Who is to blame for the $290 million theft? Kelp DAO shifts the blame, claiming LayerZero's "default configuration" is at fault.

📄Full Article· Automatically extracted by trafilaturaGemini 翻譯1301 words

A hacking storm totaling $292 million has not only set the record for the largest theft in the DeFi space this year but has also sparked a blame game in the crypto community. Facing intense external criticism, the liquidity restaking protocol Kelp DAO issued a statement on Monday, firmly pushing back against allegations of negligence and shifting the blame for the security breach onto the cross-chain technology provider LayerZero. Looking back at April 18, Kelp DAO, built on LayerZero's cross-chain technology, was ransacked by hackers, losing 116,500 rsETH tokens worth approximately $292 million, marking the largest hacking incident in the DeFi sector so far this year. Regarding this attack, LayerZero was the first to release a preliminary investigation report on Sunday, pointing out that the mastermind is likely the notorious North Korean hacker organization, Lazarus Group. The report revealed that the hackers first compromised the RPC node list used by the LayerZero Decentralized Verifier Network (DVN, a network of nodes responsible for verifying the authenticity of cross-chain messages). They then poisoned two of the RPC nodes and launched a DDoS attack on the remaining RPC nodes, forcing the system to switch to the compromised nodes. This allowed the DVN to receive fake cross-chain messages and ultimately sign off on the unauthorized theft transaction. In the report, LayerZero criticized Kelp DAO for adopting an extremely vulnerable "1-of-1 DVN" configuration. LayerZero emphasized that this design lacks an independent verification mechanism, effectively embedding a fatal "single point of failure" in the system, which prevented the network from intercepting the fake cross-chain messages. LayerZero stated: "We and external experts had previously advised Kelp DAO multiple times that they should diversify their DVN node configuration to improve security, but despite these recommendations, Kelp insisted on using the 1-of-1 DVN configuration." Facing the harsh accusation of "ignoring advice," Kelp DAO immediately fired back on the social media platform X, pointing out that this "1-of-1 DVN configuration" that led to the disaster was actually facilitated by LayerZero itself. Kelp DAO refuted in its statement: The so-called single-point verification configuration is written in black and white in LayerZero's official technical documentation, and it has been the "default option" for any newly created Omnichain Fungible Token (OFT, a token standard that allows seamless token conversion across multiple chains). Since January 2024, Kelp has been running on LayerZero's infrastructure and has maintained open communication channels with the LayerZero team at all times. Kelp DAO further stated that when the protocol was preparing to expand to Layer 2, both parties had in-depth discussions regarding the DVN configuration, and the default setting of a single verification node was "explicitly confirmed as appropriate" by LayerZero officials at the time. "An accurate incident reconstruction process with mutual consensus is the foundation for us to jointly take the correct remedial measures," Kelp DAO urged with a double entendre, implying that LayerZero should not be in a rush to shirk responsibility at this moment. Although both sides are still engaged in a war of words over the responsibility for the security vulnerability, Kelp DAO emphasized that the team took decisive crisis management measures immediately after the incident, including urgently pausing the relevant smart contracts and blacklisting all wallet addresses associated with the hackers, successfully containing the scope of the disaster and preventing further losses. Currently, the Kelp team is carefully evaluating the next steps for security enhancements, striving to restore the protocol to safe operation as soon as possible.

Data Status✓ Full text extractedRead Original (區塊客)

🔍Historical Similar Events· Keyword + Asset Matching6 items

2026-04-20

Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster

Similarity 180%關鍵字 dao/layerzero/kelp

2026-04-21

Kelp DAO hack triggers "DeFi chain reaction": Aave faces potential bad debt of up to $230 million

Similarity 170%關鍵字 dao/kelp同分類 zh

2026-04-20

US Clarity Act may be delayed until May! Banking industry dissatisfied with "stablecoin yields," Kelp DAO hit by $290 million hack

Similarity 170%關鍵字 dao/kelp同分類 zh

2026-04-19