LayerZero dispute deepens after $290 million rsETH bridge drain

Kelp DAO is challenging layerzero‘s account of a $290 million rsETH bridge exploit, arguing the failure came from the platform’s own defaults, not an unusual setup. The dispute now centers on who controlled the keys, the code, and the warnings.

What happened in the exploit

On Saturday, attackers drained 116,500 rsETH, worth about $290 million, from Kelp’s LayerZero-powered bridge after poisoning the servers used to verify transfers. The attack did not touch Kelp’s core restaking contracts, and the emergency pause came 46 minutes later.

That pause blocked two follow-up attempts that would have released an additional ~$200 million in rsETH. Moreover, the source familiar with Kelp’s response said the breach stayed limited to the bridge layer.

How Kelp says the setup worked

Kelp plans to argue that the compromised DVN was LayerZero’s own infrastructure, not a third-party verifier chosen by the protocol. The memo reviewed by CoinDesk says the attack used LayerZero servers that checked whether cross-chain transactions were legitimate.

However, Kelp’s source said the backup servers were flooded with junk traffic, which pushed the verifier onto the compromised nodes. All of that infrastructure was built and run by LayerZero, the source said.

The protocol also disputes the claim that it ignored guidance to move away from a single verifier setup. Through a direct communications channel open since July 2024, Kelp says it received no specific recommendation to change the rsETH DVN configuration.

Why the configuration is under scrutiny

LayerZero’s post-mortem said KelpDAO chose a 1-of-1 DVN setup despite recommendations to use multi-DVN redundancy. In practice, a 1/1 configuration means one validator can approve a cross-chain message alone, while multi-validator setups reduce single-point failure risk.

Moreover, Kelp’s source said LayerZero’s own quickstart guide and default GitHub configuration point to the same 1/1 structure. The source added that 40% of protocols on LayerZero are currently using that setup.

The same configuration appears in LayerZero’s V2 OApp Quickstart, where the sample layerzero.config.ts assigns one required DVN and no optional DVNs. That is the exact model Kelp says it followed.

Critics say the blame is misplaced

Security researchers are also pushing back. Yearn Finance core team developer Artem K, known on X as @banteg, said LayerZero’s public deployment code uses single-source verification defaults across Ethereum, BSC, Polygon, Arbitrum and Optimism.

He also noted that the deployment leaves a public endpoint exposed, which leaks the list of configured servers to anyone who queries it. That said, he said he cannot prove which configuration Kelp used.

Chainlink community manager Zach Rynes was sharper on X, accusing LayerZero of deflecting responsibility and throwing Kelp under the bus for trusting a setup LayerZero itself supported. He said the company was trying to shift blame for its own compromised infrastructure.

CoinDesk said it reached out to LayerZero for comment and had not heard back by publication. Meanwhile, LayerZero has vowed to stop signing messages for any application using a single-verifier setup, which will force a broader migration across its network.

In the end, the fight over this layerzero incident is no longer just about one bridge. It has become a test of documentation, defaults and accountability in cross-chain security.