On May 9, 2026, LayerZero Labs said out loud what the DeFi security community had been saying for three weeks: it made a mistake. The company admitted in a public statement that allowing its own Decentralized Verifier Network to secure high-value bridge assets in a single-verifier configuration was a design failure, not a misconfiguration by Kelp DAO alone. That admission — reversing weeks of deflecting blame onto the protocol it had approved — landed the same week Solv Protocol announced it was moving $700 million in tokenized bitcoin infrastructure off LayerZero for good.
Combined with Kelp DAO’s earlier departure, that puts more than $1.4 billion in total asset value migrating toward Chainlink’s Cross-Chain Interoperability Protocol in the aftermath of one exploit. That is not a vendor switch. It is a structural verdict on how cross-chain bridge security was architected, sold, and overseen.
The underlying event — the April 18 drain of 116,500 rsETH from KelpDAO’s LayerZero bridge — has been covered extensively. This piece is about what happened after: who admitted what, which protocols are responding with protocol changes rather than PR, and whether the bridge security reforms now in motion are enough to prevent the next $292 million disappearance.
What LayerZero Actually Admitted
LayerZero’s May 9 statement was short and specific. “We made a mistake by allowing our DVN to act as a 1/1 DVN for high-value transactions,” the company wrote. “We didn’t police what our DVN was securing, which created a risk we simply didn’t see.”
The admission mattered because the company had spent three weeks pointing to Kelp DAO’s configuration choices. Kelp had published its own counter in early May, claiming LayerZero personnel had reviewed and approved the 1-of-1 verifier setup before deployment. That set up a factual dispute with real stakes: if LayerZero had pre-approved the config, the liability picture looked different, the reputational damage to LayerZero’s infrastructure business was larger, and the case for migrating away from it became harder to dismiss.
LayerZero’s retraction of the blame-deflection was confirmed by data. A Dune Analytics query published by The Block showed that as of early May, approximately 47% of active LayerZero OApp contracts were using the same default 1-of-1 DVN setup that enabled the KelpDAO drain. That figure made LayerZero’s original framing — that Kelp had made an unusual or negligent configuration error — factually indefensible. Kelp was doing what nearly half of LayerZero’s customers were doing.
Following the admission, LayerZero said all default pathways are moving toward 5/5 or minimum 3/3 verification setups where possible. It also banned new high-value deployments from using the 1-of-1 model. Whether existing deployed contracts across those 47% of OApps will be forced to migrate or merely encouraged to is not yet clear from public communications.
How the Hack Actually Worked — and Why It Was Not a Smart Contract Bug
Understanding what LayerZero conceded requires understanding what actually happened on April 18. The KelpDAO attack was not a code exploit. There was no vulnerability in rsETH’s smart contracts, no reentrancy attack, no flash loan manipulation. Chainalysis’s postmortem describes an off-chain infrastructure attack of a different character entirely.
LayerZero’s DVN is the network responsible for verifying that a cross-chain message is legitimate before a bridge releases funds. In a 1-of-1 configuration, that verification job belongs to exactly one node. Kelp’s rsETH bridge used LayerZero’s own DVN as that single node. The attackers — attributed by TRM Labs to North Korea’s Lazarus Group — obtained the list of RPC endpoints that DVN node queried to read source-chain state. They then compromised two of LayerZero’s internal RPC nodes and launched a DDoS attack against the external fallback providers, forcing the DVN to rely on the compromised infrastructure. The poisoned nodes fed it fabricated cross-chain messages. The DVN, seeing what appeared to be valid instructions, signed off. Kelp’s bridge released 116,500 rsETH — roughly 18% of the token’s circulating supply — to the attacker.
The exploit completed before Kelp’s emergency pause multisig could react. The team froze core contracts 46 minutes after the drain began. Two follow-up attempts, each carrying instructions for another 40,000 rsETH drain worth roughly $100 million, both reverted after the pause landed.
The attack mechanism is significant for the security reform conversation. DVN configuration is invisible to users. A protocol secured by a 1-of-1 verifier and a protocol secured by a 5-of-9 verifier both appear in public documentation as “using LayerZero.” There is no standardized disclosure, no public registry of DVN configurations, and no tool that lets depositors or counterparty protocols check the actual fault tolerance of a bridge before committing capital.
The $1.4 Billion Migration and What It Signals
Kelp DAO’s decision to move rsETH from LayerZero to Chainlink’s CCIP was announced in early May and framed as a straightforward security upgrade — the protocol was switching from LayerZero’s OFT standard to Chainlink’s Cross-Chain Token standard. The language was measured. The message was not.
Solv Protocol’s May 7 announcement was blunter. Solv told CoinDesk it was migrating $700 million in SolvBTC and xSolvBTC infrastructure — tokenized bitcoin assets used across DeFi and the BTCfi market — because recent incidents had convinced the team to upgrade the infrastructure used to move assets between blockchains. The migration covers four networks currently using LayerZero bridges: Corn, Berachain, Rootstock, and TAC. LayerZero bridge support for SolvBTC and xSolvBTC on those networks will be deprecated.
Together, Kelp and Solv represent more than $1.4 billion in protocol asset value moving toward Chainlink CCIP in a matter of weeks. For context, LayerZero’s total locked value across its bridge infrastructure sits in the range of $8–12 billion. Losing $1.4 billion is not existential. But it is the kind of signal that accelerates a broader re-evaluation — especially when the protocols leaving are the ones whose users just watched a $292 million drain happen.
Chainlink’s CCIP uses a different trust model: independent node operators, separate source and destination chains validation, and a Risk Management Network that monitors for anomalous cross-chain activity in real time. Whether CCIP is hack-proof is a different question. No bridge architecture has been. But the migration reflects a specific argument — that a system with multiple independent verification layers is structurally harder to compromise than one where a single node controls whether funds move.
Aave’s Governance Response: Collateral Standards Rewritten
The KelpDAO hack did not stay contained to the bridge. Because the attacker deposited nearly 90,000 fraudulently minted rsETH into Aave as collateral and borrowed roughly $190 million in real ETH and other assets, the exploit became Aave’s problem too. Aave’s governance response, published May 7, overhauled how new assets qualify for use as collateral on the protocol.
The new framework requires that every asset seeking listing be evaluated not just on price volatility — the traditional metric for collateral risk — but on cybersecurity architecture, interoperability dependencies, and underlying technical structure. That means a liquid restaking token backed by a LayerZero bridge now faces an explicit assessment of whether its bridge security model meets Aave’s standards. Aave will also publish a minimum-standards playbook for issuers seeking to list.
The governance action reads in context as an implicit admission that rsETH’s path to Aave collateral status moved too fast relative to the bridge risk embedded in the asset. That judgment is now hardwired into the listing process. We covered the full Aave governance overhaul when it landed — the short version is that the protocol’s Umbrella insurance mechanism and stkAAVE slashing parameters are both under review as a direct result of how close Aave came to absorbing hundreds of millions in bad debt.
The “DeFi United” recovery initiative — drawing commitments from Lido, EtherFi, Ethena, Consensys, and the Avalanche Foundation — raised more than $300 million to restore rsETH’s collateral backing. The effort prevented a cascading bad-debt event from spreading into the broader lending market. Aave co-founder Stani Kulechov confirmed on May 9 that ETH loan-to-value ratios on the protocol are returning to normal parameters following the court-cleared $71 million ETH transfer from Arbitrum.
The Systemic Picture: 47 Incidents, $770 Million, One Common Thread
The KelpDAO exploit did not happen in isolation. CryptoTimes published an industry-wide count on May 9 showing 47 separate DeFi hack incidents in the first four and a half months of 2026 — a 68% year-over-year increase from the same period in 2025. Over $770 million has been drained. April alone saw losses of more than $651 million across roughly 30 exploits, making it the most-hacked month in crypto history by incident count. The Drift Protocol exploit — a $285 million social engineering operation against Solana-based DeFi that completed on April 1 — was the runner-up to KelpDAO’s drain for the year’s largest single event.
TRM Labs’ attribution report ties 76% of all 2026 crypto hack value to North Korean state-sponsored groups. That figure is driven almost entirely by the Kelp and Drift hacks — but the methodology matters. The DPRK groups behind these attacks are not exploiting obvious code bugs. They are running months-long social engineering campaigns, compromising off-chain infrastructure, and targeting the organizational layers around protocols rather than the contracts themselves. The Drift hack involved pre-planting fake governance assets and tricking Security Council members into pre-signing dormant transactions. The KelpDAO attack compromised node infrastructure to forge messages that looked legitimate at the verification layer.
Neither of those attack vectors is addressed by a smart contract audit. That is the uncomfortable structural problem in the current reform conversation. Protocols are improving DVN configurations and collateral listing standards. Those are real improvements. But the attacks that are actually happening are exploiting the human and organizational infrastructure that sits between users and the contracts — and that layer is substantially harder to standardize or audit.
What the Bridge Security Reform Looks Like in Practice
LayerZero’s post-hack commitments include moving default pathways to 3/3 or 5/5 DVN configurations, auditing the existing installed base of 1-of-1 setups, and publishing clearer documentation of DVN security minimums. The company has not committed to a public registry that would let external auditors or counterparty protocols inspect the verification configuration of any given OApp bridge before interacting with it.
That gap is notable. Security researchers and protocol developers have pointed out since the hack that there is no standardized disclosure framework for bridge trust models. A 1-of-1 DVN, a 3-of-5 DVN, and a zero-knowledge proof-backed multi-message aggregation system all fall under the same “LayerZero powered” label from a user-facing perspective. Without disclosure tooling, users, auditors, and counterparty protocols cannot make informed decisions about which bridges are safe to depend on.
Chainlink CCIP’s model provides a different structural answer through its Risk Management Network — an independent layer that continuously monitors cross-chain operations and has the authority to halt anomalous transfers before they complete. That does not eliminate attack surface, but it changes the risk profile meaningfully: an attacker who compromises a verification layer still has to get past a separate monitoring system that was not part of the original attack plan.
The migration signals from Kelp and Solv suggest that institutional-grade DeFi protocols managing hundreds of millions in user assets are making a practical judgment: the cost of migrating to a more expensive or constrained bridge architecture is worth the reduction in tail risk. Whether smaller protocols with tighter development budgets and shorter governance timelines make the same decision is less certain.
Frequently Asked Questions
What did LayerZero admit in May 2026?
On May 9, 2026, LayerZero Labs acknowledged it had made a mistake by permitting its own Decentralized Verifier Network to act as the sole verifier on high-value bridge applications. The company had previously pointed to Kelp DAO’s configuration choices as the primary failure. After Kelp published evidence that LayerZero personnel had reviewed and approved the 1-of-1 setup, and after Dune Analytics data showed nearly half of all LayerZero OApp contracts used the same configuration, LayerZero reversed that position. The company said all default pathways are moving to minimum 3/3 or 5/5 verification setups and has banned new high-value deployments from using the 1-of-1 model. The admission carries commercial significance because it reshapes the liability narrative around one of DeFi’s largest bridge infrastructure providers and validates the decisions by Kelp and Solv to migrate away from LayerZero.
Why are Kelp DAO and Solv Protocol migrating to Chainlink CCIP?
Both protocols cited the April 2026 hack environment and an internal security review as drivers of the decision. Kelp DAO began moving rsETH to Chainlink’s Cross-Chain Token standard after the $292 million April 18 exploit, which was attributed to a compromised LayerZero DVN. Solv Protocol announced a migration of $700 million in SolvBTC and xSolvBTC tokenized bitcoin infrastructure on May 7, deprecating LayerZero bridge support on four networks. Chainlink CCIP uses multiple independent verification layers and a Risk Management Network that monitors cross-chain activity in real time. Neither protocol has claimed that Chainlink CCIP is unhackable — but both have concluded that its architecture provides structurally better fault tolerance than a single-verifier model. Together, the two migrations represent more than $1.4 billion in assets shifting to a competing bridge infrastructure in the weeks immediately following the KelpDAO hack.
How does a DVN configuration attack work — and why can’t a smart contract audit catch it?
A Decentralized Verifier Network is the off-chain layer responsible for confirming that a cross-chain message is legitimate before a bridge releases assets. In a 1-of-1 configuration, a single DVN node makes that determination. The KelpDAO attackers — linked by TRM Labs to North Korea’s Lazarus Group — obtained the list of RPC endpoints the node used to read source-chain state, compromised two of LayerZero’s internal RPC nodes, and DDoS-attacked the external fallbacks to force the DVN onto the poisoned infrastructure. The compromised nodes then signed off on fabricated messages. No code was buggy. The attack succeeded entirely through manipulation of the off-chain verification infrastructure. Smart contract audits review on-chain logic. They do not assess the security of the node operators, RPC providers, or organizational controls that surround a bridge’s verification layer. That is why the current reform conversation about multi-DVN configurations addresses part of the problem but does not solve the social engineering and infrastructure-compromise vectors that drove both the Kelp and Drift exploits.
What changes is Aave making to collateral listing standards after the KelpDAO crisis?
Aave’s May 7 governance proposal requires that all future collateral assets be assessed across three new dimensions beyond traditional price volatility: cybersecurity architecture, interoperability dependencies, and underlying technical structure. That means liquid restaking tokens, bridged assets, and other instruments with cross-chain dependencies now face an explicit evaluation of whether the bridge infrastructure securing them meets Aave’s standards. Aave will also publish a minimum-standards playbook for issuers seeking collateral listing. The governance response followed a period in which Aave came within reach of absorbing hundreds of millions in bad debt after the KelpDAO attacker used fraudulently minted rsETH as collateral to borrow real assets. The “DeFi United” initiative, backed by Lido, EtherFi, Ethena, and others, raised over $300 million to prevent systemic contagion. Aave co-founder Stani Kulechov confirmed on May 9 that ETH LTV ratios are returning to normal following the court-approved $71 million ETH transfer from Arbitrum.
Is the DeFi bridge security problem being solved, or just patched?
The honest answer is that the reforms underway address the configuration failure that enabled the KelpDAO hack without fully resolving the attack vectors behind both major April exploits. Multi-DVN verification requirements and stronger collateral listing standards are real improvements — if enforced, they raise the cost and complexity of the specific 1-of-1 DVN attack used against Kelp. But the Drift Protocol hack, which cost $285 million on April 1, was not a DVN configuration failure. It was a months-long social engineering campaign that pre-planted fake governance assets and tricked protocol signers into approving dormant transactions. That vector requires organizational security reforms — background verification, key management practices, insider threat detection — that are substantially harder to standardize than a protocol-level configuration requirement. TRM Labs’ finding that 76% of all 2026 crypto hack value is attributable to North Korean state-sponsored groups suggests that the adversary is sophisticated, patient, and specifically targeting the human infrastructure around DeFi protocols. Technical configuration fixes are necessary. They are not sufficient.
Sources:
- CoinDesk — LayerZero says it “made a mistake” in $292 million Kelp exploit (May 9, 2026)
- The Block — LayerZero issues public apology, admits fault in single-verifier setup (May 9, 2026)
- CoinDesk — Solv drops LayerZero for Chainlink CCIP in $700 million tokenized bitcoin migration (May 7, 2026)
- Chainalysis — Inside the KelpDAO Bridge Exploit (April 2026)
- TRM Labs — North Korea stole 76% of all crypto hack value in 2026 (May 2026)
- CryptoTimes — 40+ DeFi Protocols Shut Down in 2026: Inside the $770M Hack Crisis (May 9, 2026)
- CoinDesk — Aave to Overhaul Collateral and Listing Standards After KelpDAO Exploit (May 7, 2026)
- CryptoTimes — KelpDAO Blames LayerZero, Shifts to Chainlink CCIP After $292M Hack (May 6, 2026)
- TRM Labs — North Korean Hackers Attack Drift Protocol in $285 Million Heist (April 2026)
