TL;DR
- Kelp DAO suffered a $293 million exploit on April 18, 2026, the largest DeFi hack of the year
- The attack targeted LayerZero’s Decentralized Verifier Network (DVN) through downstream RPC infrastructure
- North Korea’s Lazarus Group (TraderTraitor subgroup) is the suspected attacker
- The vulnerability stemmed from Kelp DAO’s single-DVN configuration for rsETH
- LayerZero’s core protocol remained uncompromised throughout the incident
The decentralized finance ecosystem suffered its most devastating blow of 2026 on April 18, when Kelp DAO, one of Ethereum’s leading liquid restaking protocols, lost approximately $293 million in a sophisticated infrastructure-level attack. The incident did not exploit a smart contract vulnerability or a flash loan flaw. Instead, it weaponized the very infrastructure that was supposed to guarantee cross-chain security: LayerZero’s Decentralized Verifier Network (DVN) and the RPC nodes powering it.
The attack sent shockwaves through the market, with Bitcoin trading near $77,100 and Ethereum at $2,421 at the time, as the community grappled with the realization that infrastructure-level compromises could bypass even the most audited on-chain code.
The Attack Vector: Poisoning the Oracle’s Eyes
LayerZero issued a detailed post-mortem revealing that the attack was carried out by a highly sophisticated nation-state actor, suspected to be the TraderTraitor subgroup of North Korea’s Lazarus Group. The operation was surgical in its precision.
The attacker first obtained the RPC node list used by the DVN responsible for verifying Kelp DAO’s rsETH cross-chain messages. They then infiltrated two independent RPC nodes and replaced the op-geth binary with a custom payload designed to forge messages. This modified binary would display falsified data only to the DVN, while presenting correct data to all other observers, including LayerZero Scan itself.
To ensure the DVN would route through the compromised nodes, the attacker launched a distributed denial-of-service (DDoS) attack against the remaining uncompromised RPC nodes, forcing a failover to the poisoned infrastructure. The DVN, now reading fabricated data, accepted the falsified messages and approved the malicious cross-chain transactions.
Why Single-DVN Configurations Are a Systemic Risk
The core vulnerability was not in LayerZero’s protocol design but in Kelp DAO’s operational configuration. The protocol had set up only a single DVN for its rsETH token, meaning that compromising one verification pathway was sufficient to bypass the entire security model.
LayerZero’s architecture allows protocols to configure multiple DVNs for redundancy, requiring consensus across several independent verifiers before approving cross-chain messages. Kelp DAO’s single-DVN setup meant that once the attacker controlled the RPC infrastructure feeding that one DVN, there was no secondary verification layer to catch the fraud.
This is the equivalent of a bank vault protected by a single security camera. Disable the camera, and the entire surveillance system collapses. The attack demonstrated that in cross-chain bridging, the number of verification layers matters as much as the quality of each individual layer.
The Cleanup: A Professional Operation
One of the most alarming aspects of the attack was the attacker’s operational security. After completing the exploit, the attacker systematically removed all malicious binaries, logs, and configuration files from the compromised RPC nodes, leaving minimal forensic traces. This level of cleanup is consistent with state-sponsored operations and is rarely seen in typical DeFi exploits driven by profit-motivated hackers.
LayerZero responded by decommissioning all affected RPC nodes and replacing them with new infrastructure. The company confirmed that the DVN has returned to normal operation and that no other cross-chain assets or applications were affected by the incident.
Broader Implications for Cross-Chain Security
The Kelp DAO exploit exposes a fundamental tension in cross-chain architecture: the security of on-chain protocols is only as strong as the off-chain infrastructure supporting them. Smart contract audits, formal verification, and bug bounties all become irrelevant if the RPC nodes feeding data to verification networks can be compromised at the infrastructure level.
For protocols building on LayerZero and similar cross-chain frameworks, the lesson is clear. Multi-DVN configurations are not optional. They are a minimum security requirement. The cost of running multiple verification pathways is negligible compared to the potential losses from a single point of failure.
The incident also raises questions about the security of shared RPC infrastructure. If multiple protocols rely on the same RPC providers, a single compromise could cascade across dozens of applications. Decentralized RPC networks may see increased demand as protocols seek to reduce their reliance on centralized infrastructure providers.
Key Takeaways
- Infrastructure-level attacks represent the next frontier in DeFi security threats
- Single-DVN configurations create unacceptable single points of failure for cross-chain protocols
- State-sponsored actors are actively targeting DeFi infrastructure with sophisticated operational security
- On-chain audits alone cannot protect against off-chain infrastructure compromises
- Protocols must implement multi-layer verification with independent RPC providers
Why This Matters
The $293 million Kelp DAO hack is a watershed moment for DeFi security. It proves that the next generation of attacks will not target smart contract code but the infrastructure layers beneath it. As cross-chain protocols become the backbone of DeFi composability, securing the verification pipeline from end to end becomes as critical as the code itself.
For users, this means that protocol audits alone are insufficient. Understanding a protocol’s infrastructure configuration, including DVN setup, RPC providers, and fallback mechanisms, is essential for evaluating risk. The era of infrastructure-level attacks has arrived, and the protocols that survive will be those that build redundancy into every layer of their security stack.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Always conduct your own research before interacting with any DeFi protocol.
lazarus group using a modified geth binary to feed false data to the DVN. this is nation-state level infrastructure warfare, not a simple smart contract exploit
RPC poisoning is a nightmare scenario because it bypasses the security of the protocol itself. If the data feeding the contract is fake, the contract will execute perfectly on a lie. Every DAO needs to be running redundant, private RPC nodes after this.
the op-geth binary replacement is terrifying. the DVN saw fake data while everything else looked normal. how do you even detect that without redundant independent nodes?
The Kelp DAO attack is a massive wake-up call for the infrastructure layer. We spend so much time auditing smart contracts but almost no time auditing the node providers they rely on. \$293M is a staggering loss for a ‘technical’ bypass.
spending months auditing smart contracts while ignoring the rpc layer is like fortifying your front door and leaving the window open. infrastructure security is the next frontier
Is any protocol actually safe from this? If LayerZero can be bypassed via RPC nodes, the whole stack feels vulnerable right now.
Bug bounties are the most cost-effective security investment