- KelpDAO said LayerZero infrastructure was exploited in an April 18 bridge attack that drained about US$292 million.
- Chainalysis said attackers linked to Lazarus Group released 116,500 rsETH by feeding false data to a 1-of-1 verifier setup.
- KelpDAO plans to move rsETH to Chainlink CCIP, where cross-chain transactions use 16 independent node operators.
KelpDAO plans to relaunch rsETH cross-chain transfers using Chainlink after an April 18 exploit drained about US$292 million (AU$405.9 million) from its LayerZero bridge.
But a dispute over responsibility for the attack is intensifying.
KelpDAO said security reports showed compromised verifier infrastructure enabled the exploit. The company also alleged that LayerZero personnel approved the 1-of-1 verifier configuration tied to the breach without warning it posed a security risk.
LayerZero rejected that characterisation, saying the exploit was isolated to KelpDAO’s rsETH application and resulted from a verifier setup that deviated from its recommended multi-verifier model.
Related:K Wave Media Abandons Bitcoin Strategy for AI Pivot, Shares Tumble
Verifier Dispute Deepens
Chainalysis said attackers linked to North Korea’s Lazarus Group stole about US$292 million (AU$405.9 million), or 116,500 rsETH, from KelpDAO’s LayerZero bridge on April 18.
The blockchain analysis firm said the incident was “not a smart contract vulnerability” but an off-chain infrastructure attack involving compromised RPC nodes and denial-of-service pressure against external nodes.
According to Chainalysis, the attack fed false data into the bridge’s verifier system, allowing fraudulent cross-chain messages to be accepted as valid.
KelpDAO later paused contracts and blocked a second attempted theft of 40,000 rsETH, worth about US$95 million (AU$132.1 million), Chainalysis said.
The Arbitrum Security Council also froze 30,766 ETH linked to the attackers. About US$71 million (AU$98.7 million) in crypto tied to the exploit is now at the center of a New York federal court dispute.
The Chainlink Migration
KelpDAO said it will migrate rsETH from LayerZero’s OFT standard to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) and Cross-Chain Token (CCT) standard.
Supporting coverage said Chainlink CCIP uses 16 independent node operators to validate cross-chain transactions, replacing the architecture implicated in the exploit.
The attack also triggered broader market stress across decentralized finance protocols.
Following the exploit, Aave V3 Ethereum Core available liquidity fell from US$9.77 billion (AU$13.58 billion) to US$5.75 billion (AU$7.99 billion) within 29 hours, according to Glassnode.
Available WETH liquidity dropped from US$689 million (AU$957.7 million) to US$1.5 million (AU$2.1 million) in just two hours as utilisation reached 100%.
Read more: Uphold Pays US$5M Over Collapsed CredEarn Crypto Scheme
Chainlink,KelpDAO,LayerZero#KelpDAO #Blames #LayerZero #292M #Exploit #Plans #ChainlinkPowered #Relaunch1778051801
