The $292 million exploit linked to KelpDAO is the latest in a long line of crypto bridge hacks, highlighting how systems designed to connect blockchains have become one of the easiest ways to break them.
The incident involved KelpDAO’s use of LayerZero’s cross-chain messaging system, a type of infrastructure widely used to move data and assets between blockchains.
Bridges are intended to allow users to move assets from one blockchain to another, such as from Ethereum to another network. But instead of serving as seamless connectors, they have repeatedly turned into weak points, draining billions of dollars in recent years.
So why does this continue to happen?
Crypto ecosystem leaders say the answer isn’t just bad code or careless mistakes. The problem is more fundamental; It all depends on how the bridges are built in the first place.
The heart of the problem: trusting intermediaries
To understand the problem, it helps to look at what a bridge actually does.
If you move tokens from one blockchain to another, the second chain needs proof that your tokens existed and were locked on the first. In an ideal world, he would check it himself. In reality, this is too expensive and complex.
“Most bridges don’t fully verify what happened on another chain,” said Ben Fisch, CEO of Espresso Systems. “Instead, they rely on a smaller system to report it. [second] the system becomes the thing you trust.
So instead of verifying the truth independently, bridges outsource it, often to small groups of validators or to external networks like LayerZero or Axelar. This shortcut creates risks. In the Kelp DAO exploit, attackers targeted the data powering the bridge.
“The attackers compromised the nodes and gave the system a false version of reality,” Fisch said. “The bridge worked as expected. It just believed bad information.”
Deck hacks often look different on the surface. Some involve stolen keys, others involve faulty smart contracts. But experts say these are symptoms of a deeper problem. The real problem lies in the way the systems are designed.
“Anything that can go wrong will go wrong, and bridge hacks are a perfect example of that,” said Sergej Kunz, co-founder of 1inch. “You see code vulnerabilities, centralization issues, social engineering and even economic attacks. Usually it’s a mix.”
How Bridges Work
To users, bridges seem simple. You click a button and move assets from one blockchain to another. Behind the scenes, the process is more complicated.
First, your tokens are locked to the original blockchain. Then, a separate system confirms that the tokens are locked. This system usually consists of a small group of operators or validators. These operators then send a message to the second blockchain that the tokens have been locked so that new ones can be issued. If this message is accepted, the second chain creates a new version of your tokens. These are wrapped tokens, like rsETH or WBTC.
The problem is that this process depends on trusting the person sending this message. If attackers compromise this system, they can send a fake message and create tokens that were never saved on the original chain.
“The worst case is when the system doesn’t really check anything,” Fisch said. “It’s just about trusting someone else’s version of events.”
When failure spreads
Given how often bridges fail, why hasn’t the industry repaired them?
Part of the answer lies in incentives. “Safety is often not the top priority,” Kunz said. “Teams are focused on a rapid launch, increasing the number of users and increasing the total value locked.”
Building secure systems takes time and money. Many DeFi projects operate with limited resources, making it difficult to invest heavily in audits, monitoring, and infrastructure.
At the same time, projects are racing to support more blockchains. Each new integration adds complexity. “Each new connection adds more hypotheses,” Fisch said.
Deck hacks rarely stay contained. Bridged assets are used in lending protocols, liquidity pools and yield strategies. If these assets are compromised, the damage spreads.
“Other platforms may view a hacked asset as legitimate,” Kunz said. “This is how contagion occurs.” Users are rarely informed about how a bridge actually works or what could go wrong.
There are ways to make bridges safer. Fisch says a key step is to remove single points of failure by relying on independent data sources rather than shared infrastructure.
In practice, these “data sources” are computers that monitor blockchains and report what has happened. They can be managed by the bridge itself, by external networks like LayerZero, or by infrastructure providers. But many rely on the same underlying services, meaning a single compromised source can transmit erroneous data across multiple systems.
“If everyone relies on the same source, the risk is not reduced,” he said. “You just copied it.”
Other approaches include hardware protections and better monitoring to quickly detect configuration errors. Some developers are also working on designs that verify data directly using cryptography rather than going through intermediaries.
Kunz believes a more fundamental change is needed. “As long as we rely on validator-based bridges, these problems will persist,” he said.
Read more: North Korea’s cryptocurrency heist playbook expands and DeFi continues to be hit
