The $292 million exploit linked to KelpDAO is the latest in a long line of crypto bridge hacks that highlight how the systems designed to connect blockchains have become some of the easiest ways to breach them.
The incident involved KelpDAO’s use of LayerZero’s cross-chain messaging system, a type of infrastructure widely used to move data and assets between blockchains.
Bridges are intended to let users move assets from one blockchain to another, such as from Ethereum to another network. But instead of acting as seamless connectors, they have repeatedly become weak points, draining billions of dollars over the past few years.
So why does this keep happening?
Crypto ecosystem leaders say the answer isn’t just bad code or careless mistakes. The problem is more fundamental; it’s in how bridges are built in the first place.
The core problem: trusting the middleman
To understand the problem, it helps to look at what a bridge actually does.
If you move tokens from one blockchain to another, the second chain must prove that your tokens existed and were locked on the first. In an ideal world, it would confirm that for itself. In reality, it is too expensive and complex.
“Most bridges don’t fully confirm what happened on another chain,” said Ben Fisch, CEO of Espresso Systems. “Instead, they rely on a smaller system to report it. It [second] the system becomes what you trust.”
So instead of independently checking the truth, it outsources it, often to small validator groups or external networks like LayerZero or Axelar. That shortcut creates risk. In the Kelp DAO-related exploit, attackers targeted the data fed into the bridge.
“Attackers compromised nodes and fed the system a false version of reality,” Fisch said. “The bridge worked as designed. It just believed the wrong information.”
Bridge hacks often look different on the surface. Some involve stolen keys, others flawed smart contracts. But experts say these are symptoms of a deeper problem. The real problem lies in how the systems are designed.
“Anything that can go wrong will go wrong, and bridge hacks are a perfect example,” said Sergej Kunz, co-founder of 1inch. “You see code vulnerabilities, centralization issues, social engineering, even financial attacks. Usually it’s a mix.”
How bridges work
To users, bridges look simple. You click a button and move assets from one blockchain to another. Behind the scenes, the process is more complicated.
First, your tokens are locked on the original blockchain. Then a separate system verifies that the tokens are locked. This system usually consists of a small group of operators or validators. These operators then send a message to the other blockchain saying that the tokens were locked so that new ones can be issued. If this message is accepted, the other chain creates a new version of your tokens. These are wrapped tokens, like rsETH or WBTC.
The problem is that this process depends on trusting whoever is sending that message. If attackers compromise this system, they can send a fake message and create tokens that were never supported on the original chain.
“The worst case is when the system doesn’t really check anything,” Fisch said. “It’s just trusting someone else’s version of events.”
When one failure spreads
Given how often bridges fail, why hasn’t the industry fixed them?
Part of the answer comes down to incentives. “Safety is often not the top priority,” Kunz said. “Teams focus on launching quickly, growing users and increasing overall value locked in.”
Building secure systems takes time and money. Many DeFi projects operate with limited resources, making it difficult to invest heavily in audits, monitoring and infrastructure.
At the same time, projects are running to support more blockchains. Each new integration adds complexity. “Each new connection adds more assumptions,” Fisch said.
Bridge hacks are rarely contained. Bridged assets are used across lending protocols, liquidity pools and return strategies. If these assets are compromised, the damage spreads.
“Other platforms may treat a hacked asset as legitimate,” Kunz said. “That’s how contagion happens.” Users are rarely told how a bridge actually works or what can go wrong.
There are ways to make bridges safer. Fisch says an important step is to eliminate single points of failure by relying on independent data sources instead of shared infrastructure.
In practice, these “data sources” are computers that watch blockchains and report what happened. They can be powered by the bridge itself, by external networks such as LayerZero, or by infrastructure providers. But many rely on the same underlying services, meaning a single compromised source can feed bad data across multiple systems.
“If everyone is relying on the same source, you haven’t reduced the risk,” he said. “You just copied it.”
Other approaches include hardware protection and better monitoring to catch misconfigurations early. Some developers are also working on designs that verify data directly using cryptography instead of intermediaries.
Kunz believes that a more fundamental shift is needed. “As long as we rely on validator-based bridges, these problems will continue,” he said.
Read more: North Korea’s crypto heist playbook expands and DeFi continues to be hit
