According to The Block, LayerZero issued a public apology on Friday for its handling of the April 18 exploit that drained roughly $292 million in rsETH from Kelp DAO’s cross-chain bridge. The protocol acknowledged it made a mistake by allowing its Decentralized Verifier Network (DVN) to serve as the sole verifier for high-value transactions, reversing its earlier position that blamed Kelp DAO’s configuration choices.
LayerZero announced several remediation measures: the LayerZero Labs DVN no longer services 1/1 DVN configurations, default settings are being migrated to require at least five verifiers where possible with a floor of three, and the company is raising its multisig threshold from 3-of-5 to 7-of-10. The protocol also disclosed a previously unreported operational security incident from 3.5 years ago involving a multisig signer’s misuse of production hardware for a personal trade. LayerZero said the exploit affected roughly 0.14% of total applications on the network.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Crypto Wrench Attacks Rise: Victims Lose $101M in First Four Months of 2026, Families Increasingly Targeted
According to CertiK, crypto wrench attack victims lost approximately $101 million in the first four months of 2026, with the trend projected to reach hundreds of millions for the full year. The security firm verified 34 incidents globally, representing a 41% increase from the same period in 2025, wi
GateNews1h ago
Tether's USDT0 Unveils 3/3 Verification Mechanism, Launches $6M Bug Bounty Program After Kelp Incident
According to ChainCatcher, Tether's USDT0 protocol unveiled its security architecture following the Kelp incident, implementing a 3/3 verification consensus mechanism requiring three independent validators using separate codebases. Current validator nodes include USDT0's proprietary DVN,
GateNews3h ago
Malaysian Police Seized 50,000 USDT from Chinese Nationals in February; Investigation Stalls After Three Months
According to ChainCatcher, eight Chinese nationals were forced to transfer approximately 50,000 USDT after a police raid on a rented villa in Kajang, Malaysia in February. Police claimed the suspects were involved in fraud and subsequently arrested 12 officers involved in the incident, removing
GateNews4h ago
12 Malaysian Police Officers Robbed Chinese Citizens of $50,000 USDT in February; Investigation Stalled as of May 10
According to BlockBeats, 12 Malaysian police officers were arrested after allegedly robbing Chinese citizens of approximately $50,000 USDT during a raid on a rented villa in Kajang, Selangor in February 2026. The officers have been suspended pending investigation, which is awaiting cryptographic
GateNews4h ago
North Korean Lazarus Group Hides Malware in Git Hooks to Target Developers
According to OpenSourceMalware research, North Korean hacking group Lazarus has hidden second-stage malware loaders in Git Hooks pre-commit scripts during targeted attacks on developers, a report revealed on May 9. The group uses a technique called "Contagious Interview" to lure developers into
GateNews5h ago
LayerZero issues an apology and admits a design flaw in its 1/1 DVN configuration: default to a full upgrade to 5/5
Cross-chain protocol LayerZero issued a public apology on May 9 (U.S. time), acknowledging a design flaw in the Kelp DAO hacker incident. CoinDesk, citing LayerZero’s official blog, wrote: “First things first: a belated apology. We allowed DVN to operate in 1/1 mode for high-value transactions—this is a mistake.” The position shifted from prior weeks’ accusations about “Kelp’s own configuration choices” to taking responsibility at the infrastructure layer itself. The attitude reversal occurred t
ChainNewsAbmedia11h ago
