LayerZero × Kelp $2.9 Billion Blame Game: Live Coverage On 4/18, an attacker stole $2.9 billion (approximately 30,766 ETH) from Kelp DAO’s cross-chain bridge. Kelp’s business involves staking ETH to receive rsETH, which is then used as collateral for lending by nine protocols, including Aave. So when the bridge failed, a chain reaction exploded: - Aave’s TVL instantly evaporated by $6.6 billion - Nine protocols faced bad debts ranging from $124 million to $230 million - The Arbitrum @arbitrum Security Committee used emergency powers to forcibly freeze the hacker’s address containing 30,766 ETH, barely recovering the funds The money was frozen—but the blame was still flying. LayerZero @LayerZero_Core released its post-mortem, drawing three red lines: 1️⃣ The attacker was attributed to TraderTraitor, a group under North Korea’s Lazarus Consortium—a state-sponsored attack no one could have stopped. 2️⃣ It was not a protocol vulnerability, not a DVN vulnerability, not a key management issue—it was a dual attack: poisoned downstream RPC nodes + DDoS. 3️⃣ Kelp chose a 1-of-1 single-validator configuration; we had long advised using multiple validators to achieve Zero Contagion for other assets. The moment “Zero Contagion” was uttered, Chainlink Community Manager Zach Rynes @ChainLinkGod struck first: “As expected, LayerZero is shifting blame.” The security research community quickly dug deeper: LayerZero’s published V2 OApp Quickstart and GitHub deployment code defaulted to 1 required DVN + 0 optional DVNs—essentially a 1/1 configuration. In the evening, Kelp @KelpDAO fired back with noticeably colder tone: 1️⃣ The 1-of-1 setup was the official default in LayerZero’s own Quickstart—easily verifiable on GitHub. 2️⃣ We’ve operated this configuration since January 2024; over 24 months of communication, you never once suggested specific changes to rsETH’s DVN setup. When we scaled to L2, you personally confirmed: “The default configuration is appropriate.” 3️⃣ The compromised validator stack “belongs to LayerZero’s own infrastructure”—you managed it yourself, and now you’re blaming us for not monitoring you? 4️⃣ You released your post-mortem without aligning narratives with us first—this is unilateral blame-shifting. The Chinese-speaking community overwhelmingly sided with Kelp. Blue Fox @lanhubiji elevated the debate with one line: “What’s been disproven isn’t L2—it’s cross-chain bridge design.” Immediately after publishing its post-mortem, LayerZero announced: “Going forward, we will no longer sign off on any single-validator configuration.” This is effectively an admission that the default design was flawed. Currently, 40% of protocols on LayerZero use this configuration—so they must now choose: either admit they provided a default setup that was a trap, or admit that 40% of protocols are in high-risk status. Either way, it’s embarrassing.