Kelp DAO Blames LayerZero’s Default Settings for $290M DeFi Bridge Exploit

Security Breach and Dispute

Kelp DAO, a decentralized finance (DeFi) protocol, disclosed a security breach on April 18, 2026, resulting in the loss of over $290 million from its restaking bridge. The incident occurred on a LayerZero-powered cross-chain infrastructure, prompting a disagreement between Kelp and LayerZero, a blockchain interoperability protocol. Kelp attributed the breach to LayerZero’s default configurations, while LayerZero contended that Kelp failed to implement recommended multi-verifier redundancy measures.

Exploit Methodology and Attack Vector

The exploit leveraged a vulnerability in LayerZero’s default 1/1 DVN (Decentralized Verification Node) setup, which requires a single validator to approve cross-chain transactions. Security researchers noted attackers compromised two LayerZero servers and flooded backup systems with traffic to force the verifier onto compromised nodes. This allowed manipulation of cross-chain messaging, bypassing LayerZero’s security mechanisms. The 1/3 DVN configuration, promoted by LayerZero’s documentation, was adopted by 40% of protocols on its network, according to a 2026 Chainalysis analysis. Kelp’s emergency pause of its bridge halted an additional $200 million in potential losses.

Attack Execution and Technical Details

“The attack was a direct consequence of LayerZero’s default 1/1 DVN setup. Our team followed all recommended practices, but the system’s inherent vulnerability was exploited.”

Attackers executed a targeted infrastructure attack by compromising two downstream RPC nodes used by LayerZero’s single DVN. They swapped binaries and poisoned data to forge transaction verifications, then launched DDoS attacks on uncompromised nodes to force the DVN to rely solely on malicious ones. A custom payload returned falsified data to the DVN while appearing normal to external monitoring, evading detection. The malware self-destructed post-exploit by disabling RPCs and deleting logs.

Configuration Risks and Governance Gaps

Kelp’s undisclosed DVN threshold (1-of-1) was identified as a critical risk. LayerZero’s framework supports higher thresholds, such as 2-of-3, but Kelp’s configuration left it vulnerable. The attack invalidated rsETH on 20+ L2s, as their value depended on Ethereum’s bridge. The lack of governance oversight for bridge configuration changes also exposed the system to exploitation.

Dispute and Technical Counterpoints

Kelp asserted the attack targeted its LayerZero-powered bridge, not its core restaking contracts. Lead developer Alex Chen stated, “The attack was a direct consequence of LayerZero’s default 1/1 DVN setup. Our team followed all recommended practices, but the system’s inherent vulnerability was exploited.” “The attack was a direct consequence of LayerZero’s default 1/1 DVN setup. Our team followed all recommended practices, but the system’s inherent vulnerability was exploited.” LayerZero’s chief security officer, Sarah Kim, countered that Kelp ignored guidance to adopt multi-verifier redundancy, stating, “Kelp’s failure to implement a multi-verifier setup left their bridge exposed to this type of attack.”

Impact on Aave and Market Reactions

The exploit’s impact extended to Aave, where stolen rsETH was used as collateral to borrow legitimate assets, leaving $195 million in bad debt. Aave’s total value locked (TVL) dropped from $26.4 billion to $17.5 billion, a 34% decline, as users rushed to withdraw funds. Aave froze rsETH on v3 and v4 after the incident, but liquidity damage was already incurred. The incident triggered an $8.9 billion exit from Aave’s TVL, with analysts warning a 15-20% ETHUSD price drop could exacerbate bad debt.

LayerZero’s Response and Security Framework

LayerZero’s CryptoEconomic DVN Framework, launched in October 2024 with Eigen Labs, aimed to prevent such scenarios by requiring verifiers to stake assets that can be slashed for malicious behavior. Whether Kelp’s configuration would have survived stricter requirements remains unclear. LayerZero has pledged to stop signing messages for applications using single-DVN setups, mandating a protocol-wide migration to multi-DVN architectures.

AI Analysis and Risk Modeling Limitations

An open-source AI tool analyzing the incident rated the cross-chain bridge’s risk as medium despite historical parallels to high-risk patterns. The tool could not verify DVN thresholds independently due to limited on-chain data access, highlighting the need for broader risk modeling and on-chain verification. This limitation underscores the importance of combining AI analysis with blockchain audits to enhance security.

Broader Implications for DeFi Security

“Kelp’s failure to implement a multi-verifier setup left their bridge exposed to this type of attack.”

The incident reignited debates about default configurations in blockchain infrastructure. Security researchers criticized LayerZero for promoting the 1/1 DVN setup, which they argue undermines claims of robust security. A 2026 report by the Blockchain Security Institute (BSI) noted, “Default settings should never compromise security. If a protocol’s default configuration is inherently risky, it is the protocol’s responsibility to address it, not the users’.”

Responsibility and Systemic Risks

The dispute highlights a broader issue in DeFi: balancing user responsibility and protocol-level security. While protocols like LayerZero provide tools and documentation, reliance on users to implement best practices creates vulnerabilities. Kelp’s incident demonstrates that even well-documented defaults can be exploited if not reinforced with additional safeguards.

Industry Response and Future Directions

In response, LayerZero has committed to ceasing message signing for single-verifier setups and pushing for a migration to multi-verifier configurations. Kelp DAO is collaborating with security experts to strengthen its bridge’s resilience and has called for greater transparency from infrastructure providers, arguing that default configurations should be audited for security risks before being promoted. Kelp’s co-founder, Emily Rodriguez, stated, “The onus should not be on developers to fix systemic flaws in the tools they use.”

The Kelp-LayerZero dispute underscores a critical challenge in the DeFi ecosystem: ensuring default configurations do not become systemic risks. As cross-chain interoper, interoperability grows essential for decentralized finance, the security of underlying protocols will shape trust and adoption. The incident serves as a cautionary tale for developers and infrastructure providers, emphasizing the need for proactive security measures and shared responsibility in protecting user assets. The resolution of this dispute may influence future blockchain security practices, with implications for how security is prioritized in the DeFi landscape.