- On April 18, 2026, an attacker drained 116,500 rsETH (~$292M) from KelpDAO's LayerZero bridge.
- It wasn't a LayerZero protocol bug.
- It was a configuration choice — a single required DVN, zero optional verifiers — and every OFT/OApp founder needs to audit their config today.
TL;DR
KelpDAO's $292M exploit was not a LayerZero bug. It was a config choice. KelpDAO shipped its rsETH OFT with a 1/1 DVN security stack — one required verifier, zero optional, threshold 0. A forged cross-chain message that was never actually emitted on the source chain (Unichain) got signed by the single required DVN. With no independent verifier to contradict it, lzReceive fired, the OFT Adapter on Ethereum (0x85d456B2DfF1fd8245387C0BfB64Dfb700e98Ef3) released 116,500 rsETH out of thin air, and the contagion cascaded into Aave, SparkLend, Fluid, Lido Earn, Ethena, and Upshift within hours. If you run an OFT/OApp with serious TVL, pull getConfig() today.
What happened
At 17:35 UTC on April 18, 2026, an attacker drained 116,500 rsETH (~$292M) from KelpDAO's LayerZero-powered cross-chain bridge — roughly 18% of rsETH's ~630,000 circulating supply. The drain happened in a single transaction: the attacker called lzReceive on LayerZero's EndpointV2 contract carrying a forged packet, which pushed Kelp's mainnet OFT Adapter to release rsETH directly to an attacker-controlled address.
Kelp's emergency pauser multisig executed pauseAll 46 minutes later at 18:21 UTC, freezing the LRT Deposit Pool, withdrawal module, LRT Oracle, and the rsETH token itself. Two retry transactions at 18:26 and 18:28 UTC — each carrying the same LayerZero packet attempting another 40,000 rsETH (~$100M) — both reverted thanks to the pause. Without that 46-minute window of containment, the loss would have approached $391M.
This now sits as the largest single DeFi exploit of 2026, narrowly surpassing Drift Protocol's $285M loss on April 1.
Why it matters: the verification layer broke, not the contracts
The contracts on either end weren't broken. The verification layer was. Source and destination OApp on LayerZero Scan are both labeled "Kelp DAO," and the ReceiverOAppConfig on the rsETH bridge pathway tells the whole story:
requiredDVNCount: 1requiredDVNNames: [LayerZero Labs]optionalDVNCount: 0optionalDVNThreshold: 0
That is the weakest security tier LayerZero allows. One signature stands between a forged packet and a mint. The attacker didn't break a cryptographic primitive — they exploited the fact that there was no second pair of eyes. The forged source packet was never actually emitted on Unichain, but with only one required DVN signing the attestation, there was no independent verifier to contradict it. Everything downstream then executed exactly as designed: commitVerification → lzReceive → peer check → OFT decode → rsETH mint.
To be clear: LayerZero V2 is modular by design. Apps pick their own X-of-Y-of-N stack, multiple independent DVNs, optional DVNs, thresholds, and block confirmations. No project is forced into any configuration. The protocol gave KelpDAO the full toolkit. KelpDAO chose 1/1.
Technical facts at a glance
| Property | Value |
|---|---|
| Drained | 116,500 rsETH (~$292M) |
| Share of supply | ~18% of ~630,000 rsETH |
| Attack vector | Forged LayerZero packet → lzReceive on EndpointV2 |
| Target contract | rsETH OFT Adapter 0x85d456B2DfF1fd8245387C0BfB64Dfb700e98Ef3 |
| DVN config | 1 required (LayerZero Labs), 0 optional, threshold 0 |
| Source chain (claimed) | Unichain — packet was never actually emitted |
| Funding source | Tornado Cash 1-ETH pool, ~10h pre-attack, 6 wallets |
| Containment | pauseAll at 18:21 UTC (46 min after drain) |
| Total exposure if not paused | ~$391M |
How DeFi composability turned $292M into $280M+ of bad debt
The drain was only act one. The attacker then deposited the freshly minted, unbacked rsETH as collateral on Aave V3, Aave V4, Compound V3, and Euler, borrowing ~$196M WETH on Aave alone and pushing the total debt position past $236M. On-chain trackers show ~74,000 ETH consolidated into a single wallet, with ~$250M already converted into ETH. Total bad debt across protocols: $236M–$280M+.
Because the rsETH backing was already gone the moment it hit Aave, the borrowing positions cannot be liquidated through normal mechanisms. Aave's WETH reserve is now carrying debt nobody is going to repay. The contagion list:
- Aave V3 + V4: rsETH markets frozen; bad debt in WETH reserve
- SparkLend, Fluid: froze rsETH markets (SparkLend reported zero exposure)
- Lido Finance: paused earnETH (rsETH exposure); core stETH/wstETH unaffected
- Ethena: temporarily paused all LayerZero OFT bridges from Ethereum mainnet (~6h) as a precaution; 101%+ overcollateralized
- Upshift: suspended deposits/withdrawals on High Growth ETH and Kelp Gain vaults
At least nine protocols triggered emergency responses. Token impact in the first 24h: AAVE −10% to −16%, ZRO −20%, KERNEL −11%, ETH −3%.
Who needs to act today: every OFT/OApp founder
If you are a founder or dev with an OFT live in production, the to-do list is short and urgent:
- Pull your Send/Receive ULN config — call
getConfig()on your endpoint, or open layerzeroscan.com and inspect yourReceiverOAppConfig. - If
requiredDVNCountis 1 andoptionalDVNCountis 0 — reconfigure before the market does it for you. - Anyone can verify any OApp's config on LayerZero Scan right now. Yours, your competitors', the LRT you are about to whitelist as collateral.
Limitations & what users should do
rsETH was trading near $2,500 in the immediate aftermath, with redemption pressure from L2 holders potentially forcing Kelp to unwind restaking positions. Whether the peg holds through the week depends on how much of the cross-chain float tries to redeem into ETH on Ethereum, and whether any portion of the stolen funds can be recovered before the Tornado Cash trail goes cold.
For depositors: WETH suppliers on Aave V3 Core were urged to withdraw immediately. Aave's Umbrella safety system — which replaced the Safety Module in late 2025 — is designed for exactly this scenario, automatically slashing staked aWETH to cover the deficit. This is its first major real-world stress test. Aave initially committed to deploying Umbrella, then softened the wording to "explore paths to offset the deficit." Stakers should expect a haircut.
For rsETH-backed borrowers: add alternative collateral or repay debt now, while the lending markets are still functioning normally enough to allow it.
Baseline DVN config for any OFT/OApp with serious TVL
The lesson the rest of the cross-chain ecosystem should internalize today, before Kelp's full RCA even drops:
- Multiple required DVNs — 3 to 4 or more, not one.
- Independent providers — don't stack correlated risk. Consider a canary DVN that is also its own independent client.
- Optional DVNs with a threshold on top of required.
- Sane block confirmations.
Even reputable DVNs can have a bad day — key compromise, infra failure, malicious actor, whatever. Redundancy is the entire point. A 1/1 DVN is the cross-chain equivalent of a 1-of-1 multisig on a treasury, and the industry just spent $292M proving it.
A development team had already flagged this on the Aave governance forum back in January 2025, asking Kelp to extend to multiple DVN verifications. Fifteen months later, the second DVN had still not been added. Speed brought market share. The bill arrived this weekend.
Security is the application's responsibility. LayerZero hands every project a powerful, modular security stack — it is on the project to actually use it. Check your configs. Stay safe out there.
Sources: CoinDesk, CryptoBriefing, Foresight News via PANews, Startup Fortune, Crypto_Goblinz on X.