In a dramatic reversal that has sent shockwaves through the decentralized finance (DeFi) ecosystem, LayerZero has acknowledged that it “made a mistake” by permitting its own verifier network to secure high-value assets in a vulnerable configuration. The admission comes weeks after the $292 million exploit of Kelp DAO, a liquid restaking protocol, which the cross-chain messaging platform initially attributed to developer negligence.
The attack, which was traced to North Korean hacking groups, exploited a weakness in LayerZero's internal remote procedure call (RPC) infrastructure used by its decentralized verifier network. The company now says it “owns” the decision to allow its own verifier to protect large transfers in a setup that was inherently risky. This marks a stark departure from its earlier stance, where Kelp DAO was blamed for misconfiguring the security settings.
Background of the Exploit
Kelp DAO, a liquid restaking platform built on Ethereum scaling solutions, suffered a $292 million loss in early May 2026 when attackers drained funds from its rsETH bridge contract. The stolen assets included wrapped ether and various synthetic tokens. Immediately after the incident, LayerZero released a statement claiming its protocol was not compromised and that the vulnerability stemmed from Kelp DAO's failure to enable a stronger security mechanism called “security stacks.” However, as investigations unfolded, the narrative shifted.
The exploit targeted a misconfigured verifier node within LayerZero's decentralized infrastructure. Unlike typical cross-chain bridges that rely on a single trusted oracle, LayerZero uses a network of verifiers to validate messages. In this particular case, the verifier assigned to Kelp's bridge was a self-hosted node operated by LayerZero itself, rather than an independent third party. This centralization paradoxically weakened the security, as an attacker who could compromise the RPC endpoint could bypass the network's safeguards.
Security researchers later discovered that the North Korean Lazarus Group, notorious for targeting crypto protocols, had infiltrated the RPC provider used by LayerZero's internal verifier. By manipulating the data flow, they were able to craft fraudulent transaction proofs that the verifier accepted, leading to the unauthorized release of funds from Kelp's bridge.
LayerZero's Acknowledgement
In a post-mortem published on May 9, 2026, LayerZero CEO Bryan Pellegrino stated: “We made a mistake. We allowed our own verifier to secure high-value assets, and we did not enforce the same strict configuration requirements we demand from external developers. This was a failure on our part.” The company emphasized that the core protocol remained secure, but acknowledged that its operational decisions created a single point of failure.
Pellegrino also clarified that the vulnerability was not in the smart contracts but in the off-chain infrastructure. “The LayerZero protocol itself was not exploited. Rather, the attack vector was against the RPC endpoint used by our verifier. We assumed that developers who integrated with our system would independently verify their security settings, but in this case, we did not apply that same standard to ourselves.”
The reversal came after mounting pressure from the DeFi community, which pointed out that LayerZero had initially framed the incident as a user error. Several security audits had previously warned about the risks of relying on self-hosted verifiers, but LayerZero had not heeded those warnings.
Fallout: Client Exodus
The reputational damage has been immediate and severe. Kelp DAO announced within days that it would migrate its rsETH bridge to Chainlink’s Cross-Chain Interoperability Protocol (CCIP), citing the need for a more battle-tested security model. “We can no longer trust a system where the verifier is also the judge,” a Kelp spokesperson said.
More significantly, Solv Protocol, which had deployed over $700 million in tokenized bitcoin infrastructure on LayerZero, moved its entire operation to an alternative bridge. Solv’s CEO, in a public statement, said: “The attack revealed a fundamental asymmetry in risk. LayerZero asked us to configure security, yet their own verifier was the weakest link. We cannot afford a repeat.”
Other clients, including several liquid staking protocols and NFT bridges, have paused their LayerZero integrations or are actively evaluating alternatives. The exodus threatens to undermine LayerZero’s position as the dominant cross-chain messaging protocol, which had processed over $10 billion in transaction volume prior to the incident.
Technical Deep Dive: The Verifier Network
LayerZero operates on a model where each bridge deployment can choose its own “verifier” – a node that confirms the validity of cross-chain messages. The system is designed to be flexible, allowing developers to select from a curated list of verifiers or run their own. In theory, this promotes decentralization by letting users choose their trusted parties.
However, the Kelp exploit exposed a critical flaw: when LayerZero itself acted as the verifier for high-value transfers, the security model collapsed back into centralization. The company maintained its own RPC nodes to connect with various blockchains, and these nodes became attractive targets. The attacker did not need to break cryptographic keys; instead, they compromised the RPC endpoint through a phishing campaign targeting LayerZero’s infrastructure team.
Once inside, the attacker could observe pending transactions, forge proofs, and trick the verifier into approving malicious messages. The exploit required significant coordination – the attacker had to simultaneously manipulate RPC responses on multiple chains – but the underlying vulnerability was the lack of redundancy and independent validation for the verifier's operation.
LayerZero has since committed to phasing out self-hosted verifiers for any bridge handling assets above a certain threshold. It will also implement mandatory “security stack” enforcement, a feature that was optional before. The security stack requires multiple verifiers from different providers, ensuring that no single compromise can authorize a transfer.
Historical Context and Industry Impact
The $292 million theft is one of the largest DeFi exploits linked to North Korean state-backed hackers, ranking alongside the $600 million Ronin bridge hack of 2022. It has reignited debates about the sustainability of cross-chain bridges, which remain the single largest category of crypto crime losses. According to a report by Chainalysis, cross-chain bridges have accounted for nearly $3 billion in stolen funds since 2021.
LayerZero had long been considered a less vulnerable alternative because it does not lock tokens in a smart contract pool. Instead, it uses a “message-passing” architecture where users retain custody of their assets until a transfer is proven. The Kelp exploit, however, showed that even message-passing bridges are not immune to attacks when the verification layer is compromised.
The incident also highlights the tension between usability and security in DeFi. LayerZero’s chief advantage was its flexibility – developers could customize security parameters to suit their needs. But that very flexibility led to a configuration error at the protocol level. Critics argue that DeFi protocols should adopt stricter defaults, especially when dealing with high-value assets.
In response, several competing protocols are marketing themselves as “security-first” alternatives. Chainlink CCIP, for example, relies on a decentralized oracle network with a proven track record. Also, Wormhole has introduced multi-verifier consensus and mandatory audits. The market may now bifurcate: one segment of high-value, risk-averse protocols migrating to more rigid but audited bridges, while smaller experiments remain on flexible networks like LayerZero.
Regulatory and Law Enforcement Response
Law enforcement agencies, including the FBI and the U.S. Treasury Department, have traced the stolen funds to known Lazarus Group wallets. Blockchain analytics firms are monitoring the movement of the assets, but the recovery rate for North Korean-linked hacks is historically low. The incident has prompted renewed calls for stricter regulatory oversight of DeFi protocols, particularly those that facilitate cross-border, non-custodial transactions.
Some policymakers have seized on the exploit to argue for mandatory security standards for bridges, similar to capital requirements for financial intermediaries. However, the decentralized nature of these protocols makes enforcement challenging. LayerZero’s admission of fault may serve as an example of self-regulation, but it remains to be seen whether it will be enough to restore confidence.
Kelp DAO has announced that it will pursue legal action against the attackers and has also considered suing LayerZero for negligence, though the legal grounds for such a suit are unclear given the disclaimers in LayerZero’s terms of service. Meanwhile, the DeFi community is grappling with the question of how much risk users should bear versus the infrastructure providers.
In summary, the $292 million Kelp exploit has not only cost investors dearly but has also forced a reckoning within the cross-chain bridge ecosystem. LayerZero’s belated admission that it “made a mistake” may be a step toward accountability, but the damage to its reputation is already done. The migration of major clients to rival platforms signals a shift in trust, and LayerZero must now rebuild its security architecture from the ground up to prevent a similar catastrophe.
Source: Coindesk News