On April 18, 2026, KelpDAO became the victim of the largest single DeFi exploit of the year β surpassing even the Drift Protocol hack that had shocked the industry 17 days earlier. The loss: $293 million, approximately 18% of rsETHβs total circulating supply, drained in a matter of hours through a cross-chain bridge exploit that has since become a textbook case study in the dangers of insufficient validation infrastructure.
The root cause was not a zero-day vulnerability in an audited protocol. It was not a novel cryptographic attack. It was a configuration choice: KelpDAOβs LayerZero cross-chain bridge was set up with a 1-of-1 verifier β meaning a single node was responsible for validating all cross-chain messages before the protocol released funds. Once attackers compromised two of the RPC data sources feeding that node, they had everything they needed to fabricate legitimate-looking bridge messages and mint tokens backed by nothing.
The architecture had a single point of failure. The attackers found it.
What Is KelpDAO?
KelpDAO is a liquid restaking protocol built on Ethereum. Users deposit ETH or LSTs (liquid staking tokens like stETH) and receive rsETH in return β a liquid token representing their restaked position that can be used across DeFi while their underlying ETH continues earning staking and restaking yields.
At the time of the hack, rsETH had a total supply of approximately 650,000 tokens, with each token nominally backed 1:1 by restaked ETH worth approximately $2,500. KelpDAO had deployed rsETH across more than 20 blockchain networks β Ethereum mainnet, Arbitrum, Optimism, Base, Polygon, BNB Chain, and others β using LayerZeroβs cross-chain messaging protocol to keep reserves and token supplies synchronized across chains.
Total value locked in KelpDAO at the time of the attack: approximately $1.7 billion.
How LayerZero Cross-Chain Messaging Works
To understand the exploit, it helps to understand LayerZeroβs architecture.
LayerZero is a messaging protocol that allows smart contracts on different blockchains to communicate with each other. When a contract on Chain A wants to trigger an action on Chain B, it sends a message through LayerZeroβs infrastructure, which delivers and verifies that message on Chain B before executing the triggered action.
The security of this message relay depends critically on who verifies the messages. LayerZeroβs model allows individual protocols to configure their own verification layer β choosing how many independent validators must attest to a messageβs authenticity before it is executed.
A robust configuration might use: 3 independent DVNs (Decentralized Verifier Networks), each operated by separate entities, requiring 2-of-3 or 3-of-3 agreement before execution. This means an attacker would need to compromise multiple independent validators simultaneously β a far more difficult task.
KelpDAOβs configuration: 1-of-1. One verifier. One set of RPC nodes providing data to that verifier. One point of failure.
The Attack: Step by Step
Stage 1: Reconnaissance and RPC Node Compromise (weeks prior)
The attackers β subsequently linked by Elliptic and Chainalysis to Lazarus Group infrastructure β spent weeks identifying the specific RPC nodes that served as data sources for KelpDAOβs single LayerZero verifier. RPC (Remote Procedure Call) nodes are the data infrastructure that blockchain bridges use to read the state of remote chains β they answer questions like βhas this transaction been confirmed on Chain A?β before the bridge acts on Chain B.
KelpDAOβs verifier drew its data from a small set of RPC providers. The attackers compromised access to two of those providers, giving them the ability to inject falsified chain state data into the verifierβs inputs.
Stage 2: Injecting Fraudulent Messages (April 18)
With control over the RPC data sources, the attackers crafted fraudulent LayerZero messages that falsely claimed to represent legitimate cross-chain transfer requests from KelpDAOβs own contracts on other chains.
From the verifierβs perspective, these messages looked authentic: they appeared to originate from the right contract addresses, they referenced valid-looking transaction hashes on the source chain (which the compromised RPC nodes reported as confirmed), and they passed the signature verification that KelpDAOβs contracts expected.
The messages instructed KelpDAOβs Ethereum mainnet contracts to mint 116,500 rsETH tokens β worth approximately $293 million at the time β to attacker-controlled addresses.
Stage 3: Liquidation (April 18 β same day)
With 116,500 freshly minted but completely unbacked rsETH tokens, the attackers moved quickly. They deposited the rsETH into Aaveβs lending pools, where rsETH was accepted as collateral, and borrowed against it β withdrawing real ETH, USDC, and wBTC worth the full collateral value.
By the time KelpDAOβs monitoring systems detected anomalous minting activity and the team began pausing contracts, the attackers had extracted approximately $293 million in real assets and begun the process of bridging them to Ethereum laundering infrastructure.
KelpDAOβs team paused all protocol contracts within approximately 45 minutes of the first anomalous transaction. The pause was too late to recover the funds, but it prevented further minting.
The Cascade: $13 Billion in DeFi TVL Exits
The immediate aftermath of the KelpDAO hack produced the most significant DeFi ecosystem shock since the UST collapse in May 2022.
rsETHβs price collapse: rsETH depegged immediately as the market absorbed the news that 18% of the tokenβs supply was unbacked. The token dropped from parity with ETH to approximately $0.40 per ETH value in the initial hours β an 60% discount that reflected genuine uncertainty about whether the remaining 82% of supply was still fully backed.
Aaveβs market freeze: Aave, which had accepted rsETH as collateral across multiple markets, froze rsETH borrowing and lending activities to prevent the contagion from spreading through its lending pools. SparkLend and Fluid, two other major lending protocols, took similar actions.
Withdrawal wave: Within 48 hours, more than $8.4 billion in deposits exited Aave β not because Aave itself was hacked, but because users feared systemic contagion from the rsETH collateral impairment. Protocols freeze; users watch; confidence collapses; exits accelerate.
Total DeFi TVL impact: DefiLlama recorded a drop of more than $13 billion in total DeFi TVL across all protocols within 48 hours of the KelpDAO hack β the largest TVL drop associated with a single exploit since the Bybit aftermath in early 2025.
Why This Was a Configuration Failure, Not a Protocol Failure
LayerZero has been explicit in its post-incident analysis: the vulnerability was not in LayerZero. The messaging protocol performed as designed. The flaw was in how KelpDAO configured its deployment of that protocol.
LayerZeroβs documentation and security guidance explicitly recommends multi-DVN configurations with at minimum 2-of-3 verification requirements for production deployments holding significant value. The protocol provides the tools to configure robust verification; it cannot compel individual teams to use them correctly.
This is a recurring pattern in DeFi bridge security:
- Wormhole (2022): A signature verification flaw, not a multi-sig configuration issue β but still a validation failure
- Ronin (2022): A 5-of-9 validator requirement that North Korean attackers compromised 5 of, partly because one validatorβs private key was still active post-deprecation
- Nomad (2022): A smart contract initialization bug that allowed anyone to forge valid messages
- KelpDAO (2026): A 1-of-1 verifier configuration that created a single-point failure
The common thread across four years of bridge hacks: insufficient validation. The specific mechanism varies. The underlying cause β building insufficient redundancy into the security-critical validation layer β is consistent.
Halbornβs Post-Mortem Findings
Blockchain security firm Halborn published a detailed post-mortem on the KelpDAO hack that identified several compounding failures beyond the 1-of-1 configuration:
No circuit breakers on large mints: KelpDAOβs contracts had no automatic pause mechanism triggered by unusually large mint events. A circuit breaker that halted operations when single-transaction minting exceeded a threshold (e.g., 1% of total supply) would have automatically stopped the attack and given the team time to respond.
Insufficient RPC provider diversity: Even within a 1-of-1 verifier model, sourcing data from multiple independent RPC providers and requiring consensus among them before acting would have made the RPC compromise attack significantly harder. Single-source RPC data is a security risk independent of the validator count.
Delayed monitoring alerts: The time between first anomalous transaction and team awareness was approximately 20 minutes β long enough for the bulk of the minting and initial liquidation to complete before any manual intervention was possible. Real-time automated alerting calibrated to transaction anomaly detection is a requirement, not an option, for protocols holding hundreds of millions in assets.
Oracle independence from bridge state: rsETHβs price oracle on Aave and other lending platforms was not immediately updated to reflect the depegging risk β meaning Aaveβs collateral value calculations continued to treat rsETH at near-par for a brief but critical window during which the attackers borrowed against the unbacked tokens.
What the Industry Needs to Learn
The KelpDAO hack provides several lessons that should be non-negotiable for cross-chain protocols:
Minimum Validation Standards
No cross-chain bridge or messaging system holding more than $10 million should operate with fewer than 3 independent validators with a 2-of-3 minimum threshold. For systems holding $100 million+, the threshold should be 3-of-5 or higher. These are not aspirational guidelines β they are minimum security hygiene.
RPC Data Source Diversity
Validators must source chain state data from multiple independent RPC providers. Consensus among data sources before the validator acts eliminates single-provider compromise as a viable attack vector.
Automatic Circuit Breakers
Every protocol handling large asset flows should implement on-chain circuit breakers that automatically pause operations when anomaly thresholds are exceeded: mint volume > X% of supply in a single transaction, bridge inflows exceeding Y% of protocol TVL in Z minutes, or oracle price deviations beyond acceptable ranges.
Cross-Protocol Collateral Risk
Lending protocols that accept derivative tokens (rsETH, stETH, LRT tokens) as collateral must account for the bridge risk embedded in those tokensβ backing. This requires integration with bridge security monitoring, dynamic LTV adjustments based on bridge health indicators, and circuit breakers on collateral acceptance for tokens with known bridge infrastructure vulnerabilities.
Recovery and Remediation
KelpDAO announced a recovery fund and redeployment plan in the days following the hack, with a path to making affected users whole through a combination of protocol treasury, future fee revenue allocation, and potential investor contributions.
The technical remediation includes migration to a 3-of-5 DVN configuration on LayerZero, implementation of circuit breakers, diversification of RPC data sources, and independent security audits of all cross-chain infrastructure before relaunch.
Recovery of stolen funds remains unlikely. Lazarus Group attribution means the laundering process is sophisticated, fast, and specifically designed to defeat recovery efforts.
Conclusion
The KelpDAO hack is the most expensive configuration error in DeFi history. It was not caused by a novel attack technique, an unaudited codebase, or an unavoidable zero-day. It was caused by choosing to build mission-critical bridge infrastructure with a single point of failure when multi-point validation tools were available, documented, and recommended.
$293 million is the cost of that choice.
The next protocol making the same choice will pay the same price.
This article is provided for informational purposes only.
Sources:
