Author: Gu Yu, ChainCatcher
More than 40 hours after the theft, the ripple effects triggered by Kelp DAO continue to unfold, with an increasing number of prominent projects such as Aave, LayerZero, and Arbitrum being drawn in, even leading to certain popular narratives facing a death sentence.
Renowned KOL Feng Wuxiang stated on X that only ETH is safe now, and ARB has also authorized the freezing of customers' assets. None of the L2s are real L2s anymore. L2s rose with Arbitrum, and they will fall with Arbitrum.
Another well-known KOL, Lanhu, stated that the biggest loser in this kelp incident was not Aave or Kelp, but LayerZero—however, it was too short-sighted to see the true nature of the event. The essence of this incident was not a refutation of L2s (even fake L2s are acceptable), but a refutation of cross-chain bridges.
Increasingly heated opinions are emerging in the public discourse, with the parties involved each sticking to their own claims and blaming one another, making the Kelp DAO theft incident a typical window for observing the allocation of security incident responsibilities and the conflict between pragmatism and technological fundamentalism.
I. Has L0 been disproven? Cross-chain bridges emerge as the biggest losers
The key event was LayerZero's detailed report on the cyberattack released yesterday, which preliminarily attributes the attack to the Lazarus Group, believed to have North Korean ties. The attackers compromised the downstream RPC infrastructure that LayerZero’s decentralized verification network (DVN) relies on, taking control of certain RPC nodes and coordinating DDoS attacks to force the system to switch to malicious nodes, thereby forging cross-chain transactions.
“Poisoning the RPC infrastructure via compromised nodes, combined with DDoS attacks on unaffected RPCs to force a failover, is an extremely sophisticated approach. This is essentially infrastructure warfare,” said Samuel Tse, Head of Investment and Partnerships at Animoca Brands.
At the end of the report, LayerZero stated that the protocol operated exactly as intended throughout the incident. No vulnerabilities were found in the protocol. The core feature of LayerZero’s architecture is modular security, which in this case perfectly achieved its intended goal by isolating the entire attack to a single application—resulting in zero contagion risk, with no impact on other OFTs or OApps.
This complete abdication of responsibility became the catalyst for a massive public backlash, with many prominent industry figures expressing dissatisfaction with LayerZero’s performance in this incident.
L0 cleaned its hands completely, blaming all the blame in the entire article on KelpDAO’s misconfiguration, claiming it had absolutely no issues whatsoever. Amazing. Why was a 1/1 configuration even allowed to exist? How did the attacker gain access to the internal RPC list? Why did the failover logic, after the DDoS attack, directly trust the compromised RPC without halting validation—or at least taking any minimal action?” asked renowned industry researcher CM.
“This deliberate avoidance makes me uncomfortable. The statement clearly says, 'The protocol is operating exactly as expected.' The attack was described as an RPC node compromise and RPC poisoning. But RPC poisoning isn’t what happened—they themselves suffered an intrusion and compromise of their infrastructure. Since the statement doesn’t explain how the intrusion occurred, I won’t rush to re-enable the bridge,” said renowned DeFi developer banteg.
Kelp DAO also issued an official statement, clarifying that the single-validator (1/1) configuration exploited in this attack was not a choice made in disregard of recommendations, but rather the default setting outlined in LayerZero’s official guidelines, and that the validator network (DVN) exploited by the attackers is LayerZero’s own infrastructure.
According to Dune's analysis, of the 2,665 OApp contracts built on LayerZero, 47% use a 1/1 DVN configuration, meaning a single-verification mechanism, which significantly amplifies industry-wide risk.
More terrifying than the occurrence of problems is when parties refuse to acknowledge or avoid their mistakes. As the leading player in cross-chain communication and the Layer 0 narrative, LayerZero is used by hundreds of crypto projects to bridge tokens and assets across different chains. If it continues to maintain an arrogant stance, it will further erode industry confidence in it.
The general consensus is that, although LayerZero was not directly hacked, it has suffered the greatest reputational damage—it must pay the price for “allowing weak configurations,” or else the cross-chain narrative will collapse.
In other words, LayerZero not only needs to propose clear technical improvements but also take on greater responsibility in the asset compensation plan.
Two: Is Layer2 Dead? Arbitrum’s Unprecedented Freeze
The discussion regarding Layer 2 stems from Arbitrum’s freezing action. At noon today, the Arbitrum Security Council issued a public notice stating that it had taken emergency action to rescue 30,766 ETH held by the hacker in an Arbitrum One address, currently valued at $71 million.
Arbitrum also stated that, after extensive technical investigation and deliberation, the Security Committee identified and implemented a technical solution to transfer funds to a secure location without affecting any other chain state or Arbitrum users. The original address holding the funds can no longer access them, and only the Arbitrum governance authority can take further action to move these funds—a move that will be coordinated with relevant parties.
According to industry insiders, the Arbitrum Security Council used a privileged state override transaction type (part of ArbOS, but virtually never used) to allow the attacker's private key to still sign transactions, while the ETH at that address was transferred by the chain itself.
This special transaction type completely bypasses the attacker’s private key and can only be injected by the chain itself (via the sequencer / ArbOS upgrade path, controlled by the Arbitrum Security Council).
It is reported that the Arbitrum Security Council consists of 12 individuals elected by the Arbitrum DAO, and any decision requires the approval of at least 9 out of 12 members.
A single stone stirs up a thousand waves. Previously, outside observers believed that Arbitrum, as a representative Layer2 solution, did not have the capability or authority to handle users' ETH assets, as this would contradict the decentralized spirit of blockchain.
In past hacking incidents, stolen USDT and USDC were often frozen immediately by Tether and Circle to minimize user losses. ETH, as a native chain asset, has never been frozen or transferred by the chain itself, and this exceeds the expectations of the vast majority of users.
Many perspectives support Arbitrum’s approach, such as “All companies, banks, and regulated financial institutions will eventually adopt second-layer solutions. Operating like a centralized entity at critical moments is not a flaw, but an advantage.” However, this is not the case for many tech enthusiasts.
“No private key required, no authorization needed—direct transfers.” In many views, Arbitrum’s recent action has redefined the level of decentralization on Layer 2, causing unease among users regarding their security on Layer 2.
Lan Hu bluntly stated that this incident has directly crossed the ideological red line of DeFi: "Not Your keys, not your coins." This event once again brings us back to the classic dilemma in crypto: pragmatic security versus fully decentralized security.
Conclusion
When LayerZero said “the protocol is operating exactly as intended,” it maintained technical correctness but lost public opinion and trust; when Arbitrum transferred $71 million in ETH via privileged transactions, it rescued user funds but severely damaged the decentralized narrative of Layer2.
The Kelp theft incident has put two of the most popular narratives on trial: Are cross-chain bridges infrastructure or risk amplifiers? Is Layer2 a reliable extension of Ethereum, or a decentralized facade masking a secondary bank?
LayerZero was compromised due to its single validation node mechanism, and Arbitrum used a centralized special voting mechanism to recover losses for LayerZero and Kelp DAO. This forms an extremely ironic闭环: a protocol that touts decentralization collapsed due to its “single point of failure,” and ultimately had to rely on another protocol’s “centralized privileges” to resolve the situation.
It forces the entire industry to confront a question that has never been directly answered: When the ideal of decentralization clashes with the real-world cost of security, which side are we willing to sacrifice?
The discussion of grand narratives is a focal point of public opinion, while user compensation plans are another practical focal point. Even though Arbitrum has recovered over $70 million through technical means, Aave still faces nearly $200 million in bad debt—how can users’ interests be properly protected and safeguarded?
In the vast majority of hacking incidents, losses in the millions of dollars can be catastrophic for a protocol, and user reimbursement efforts typically end in failure. However, this incident involves top-tier projects such as Aave and LayerZero, making their bad debt resolution plan highly anticipated.
Aave has proposed two potential solutions for handling the bad debt today: the first is to socialize the losses among all rsETH holders (chain-wide burden sharing), with Kelp DAO implementing a uniform write-down of value for all rsETH (mainnet + L2) of approximately 15% depeg; the second is to have only L2 rsETH holders bear all the losses, while mainnet rsETH retains its original value.
However, Kelp DAO and the official LayerZero team have not discussed their roles in the compensation plan. From LayerZero’s attempt in the report to distance itself from responsibility, it is clear that the project believes no responsibility means no obligation to provide compensation.
However, a protocol with a valuation in the billions of dollars, relied upon as foundational infrastructure by hundreds of projects, choosing to “technically disclaim responsibility” for massive losses caused by DVN’s default configuration is itself a profound irony regarding the very definition of “foundational infrastructure.”
This is a classic prisoner’s dilemma, where all parties in crisis are trying to minimize their own losses through “利益切割” rather than sharing responsibility to repair the industry’s trust deficit.
From the negative impact of this incident on all parties in the industry, for the DeFi space, this will be the most dangerous prisoner’s dilemma ever.