KelpDAO has publicly challenged LayerZero Labs over responsibility for the April 18, 2026 exploit, arguing that the breach was caused by weaknesses in LayerZero’s own infrastructure rather than any mistake in KelpDAO’s configuration.
The protocol stated that attackers were able to exploit LayerZero systems, leading to losses exceeding 300 million dollars across several decentralized finance platforms. It also revealed that two additional fraudulent transactions, worth more than 100 million dollars combined, were signed and processed through LayerZero’s DVN before KelpDAO stepped in to pause its contracts and stop further damage.
KelpDAO Pushes Back on LayerZero Narrative
KelpDAO claims its quick response helped prevent additional losses, even though the underlying bridging system remained operational for some time after the vulnerability had been identified.
At the center of the disagreement is LayerZero’s position that the exploit resulted from a misconfiguration unique to KelpDAO. The project strongly rejected this, arguing that the same configuration was widely used across the LayerZero ecosystem and matched official documentation provided to developers.
According to KelpDAO, a large share of applications built on LayerZero used similar DV setups, including a standard one to one configuration involving LayerZero’s own DV. These setups were not unusual but part of commonly recommended deployment practices.
KelpDAO further explained that LayerZero’s DVN is a core part of the ecosystem and is included in default developer configurations. It noted that official documentation and onboarding materials encourage builders to use these defaults, often without additional validation layers. The team said it followed these guidelines when integrating in early 2024 and maintained ongoing communication with LayerZero, with no warnings indicating security risks in its setup.
The protocol also referenced findings suggesting that off chain monitoring systems were compromised and that fraudulent attestations were produced through the DV layer. Some independent researchers have characterized the incident as a broader infrastructure failure rather than a simple endpoint issue, pointing to deeper trust vulnerabilities within LayerZero’s system.
LayerZero Labs, in its own postmortem, acknowledged that attackers gained access to private endpoints used by its DVN and compromised multiple nodes, describing the incident as a spoofing attack. However, KelpDAO and other analysts argue that this explanation does not fully account for how invalid messages were still approved despite existing safeguards.
Shift Toward Chainlink CCIP
Following the incident, KelpDAO implemented emergency measures, including pausing its smart contracts and conducting a full security review of its bridging architecture.
As part of its long term response, the protocol has confirmed plans to move away from LayerZero’s OFT standard and transition to Chainlink’s Cross Chain Interoperability Protocol. The upgrade will migrate rsETH to Chainlink’s Cross Chain Token framework.
KelpDAO says the goal of this shift is to reduce dependence on single points of failure and improve the security and resilience of cross chain operations going forward.#crypto#cryptonews https://coinsignals.net https://t.me/coinsignalpublic
