The popular Spiderman meme showing three identical superheroes pointing fingers at each other is having its crypto moment today.
The Kelp DAO is set to push back on LayerZero’s autopsy of Sunday’s $290 million exploit, which essentially blames Kelp, an L2 source familiar with the matter told CoinDesk. Kelp plans to challenge the messaging firm across the chains’ claim that it ignored repeated warnings to move away from a single-verifier setup. CoinDesk has reviewed and verified the company’s discussions.
Kelp is a floating replay protocol that takes user-deposited ether, routes it through a dividend-generating system called EigenLayer, and issues a receipt token, rsETH, in exchange.
LayerZero is the cross-chain messaging infrastructure that moves rsETH between blockchains, using entities called DVNs (decentralized verification networks) to verify that a cross-chain transfer is valid.
On Saturday, the attackers drained 116,500 rsETH, worth about $290 million, from Kelp’s LayerZero-powered bridge by poisoning the servers that LayerZero’s verifier relied on to verify transactions.
Kelp, the source said, plans to say that the DVN compromised via what it calls a “sophisticated state-sponsored attack” was LayerZero’s own infrastructure, not a third-party verifier.
Attackers compromised two of LayerZero’s own servers that verify the legitimacy of cross-chain transactions, then flooded the backup servers with unwanted traffic to force LayerZero’s verifier onto the compromised ones.
All that infrastructure was built and powered by LayerZero, not Kelp, the source claimed.
The source disputed LayerZero’s framing of the “1/1 configuration” as a fringe choice that was taken against guidance. LayerZero’s postmortem said that KelpDAO chose a 1-of-1 DVN setup despite expressing recommendations to configure multi-DVN redundancy.
A “1/1 configuration” means that only a single validator needs to sign off on a cross-chain message for the bridge to respond to it, leaving the system with no additional checks to catch a compromised or forged instruction. A multi-validator configuration (such as 2/3, 3/5, etc.) ensures that there is no single point of failure that can validate a forged message on its own.
They added that through a direct communication channel with LayerZero, which has been open since July 2024, they did not make any specific recommendation to Kelp to change the rsETH DVN configuration.
LayerZero’s own quickstart guide and default GitHub configuration point to a 1/1 DVN setup, the source told CoinDesk, adding that 40% of protocols on LayerZero currently use the same configuration.
The configuration that Kelp ran is also shown in LayerZero’s own V2 OApp Quickstart, where the sample layerzero.config.ts connects each path with a required DVN and no optional DVNs. It’s the same 1/1 structure.
Kelp’s core conversion contracts were not touched and exploitation was isolated to the bridge layer, they added. Its emergency pause, 46 minutes after the drain, blocked two follow-up attempts that would have released another ~$200 million in rsETH.
CoinDesk reached out to LayerZero for comment on the story and did not hear back by the time of publication.
‘To deflect responsibility’
Security researchers also don’t buy LayerZero’s isolated framework, which blamed Kelp.
Kelp is a floating recapture protocol. Its core competence is staking infrastructure, EigenLayer integration and liquid staking token management. When integrating with LayerZero, Kelp relied on LayerZero’s documentation, their default settings and their team’s guidance to make configuration decisions, the source claimed.
Yearn Finance core team developer Artem K, popularly known as @banteg on X, posted a technical review of LayerZero’s public implementation code and said the reference setup comes with single-source verification standards across all major chains, including Ethereum, BSC, Polygon, Arbitrum, and Optimism.
This rollout also leaves behind a public endpoint that leaks the list of configured servers to anyone who queries it.
Banteg noted in his analysis that he cannot prove what configuration Kelp used, but noted that LayerZero usually asks new operators to use its default setup, which its post mortem criticized.
Chainlink community manager Zach Rynes put it bluntly on X, claiming that LayerZero was “deflecting responsibility” for its own compromised infrastructure and accusing the company of throwing Kelp under the bus for relying on a setup that LayerZero itself supported.
As such, LayerZero has said it will no longer sign messages for any application running a single-verifier setup, forcing a protocol-wide migration.
Read more: ‘DeFi is dead’: crypto community scrambles after year’s biggest hack exposes contagion risk
