The LayerZero team publicly apologized for their response to the Kelp hack and acknowledged that using a single-verifier configuration to secure large transactions was a mistake.
— LayerZero (@LayerZero_Core) May 8, 2026
“We have done a terrible job communicating over the past three weeks — we aimed for thoroughness in our analysis, but we should have started with transparency,” the statement read.
On April 17, attackers drained approximately $292 million in rsETH from the Kelp liquid staking protocol via a cross-chain bridge on the LayerZero platform. Investigations revealed that the attack was not related to a smart contract but rather involved a compromise of infrastructure and the use of a single-verifier scheme (1/1 DVN).
Initially, LayerZero placed the blame on Kelp, claiming the issue was local. However, critics pointed out that the 1/1 DVN configuration was essentially a standard recommendation when integrating the protocol. According to Dune, around 47% of LayerZero applications used a similar scheme at the time of the attack.
Following the KelpDAO hack, we built an open analysis of DVN security configurations across every active OApp on LayerZero over the last 90 days.
— Dune | We Are Hiring! (@Dune) April 20, 2026
Of ~2,665 unique OApp contracts: 47% run a 1-of-1 DVN security floor, 45% run 2-of-2, and ~5% run 3-of-3 or higher.
As we know,…
“We made a mistake by allowing our DVN to operate as 1/1 for high-value transactions. We did not control the security of the solution, which created a risk that we simply did not see,” LayerZero admitted.
The platform announced several changes, including:
- eliminating the single-verifier configuration — a 5/5 scheme will be applied by default, with at least 3/3;
- developing a second DVN client;
- launching Console — a unified platform for monitoring security and anomalies for asset issuers;
- increasing the multi-signature threshold from 5/3 to 7/10 for all blockchains.
In early May, the Kelp team decided to migrate to Chainlink's CCIP interoperability protocol amid disagreements with LayerZero regarding the causes of the hack.
Notably, the Bitcoin project Solv Protocol also abandoned LayerZero's cross-chain infrastructure in favor of CCIP.