The KelpDAO bridge hack, linked to North Korea's Lazarus Group, exploited a vulnerability in the Omnichain Fungible Token bridge, resulting in the theft of approximately 116,500 rsETH, valued at nearly $292 million. The attack highlighted a critical flaw in LayerZero's single-validator architecture, which critics argue poses a significant risk as a single point of failure. LayerZero has since acknowledged communication lapses and confirmed it will no longer offer 1-to-1 Data Verification Network (DVN) configurations, transitioning to more robust settings.
Following the breach, KelpDAO migrated to Chainlink's Cross-Chain Interoperability Protocol (CCIP), addressing the architectural vulnerability. This move has prompted other protocols, with a total locked value of around $2 billion, to follow suit. Meanwhile, DeFi United, formed by Aave, KelpDAO, and LayerZero, is working to restore collateral backing for rsETH, raising over $300 million in cryptocurrency. LayerZero has also enhanced its security measures, including a custom multi-signature system and increased signature thresholds.
KelpDAO Bridge Hack Exposes LayerZero's Single Validator Flaw
Aviso Legal: O conteúdo disponibilizado no Phemex News é apenas para fins informativos. Não garantimos a qualidade, precisão ou integridade das informações provenientes de artigos de terceiros. Este conteúdo não constitui aconselhamento financeiro ou de investimento. Recomendamos fortemente que você realize suas próprias pesquisas e consulte um consultor financeiro qualificado antes de tomar decisões de investimento.