LayerZero has admitted to a critical oversight in its validation infrastructure that led to the $292 million hack of Kelp DAO, marking a notable shift from its previous stance of blaming developers. The company acknowledged allowing its decentralized verification network (DVN) to operate in a risky "1-to-1" configuration, which created a single point of failure exploited by North Korean attackers. LayerZero has committed to discontinuing this configuration and migrating to more secure setups.
In a blog post, LayerZero expressed regret for the oversight and detailed steps to enhance security, including migrating default configurations to a "5/5" setup where possible. Despite the breach, LayerZero maintains that its core protocol remains uncompromised, attributing the attack to vulnerabilities in its internal RPC infrastructure. The incident has prompted competitors like Chainlink to attract business from protocols reconsidering their security arrangements, with Kelp DAO and Solv Protocol among those moving away from LayerZero.
LayerZero Takes Responsibility for $292M Kelp DAO Hack
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.