LayerZero has positioned duty for the $290 million Kelp DAO exploit on Kelp’s personal safety configuration, saying the liquid restaking protocol ran a single-verifier setup that LayerZero had beforehand warned in opposition to.
The assault used a novel vector concentrating on the infrastructure layer slightly than any protocol code.
Attackers, whom LayerZero attributed with preliminary confidence to North Korea’s Lazarus Group and its TraderTraitor subunit, compromised two of the distant process name (RPC) nodes that LayerZero’s verifier relied on to verify cross-chain transactions.
RPC nodes are the servers that permit software program learn and write knowledge on a blockchain, and LayerZero’s verifier used a mixture of inside and exterior ones for redundancy.
The attackers swapped the binary software program working on two of these nodes with malicious variations designed to inform LayerZero’s verifier {that a} fraudulent transaction had occurred, whereas persevering with to report correct knowledge to each different system querying those self same nodes.
That selective mendacity was engineered to maintain the assault invisible to LayerZero’s personal monitoring infrastructure, which queries the identical RPCs from totally different IP addresses.
Compromising two nodes was not sufficient. LayerZero’s verifier additionally queried uncompromised exterior RPC nodes, so the attackers ran a distributed denial-of-service assault on these to drive failover to the poisoned ones.
Visitors logs LayerZero shared present the DDoS working between 10:20 a.m. and 11:40 a.m. Pacific Time on Saturday. As soon as the failover triggered, the compromised nodes advised the verifier a sound cross-chain message had arrived, and Kelp’s bridge launched 116,500 rsETH to the attackers. The malicious node software program then self-destructed, wiping binaries and native logs.
The assault solely labored as a result of Kelp ran a 1-of-1 verifier configuration, that means LayerZero Labs was the only real entity verifying messages to and from the rsETH bridge.
LayerZero’s public integration guidelines and direct communications to Kelp had really useful a multi-verifier setup with redundancy, the place consensus throughout a number of impartial verifiers could be required to verify a message. Underneath that configuration, poisoning one verifier’s knowledge feed wouldn’t have been sufficient to forge a sound message.
“KelpDAO selected to make the most of a 1/1 DVN configuration,” LayerZero wrote, utilizing the protocol’s time period for decentralized verifier networks. “A correctly hardened configuration would have required consensus throughout a number of impartial DVNs, rendering this assault ineffective even within the occasion of any single DVN being compromised.”
LayerZero stated it has confirmed zero contagion to another utility on the protocol. Each OFT-standard token and utility working multi-verifier setups was unaffected.
The LayerZero Labs verifier is again on-line, and the corporate stated it can now not signal messages for any utility working a 1-of-1 configuration, forcing a protocol-wide migration off single-verifier setups.
The architectural distinction issues for the way DeFi costs LayerZero danger going ahead.
A protocol-level bug would have implied each OFT token on each chain was probably in danger. Nonetheless, a configuration failure by a single integrator, mixed with a focused infrastructure assault, implies the protocol labored as designed and that Kelp’s safety decisions, not LayerZero’s code, created the opening.
Kelp has not but publicly responded to LayerZero’s framing or addressed why it operated a 1-of-1 verifier setup regardless of the express suggestions in opposition to it.
Lazarus Group has been linked to the Drift Protocol exploit on April 1 and now Kelp on April 18, that means the identical North Korean unit has drained greater than $575 million from DeFi in 18 days via two structurally totally different assault vectors: social engineering governance signers at Drift and poisoning infrastructure RPCs at Kelp.
The group is adapting its playbook sooner than DeFi protocols are hardening their defenses.