LayerZero blames Kelp verifier setup for $290 million exploit as Aave faces bad debt shock
Major cross-chain exploit drains rsETH and hits lending markets
LayerZero has attributed a roughly $290 million exploit of Kelp DAO’s rsETH bridge to a configuration error in Kelp’s decentralized verifier network, while knock-on losses surfaced on the Aave lending platform.
Attackers were able to mint about 116,500 Restaked ETH (rsETH) with no backing, worth around $292–$293 million at the time and representing roughly 18% of rsETH’s circulating supply. The fake rsETH was then routed into Aave as collateral, helping to generate an estimated $195 million in bad debt and triggering sharp outflows from the lending protocol.
Aave’s total value locked (TVL) dropped from about $26.4 billion to around $17.5 billion as users pulled funds, straining liquidity in several pools and raising concerns over potential liquidation risks if crypto prices fall further.
Single verifier design cited as core weakness
LayerZero said the exploit did not stem from a flaw in its own cross-chain messaging protocol, but from Kelp’s operational choice to rely on a single decentralized verifier network (DVN) for its rsETH bridge.
Kelp’s “1-of-1” verifier configuration meant all bridge messages depended on a single verification path. According to LayerZero, attackers focused on that single point of failure by compromising remote procedure call (RPC) nodes and using a distributed denial-of-service (DDoS) attack to force the system to fall back to compromised infrastructure. That allowed them to authorize rsETH mints without underlying assets.
LayerZero said it had previously recommended that Kelp adopt a multi-verifier setup to reduce this concentration risk, but that guidance was not implemented.
The firm has now announced that all connected applications using one-to-one verifier structures will be required to migrate to multi-verifier configurations. LayerZero warned it will stop verifying messages for applications that continue to use single-verifier designs.
Aave absorbs bad debt as liquidity tightens
The fraudulent rsETH was rapidly deployed on Aave, where the attacker used it as collateral to borrow other assets, including around 83,427 wrapped ether (wETH) and wstETH and various stablecoins.
Because the rsETH collateral is effectively worthless, the protocol is facing roughly $195 million in bad debt, according to early estimates. The incident pushed Aave’s TVL sharply lower, from about $26.4 billion before the exploit to lows near $17.5 billion as users rushed to remove funds.
The rapid withdrawals produced a liquidity crunch, with utilization in some ETH and stablecoin lending pools hitting 100%, temporarily blocking some lenders from withdrawing their assets.
Aave’s team froze all rsETH-related markets on its v3 and v4 deployments to halt further borrowing against the compromised asset and stressed that its core smart contracts were not breached.
Ether liquidity on the platform has since thinned, raising questions over how the protocol will handle potential liquidations and market volatility while carrying a large pool of bad debt.
Responsibility, risk and unanswered questions
LayerZero has framed the incident as a failure of Kelp’s risk management and architecture, rather than a vulnerability in LayerZero’s own protocol stack. Kelp’s reliance on a single verifier path, despite previous warnings, is being highlighted across the sector as an example of operational choices magnifying smart contract and infrastructure risk.
As of publication, there is no clear plan for how the shortfall will be distributed or absorbed across affected platforms and their users. Community discussions and off-chain negotiations are exploring several options, including:
- attempting to negotiate with the attacker, possibly via a bounty for partial or full return of funds
- spreading losses through protocol-specific safety modules or insurance funds
- restoring balances based on a pre-hack snapshot, which would shift losses to protocol treasuries or tokenholders
No binding proposal or formal restitution framework has yet been adopted.
Possible state-backed link under investigation
Preliminary assessments by LayerZero and other analysts suggest the exploit may have been carried out by a sophisticated, state-backed group. Early signals have pointed toward North Korean-linked operators, including the Lazarus Group’s so-called TraderTraitor subgroup, though these indications remain unconfirmed.
The stolen funds have reportedly been routed through transaction mixers and other obfuscation tools to complicate tracing. LayerZero says it is working with global law enforcement agencies and on-chain analytics firms to follow the money trail and identify any off-ramps into fiat or centralized platforms.
New security standards for cross-chain designs
In response to the breach, LayerZero is moving to tighten security requirements across applications using its infrastructure. Key measures include:
- ending support for single-verifier configurations
- enforcing multi-verifier, multi-path message validation as a baseline
- encouraging applications to diversify infrastructure and reduce reliance on individual RPC or oracle providers
For cross-chain projects and defi protocols, the incident is reinforcing several themes: the systemic risk of bridge failures, the dangers of single points of failure in validator or verifier sets, and the need for robust circuit breakers and collateral controls when accepting newer or lightly traded assets.
Market participants are now watching how Kelp, Aave and LayerZero ultimately resolve the financial damage, and whether the sector moves more decisively away from minimal-verifier setups that prioritize speed and cost over redundancy and resilience.
Worried about protocol risk after this exploit? Learn how to safeguard your assets with Toobit’s crypto safety standards guide today.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
