Kelp says LayerZero approved setup it blamed for $292 million bridge hack

Kelp DAO claims that LayerZero personnel approved the 1-of-1 verifier setup, a decision LayerZero has since cited as the reason a North Korea-linked attacker drained roughly $292 million from Kelp’s rsETH bridge.

The claim runs counter to LayerZero’s April 19 postmortem, which said Kelp’s rsETH application relied on LayerZero Labs as its sole verifier and that the setup “directly contradicts” LayerZero’s recommended multi-DVN model.

Kelp’s memo says LayerZero personnel reviewed its configurations for over 2.5 years and in eight integration discussions, without warning that a 1-of-1 setup posed a material security risk.

The memo, titled “Setting the Record Straight Around the LayerZero Bridge Hack,” includes screenshots of Telegram exchanges that document LayerZero’s awareness and lack of objection to Kelp’s verifier setup.

One screenshot shows a LayerZero team member saying: “No problem on using defaults either — just tagging [redacted] here since he mentioned you may have wanted to use a custom DVN setup for verifying messages, but will leave that to your team!” Kelp says the “defaults” referenced in the exchange were the 1-of-1 LayerZero Labs DVN configuration later cited by LayerZero as the application-level setup that enabled the exploit.

CoinDesk could not independently authenticate the screenshot.

LayerZero’s templates

Kelp also points to LayerZero’s bug bounty scope, OFT Quickstart and developer examples as evidence that LayerZero treated verifier-network choices as application-level configuration while showing builders a one-DVN setup.

LayerZero’s published bug bounty scope on Immunefi excludes from rewards “impacts to OApps themselves as a result of their own misconfiguration,” including verifier networks and executors.

The LayerZero OFT Quickstart and the official OFT example configuration on GitHub show LayerZero Labs as the required DVN, with no optional DVN set.

Kelp’s memo cites an April 19 post from Spearbit security researcher Sujith Somraaj, in which Somraaj said he had submitted a bug bounty report describing the same attack pattern and that LayerZero rejected it.

“My bug bounty: not a vuln, requires all DVNs,” Somraaj wrote on X. “Their deployment: removes the ‘all’ part. Hackers: collects $295M bounty instead.” Somraaj is a prior LayerZero auditor, according to his Cantina profile.

Kelp moves to Chainlink

Kelp also said it is moving rsETH off LayerZero to Chainlink’s Cross-Chain Interoperability Protocol. The shift moves rsETH from LayerZero’s OFT standard to Chainlink’s Cross-Chain Token standard.

The exploit drained 116,500 rsETH, worth roughly $292 million, from Kelp’s LayerZero-powered bridge. Two additional forged transactions totaling more than $100 million were signed and processed by the LayerZero Labs DVN before Kelp paused its contracts, the protocol said.

LayerZero said attackers are likely linked to North Korea’s Lazarus Group, who accessed the list of RPCs used by the LayerZero Labs DVN, compromised two RPC nodes and swapped out the binaries running on them.

The attackers then launched a DDoS attack against uncompromised RPC nodes, forcing a failover to the poisoned ones. LayerZero said the DVN then confirmed transactions that had not occurred.

Kelp argues the 1-of-1 setup was widespread. CoinGecko, citing Dune Analytics data, said 47% of roughly 2,665 active LayerZero OApp contracts ran a 1-of-1 DVN configuration over a 90-day period ending around April 22, with more than $4.5 billion in associated market value exposed to the same class of risk.

LayerZero’s postmortem said the protocol “functioned exactly as intended.” The company said it would no longer sign messages for any application running a 1-of-1 configuration, a policy change that took effect after the hack.

Kelp alleges that its team had to flag the exploit to LayerZero rather than the other way around, raising questions about LayerZero’s monitoring.

The memo also alleges substantial overlap in addresses granted ADMIN_ROLE on both the LayerZero Labs DVN and the Nethermind DVN, listing ten on April 8, 2026 and five additional on February 6, 2025. CoinDesk has not independently verified the onchain claim.

LayerZero did not respond to a request for comment by publication.

On at least two integrated chains, Dinari and Skale, the LayerZero Labs DVN is still listed as the only available attestor, according to the documentation.