LayerZero Blames KelpDAO Single-DVN Setup for $290M Exploit

High attention and emotional sentiment detected.

The exploit hit on April 18. According to LayerZero, the attacker poisoned RPC endpoints feeding the LayerZero Labs DVN. Because KelpDAO relied on a 1-of-1 DVN setup, that single compromised verifier approved the fraudulent message. As a result, $290 million drained from the rsETH deployment.

The attack affected no other applications on LayerZero. In fact, the protocol continued processing cross-chain traffic without interruption throughout the incident.

How the RPC Poisoning Attack Worked

LayerZero’s thread detailed the attack step by step. First, the adversary obtained the internal list of RPC endpoints the DVN used for verification. RPC nodes act as the data pipeline between blockchains and verifiers.

Next, the attacker compromised two independent op-geth nodes on separate clusters. They swapped the legitimate binaries for malicious versions. These forged a cross-chain message that appeared valid to the DVN.

Then, the attacker launched DDoS attacks against the remaining healthy RPCs. This forced the DVN to fall back on the compromised nodes. Meanwhile, external monitoring services still received accurate data. As a result, the manipulation went undetected until the DVN signed the forged message.

That single fraudulent approval triggered the $290 million drain from KelpDAO’s rsETH. The technique is notable because it bypasses smart-contract audits entirely.

What Are DVNs and Why They Matter

DVNs, or Decentralized Verifier Networks, are independent entities that verify cross-chain messages on LayerZero. They confirm that a transaction on one blockchain is legitimate before it executes on another.

LayerZero’s architecture lets each application choose its own security model. Specifically, applications select which DVNs to trust and how many must agree. LayerZero Labs operates one of the largest DVNs, but dozens of others exist across the ecosystem.

This modular approach has supported more than $50 billion in cumulative cross-chain volume. At the same time, it has drawn criticism for allowing weak configurations that create single points of failure.

Why KelpDAO’s Configuration Failed

KelpDAO configured rsETH with a strict 1-of-1 DVN setup. Only the LayerZero Labs DVN verified its messages. In contrast, a multi-DVN configuration requires consensus across independent verifiers. That setup makes one compromised DVN insufficient on its own.

The KelpDAO $290M exploit proved the risk of minimal configurations. A two-DVN or three-DVN setup would have blocked the forged message. The attacker compromised one verifier, but additional verifiers would have rejected it.

LayerZero said it had previously warned KelpDAO about this risk. The team referenced public commentary in Aave governance discussions months earlier. Still, KelpDAO proceeded with the 1/1 configuration.

LayerZero Says Protocol Worked as Designed

The thread emphasized that no protocol-level vulnerability existed. LayerZero quoted its own post: “the LayerZero protocol itself functioned exactly as intended.”

The team also stressed the isolation principle. Each application controls its own security. Therefore, the compromise of one DVN for one application did not spread to others on the network.

LayerZero called this “the single defining feature” of its modular architecture. Zero contagion spread across the system, even though a single integration failed.

A New Category of State-Sponsored Attack

LayerZero attributed the KelpDAO $290M exploit to a sophisticated state actor. The team identified North Korea’s Lazarus Group, operating as TraderTraitor, as the most likely perpetrator.

The Lazarus Group has a long track record in crypto theft. It carried out the $625 million Ronin Bridge hack in 2022. It also executed the $100 million Harmony Horizon bridge hack the same year. Most recently, the group pulled off the $1.5 billion Bybit breach in early 2025.

RPC poisoning represents a new vector in the cross-chain threat model. Unlike key theft or smart contract bugs, it targets the off-chain infrastructure verifiers depend on. Every bridge, oracle, and cross-chain service relies on similar infrastructure.

Consequently, the technique bypasses smart-contract audits and key management entirely. It exploits how verifiers source their data. That layer has received far less scrutiny than contract code up to this point.

Response and Remediation

LayerZero Labs has already deprecated all compromised RPC nodes. The team replaced them with fresh infrastructure, and the DVN is back online.

In addition, the team is actively contacting every application still running a 1/1 DVN configuration. Going forward, LayerZero Labs will refuse to attest messages from any application that stays in that state.

Law enforcement agencies in multiple jurisdictions are now investigating. LayerZero is cooperating with authorities and assisting on-chain tracking through partners including Seal911.

Loading chart...

What Comes Next After the KelpDAO $290M Exploit

For rsETH holders and KelpDAO participants, attention now turns to compensation or recovery. KelpDAO has not yet detailed its response plan.

Across the broader ecosystem, protocols relying on single verifiers face renewed pressure to harden their off-chain dependencies. LayerZero Labs has committed to helping all remaining 1/1 integrators migrate to multi-DVN setups.

Expect updated integration checklists and new contract-level tooling to enforce minimum DVN thresholds. The RPC poisoning playbook now sits in the public threat model. Every cross-chain service will need to reassess its infrastructure assumptions as a result of this incident.