAO chose a 1-of-1 DVN configuration despite recommendations expressed to configure multi-DVN redundancy.
A “1/1 configuration” means that only one validator must sign a cross-chain message for the bridge to act on it, leaving the system without a second check to detect a compromised or tampered instruction. A multi-validator configuration (such as 2/3, 3/5, etc.) ensures that there is no single point of failure capable of single-handedly approving a false message.
They added that, through a direct communication channel with LayerZero, open since July 2024, they did not make any specific recommendations for Kelp to change the rsETH DVN configuration.
LayerZero’s own quickstart guide and GitHub’s default configuration point to a DVN 1/1 configuration, the source told CoinDesk, adding that 40% of protocols on LayerZero currently use the same configuration.
The configuration run by Kelp also appears in the LayerZero OApp V2 quickstart, where the layerzero.config.ts example connects each lane with a required DVN and no optional DVN. It’s the same 1/1 structure.
Kelp’s main restoration contracts were not affected and the exploit was isolated to the bridge layer, they added. Its emergency pause, 46 minutes after the drain, blocked two follow-up attempts that would have freed approximately $200 million more in rsETH.
CoinDesk reached out to LayerZero for comment on the story and did not hear back at the time of publication.
“Deflecting responsibility”
Security researchers also don’t buy LayerZero’s isolated framing, which places blame on Kelp.
Kelp is a liquid restoration protocol. Its core competency is staking infrastructure, EigenLayer integration and liquid staking token management. When integrating with LayerZero, Kelp relied on LayerZero’s documentation, its defaults and advice from its team to make configuration decisions, the source claimed.
Yearn Finance core team developer Artem K, better known as @banteg on
This deployment also leaves exposed a public endpoint that leaks the list of configured servers to anyone who queries it.
Banteg reported in his analysis that he cannot prove what configuration Kelp used, but noted that LayerZero typically requires new operators to use its default configuration, something his postmortem criticized.
Chainlink Community Manager Zach Rynes put it bluntly on
As such, LayerZero said it would no longer sign messages for applications running a single-verifier setup, forcing a protocol-wide migration.
Read more: ‘DeFi is dead’: Crypto community scrambles after biggest hack this year reveals risk of contagion
