LayerZero vs KelpDAO wahala: $292M rsETH hack connect to 1/1 DVN setup

Published: 2026-05-06 15:28:33 |

LayerZero founder Bryan Pellegrino deny wetin KelpDAO talk say LayerZero approve the insecure "single-verifier (1/1 DVN)" bridge wey cause the rsETH exploit on April 18 (~$292M). Pellegrino yarn say KelpDAO first deploy rsETH bridging with LayerZero default multi-verifier setup, later dem "manually downgrade" am to 1/1 DVN. E point to LayerZero documentation wey dey warn say 1/1 DVN no suppose use for production. KelpDAO reply say LayerZero staff no raise objection during plenty discussions and say LayerZero tacitly allow the config, dem show screenshots of internal comments. The dispute follow after incident wey dem report say 116,500 rsETH drain (about 18% of circulating supply). Data show before the hack, 47% of active LayerZero OApp contracts dey use 1/1 DVN setup. LayerZero don ban the config since then and dey push migrations across apps. As answer, KelpDAO talk say dem dey migrate rsETH bridging from LayerZero to Chainlink CCIP, and new CCIP rsETH contract dey show beside the legacy LayerZero contract for GitHub. For traders, focus shift from just containment to accountability: whether rsETH bridge operators really review DVN risk, and whether LayerZero defaults, warnings, and enforcement suf. This fit cause short-term caution and volatility for rsETH-linked liquidity until migrations and audits finish—especially for bridges wey rely on DVN configuration choices.

Bearish

Di wahala na dey center on insecure rsETH bridgin risk wey relate to 1/1 DVN configuration. Even tho LayerZero talk say dem warn make people no use 1/1 DVN and later ban am, attacker reportedly clear about ~116,500 rsETH and pre-hack data show 47% of active LayerZero OApps use 1/1 DVN — meaning protocol-level and app-level misconfig fit spread quick. KelpDAO move go Chainlink CCIP fit reduce future exposure, but short-term uncertainty about which contracts don fully migrate and how quick liquidity go follow fit pressure rsETH sentiment. Short-term, expect volatility as bridge operators audit dependencies and traders reprice bridge-risk premiums; long-term impact depend on whether migrations and enforcement comot remaining 1/1 DVN usage without more incidents.