Loading prices…
Zipp Advertise
Sign up Sign in
🩸BEARISH CoinDesk

LayerZero admits 'we made a mistake' in $292M Kelp hack — and clients are already leaving!

LayerZero has reversed course on the $292 million Kelp DAO exploit, publicly acknowledging Friday that it 'made a…

LayerZero admits 'we made a mistake' in $292M Kelp hack — and clients are already leaving!
LayerZero admits 'we made a mistake' in $292M Kelp hack — and clients are already leaving!
LayerZero admits 'we made a mistake' in $292M Kelp hack — and clients are already leaving!
LayerZero admits 'we made a mistake' in $292M Kelp hack — and clients are already leaving!

LayerZero has reversed course on the $292 million Kelp DAO exploit, publicly acknowledging Friday that it 'made a mistake' by allowing its own decentralized verifier network to act as a sole approver for high-value cross-chain transfers. The admission ends weeks of public finger-pointing in which LayerZero had framed the April hack — attributed to North Korean attackers — as an application-level configuration error by Kelp.

'We didn't police what our DVN was securing, which created a risk we simply didn't see. We own that,' the company wrote in a blog post. LayerZero said its DVN will no longer service 1-of-1 configurations, and all pathway defaults are being migrated to 5-of-5 verification, or a minimum of 3-of-3 on chains where fewer DVNs are available. The company also disclosed that a multisig signer had used a shared hardware wallet for a personal trade, a breach of security…

#LayerZero#CrossChain#SecurityBreach$ETH
Source attribution
Aggregated from CoinDesk · Verified · Last refreshed 2d ago
Open original →

More from Security

Stories our editors think pair well with this one.