Back

KelpDAO and LayerZero Dispute Responsibility Over Bridge Exploit

According to the source, KelpDAO’s April 18 bridge exploit was later tied by LayerZero to Lazarus Group, while Arbitrum froze about 30,766 ETH linked to the attack pending governance approval.

BTC
ETH
ARB

Fact Check
The dispute portion of the claim is well supported by CoinPost 703531, which explicitly says KelpDAO and LayerZero publicly disagreed over who was responsible for the bridge exploit. Crypto.news also confirms that disputes continued over LayerZero's security setup. However, the quantitative part of the claim is not well supported as stated. CoinPost 703531 puts the direct exploit around 466億円, not more than ¥96 billion. CoinPost 703956 discusses much larger sector-wide TVL contraction of about $13.2B (roughly ¥2.1 trillion), but that is a market-wide TVL decline, not clearly 'losses' from exploits. None of the validated fetched sources directly supports the exact statement that DeFi losses expanded to more than ¥96 billion in the weeks after the April 18 hack. So the claim appears to combine a supported responsibility dispute with an insufficiently sourced loss figure.
    Reference12
Summary

KelpDAO’s April 18 cross-chain bridge exploit triggered a dispute with LayerZero over responsibility, with KelpDAO blaming a compromised LayerZero remote procedure call node and LayerZero later attributing the attack to North Korea’s Lazarus Group, according to the source. The incident was described as a roughly $290 million attack and was followed by more than $13 billion in DeFi total value locked falling within 48 hours, underscoring broader confidence risks around bridge infrastructure. Arbitrum’s Security Council later froze about 30,766 ETH tied to the exploit after receiving attacker identity information from law enforcement, moving the funds to an intermediate freezing wallet on April 20. Any future use of the frozen assets requires Arbitrum governance approval and coordination with relevant parties. David Schwartz defended the freeze by comparing it to Bitcoin’s 2010 overflow rollback.

Terms & Concepts
  • cross-chain bridge: Infrastructure that enables assets or messages to move between different blockchains, but can create additional security risks if compromised.
  • TVL: Total value locked, a common DeFi metric that measures the value of crypto assets deposited in protocols.
  • Bitcoin 2010 overflow rollback: A historical Bitcoin emergency response that reversed an overflow bug which had created invalid extra coins.