Skip to main content
Esc

Type to search

Articles / crypto-defi-blockchain / LayerZero Admits Mistake in 1/1 DVN Setup Tied to $292M Kelp Hack

LayerZero Admits Mistake in 1/1 DVN Setup Tied to $292M Kelp Hack

May 11, 2026 · Source: thedefiant.io · Topic:  crypto-defi-blockchain · fintech
Hack Amount
$292M
Total amount stolen in the Kelp hack linked to LayerZero's security lapse
Asset Impact Percentage
0.36%
Percentage of assets across the LayerZero network affected by the exploit
Application Impact Percentage
0.14%
Percentage of applications built on the LayerZero protocol impacted by the hack

⦿ Executive Snapshot

  • What: LayerZero acknowledged a security lapse that led to a $292 million hack on Kelp DAO's rsETH bridge.
  • Who: LayerZero Labs, Kelp DAO, Lazarus Group.
  • Why it matters: The incident raises concerns about the security protocols in decentralized finance (DeFi) and could impact user trust and future development in the sector.

⦿ Key Developments

  • LayerZero's DVN operated as a 1/1 verifier for high-value transactions, which was identified as a significant risk.
  • The exploit impacted approximately 0.36% of assets across the LayerZero network, affecting only 0.14% of applications built on the protocol.
  • LayerZero plans to change its DVN configurations to a minimum of 3/3 for security enhancements and has introduced a custom multisig called OneSig.

⦿ Strategic Context

  • LayerZero's initial defense claimed that the protocol functioned correctly, which was later contradicted by Kelp DAO's assertions of LayerZero's approval of the risky setup.
  • The incident highlights the ongoing challenges and vulnerabilities in DeFi security, especially against sophisticated adversaries like the Lazarus Group.

⦿ Strategic Implications

  • Immediate consequences include a potential loss of user trust and migration of projects away from LayerZero, as evidenced by Kelp DAO's decision to switch to Chainlink's CCIP.
  • Long-term implications could involve stricter security standards and practices across the DeFi landscape as protocols reassess their risk management and operational frameworks.

⦿ Risks & Constraints

  • There remains a potential risk of regulatory scrutiny and increased pressure on DeFi protocols to enhance security measures.
  • Competition with other interoperability solutions may increase as affected projects seek safer alternatives, potentially impacting LayerZero's market position.

⦿ Watchlist / Forward Signals

  • LayerZero is expected to publish an official post-mortem once their external security partners conclude their investigations.
  • Future developments that could indicate recovery or further issues include the rollout of their new security features and the response from affected projects regarding their migration plans.
§ 08

Related Articles