A single verification node, $292 million drained, and a protocol decision that no one else in DeFi wanted to make first. On April 18, 2026, an attacker emptied the Kelp DAO bridge by forging a single cross-chain message on LayerZero, walking away with 116,500 rsETH tokens, roughly 18% of the token's entire supply according to Chainalysis post-mortem data. Weeks later came the move that actually matters: Kelp migrated rsETH from LayerZero to Chainlink. This isn't an insider footnote. It cuts to the heart of how much of DeFi holds its chains together. The full attack breakdown is covered in our original exploit report; this piece focuses on what broke and what has changed.
How Do You Drain a Bridge Without Touching the Code?
The contract had no bug. The deception was elsewhere. Kelp had configured its Decentralized Verifier Network as “1-of-1”: a single verifier decided whether any incoming cross-chain message was authentic. All an attacker needed to do was compromise that one node. The attackers, linked to the North Korean Lazarus Group according to Chainalysis and LayerZero reconstructions, gained access to the verifier's RPC list, compromised two nodes, and replaced the running binaries while a simultaneous DDoS attack silenced external validators. The result: Kelp's Ethereum adapter released real rsETH against a burn event that never happened, and every transaction looked perfectly valid on-chain.
Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate.
— Kelp (@KelpDAO) April 18, 2026
We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA.
We will keep you…
Two additional forged messages, totalling over $100 million, had already passed through before the emergency multisig managed to hit pause, 46 minutes after the attack began. We covered the growing weight of Pyongyang in 2026 crypto attacks in a dedicated investigation.
Why This Was Everybody's Problem, Not Just Kelp's
Functionally, here's the uncomfortable part. Kelp argued that the single-verifier configuration wasn't a reckless shortcut but the documented default in LayerZero's own guidelines. LayerZero countered that the choice sits at the application layer, outside its bug bounty scope. The numbers tell the more unsettling story: at the time of the attack, according to on-chain LayerZero configuration data from May 2026, nearly half of all active LayerZero applications were running on the same scheme. A single point of failure, replicated everywhere, treated as normal. After the exploit, LayerZero banned 1-of-1 configurations and mandated migration to multi-verifier setups, confirming the risk was never an isolated incident. It was architecture, as we argued in our piece on why DeFi remains structurally fragile.
Nearly half of LayerZero apps ran on a single verifier
Source: LayerZero on-chain configurations, May 2026
- Single-verifier config (1-of-1): 47%
- Other configurations: 53%
Where Did the Funds Go, and What Did Kelp Do?
The sector's response moved faster than any regulator could. Five days after the attack, DeFi United was formed: a coordinated recovery fund where Aave founder Stani Kulechov contributed 5,000 ETH from his own holdings, with Lido and EtherFi adding their share. The fund raised $327.95 million in total, according to DeFi United's public accounting, roughly four times the amount needed to cover the hole, and enabled recovery of over 95% of affected rsETH. On the technical side, Kelp cut the cord entirely: rsETH moved from LayerZero's OFT standard to Chainlink's Cross-Chain Interoperability Protocol (CCIP), which validates messages with multiple nodes rather than one. The full technical reconstruction of the attack is available in the Chainalysis report.
Chainalysis Team
What Does the ECB Have to Do With It?
Quite a lot, as it turns out. On May 2, the European Central Bank explicitly cited the Kelp exploit in its arguments for prudential oversight of DeFi assets, within the 2026 MiCA review process. ECB President Christine Lagarde invoked systemic stability, this time with concrete numbers behind the argument: a $292 million hole, a bank-run-style event exceeding $5 billion in Aave withdrawals in the hours that followed, and hundreds of millions in frozen debt from rsETH tokens deposited as collateral just before the price collapse.
For those in Frankfurt looking for a foothold to tighten DeFi oversight, Kelp delivered one. The thread connecting capital, composability, and systemic risk is the same one we pulled on in our 2026 DeFi investment thesis. The operational lesson is stark: when a protocol's token immediately becomes collateral on another protocol, the weakest point never stays isolated for long. Investors and developers building on cross-chain infrastructure should treat the post-Kelp shift to multi-verifier validation as a minimum baseline, not a competitive differentiator.
