BREAKING: LayerZero Releases Post-Mortem on $290M KelpDAO rsETH Exploit KelpDAO suffered approximately $290M in losses due to their use of a single-DVN (1-of-1) configuration that relied solely on LayerZero Labs' verifier. The breach involved a highly sophisticated RPC-poisoning attack—attributed to the Lazarus Group / TraderTraitor—that managed to compromise certain RPC nodes used by the LayerZero Labs DVN. LayerZero has maintained that their protocol functioned as intended, noting that its modular security architecture contained the damage. However, they're facing significant criticism for permitting 1-of-1 configurations and for the fact that it was their own DVN that was deceived. In response, they've retired the compromised RPCs, restored the Labs DVN to operation, and are now blocking message signing for any application still running a 1-of-1 setup.
Share
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.