Cross-chain interoperability protocols have rapidly emerged in recent years as critical infrastructure connecting multi-chain ecosystems. However, the Kelp DAO cross-chain bridge incident on April 18, 2026—resulting in estimated losses of approximately 2.93 billion USD—once again brought cross-chain security into the center of industry discussion.
Importantly, this incident was not caused by a traditional smart contract vulnerability, but rather a configuration-level issue in deployment parameters—a "1/1 single-signature verification" setup that enabled the execution of a forged cross-chain message without sufficient validation.
Following the event, differences in cross-chain security architecture quickly became a key focus for developers and institutional investors. Axelar, a validator-consensus-based General Message Passing (GMP) protocol, employs a multi-signature security model that differs fundamentally from LayerZero’s Decentralized Verification Network (DVN) modular design. Understanding this distinction is important for evaluating cross-chain infrastructure security and making informed protocol design decisions.
Reconstruction of the Kelp DAO Attack
On April 18, 2026 at 17:35 UTC, an address previously associated with Tornado Cash submitted a cross-chain message to the LayerZero EndpointV2 contract. The message claimed that rsETH assets had been locked on the source chain and requested the release of an equivalent amount on the Ethereum mainnet.
The Kelp DAO bridge contract executed the release logic as designed, transferring approximately 116,500 rsETH—valued at around 2.93 billion USD at the time—to an attacker-controlled address.
The critical issue is that no corresponding rsETH had ever been deposited or locked on the source chain. The attacker effectively constructed a fabricated cross-chain message that bypassed insufficient validation safeguards.
Approximately 46 minutes later, Kelp DAO’s emergency multisig system froze the affected contracts. By that time, the attacker had already deposited the stolen rsETH into lending protocols such as Aave V3 and borrowed approximately 2.36 billion USD in WETH and ETH.
Key facts:
- Attack time: April 18, 2026, 17:35 UTC
- Assets involved: ~116,500 rsETH (approx. 2.93 billion USD at the time)
- Root cause: 1/1 DVN configuration requiring only a single validator confirmation
- Attack vector: Exploitation of LayerZero EndpointV2
lzReceive
function using forged cross-chain payload - Outcome: Assets released without corresponding source-chain lock
- Post-attack activity: rsETH used as collateral in Aave V3 to borrow ~2.36 billion USD in WETH/ETH
- Response: Contracts frozen after ~46 minutes; additional withdrawal attempts (~40,000 rsETH total) were blocked
Historical Context of Cross-Chain Security Risks
Cross-chain bridge security incidents are not isolated events. Industry estimates suggest that cross-chain bridges have collectively suffered approximately 2.8 billion USD in losses, accounting for a significant share of total Web3 exploits.
Notable historical incidents include Ronin Bridge, Wormhole, and Nomad, each of which exposed systemic weaknesses in cross-chain verification assumptions.
Timeline of the Kelp DAO incident:
| Time (UTC) | Event | Type |
|---|---|---|
| 18:21 | Emergency multisig freezes rsETH-related contracts across chains | Response |
| 18:26–18:28 | Additional withdrawal attempts (~40,000 rsETH total) blocked | Attempted follow-up attacks |
| 20:10 | Initial public disclosure by Kelp DAO | Communication |
| April 19 | Several DeFi protocols temporarily pause LayerZero-related bridges | Contagion response |
| April 20 | LayerZero releases attribution analysis, suggesting possible involvement of Lazarus-linked actors | Attribution statement |
Following the incident, multiple DeFi protocols paused or reduced exposure to LayerZero-based infrastructure. Aave’s total value locked decreased from approximately 26.4 billion USD to 20.7 billion USD, while AAVE experienced a double-digit percentage decline. These reactions illustrate how a single cross-chain security failure can propagate systemic risk across interconnected DeFi protocols.
Data and Structural Analysis: Two Security Models
Root cause: single-point failure in 1/1 DVN configuration
The core issue was not a smart contract vulnerability, but a misconfiguration in deployment parameters. Kelp DAO used a 1/1 DVN configuration, meaning only one validator confirmation was required to validate cross-chain messages.
According to industry researchers, LayerZero documentation recommends multi-node configurations such as 2/2 DVN setups to reduce single-point-of-failure risk.
LayerZero V2 introduced the Decentralized Verification Network (DVN), a modular security system that allows each application to define its own verification requirements. This design shifts security responsibility toward the application layer, offering flexibility but increasing configuration risk exposure.
In this case, Kelp DAO set the verification threshold to the most permissive configuration—"1 of 1"—creating a single point of failure that could be exploited through forged validation inputs.
Post-incident analysis indicated that attackers may have exploited weaknesses in underlying RPC infrastructure dependencies and attempted to manipulate validator inputs through network-level interference. Due to the absence of redundancy in the 1/1 setup, the forged message was accepted.
Axelar GMP Multi-Signature Verification Mechanism
Unlike LayerZero’s modular validation approach, Axelar is built on a validator-consensus-based architecture using Delegated Proof-of-Stake (DPoS). Token holders delegate staking power to validators responsible for securing the network and processing cross-chain messages.
In Axelar’s GMP framework, each cross-chain message must be validated through a threshold signature scheme. Validators independently generate partial signatures, which are aggregated into a final signature only when a sufficient threshold is reached. No single validator has the ability to independently approve or manipulate cross-chain messages.
When a message is transmitted between chains, Axelar’s gateway contract executes a validation function that verifies source chain identifiers, sender addresses, and message integrity hashes. Only messages confirmed by the validator set are accepted by the target chain.
Architecture Comparison
| Dimension | Axelar GMP | LayerZero DVN |
|---|---|---|
| Validator set | DPoS-selected dynamic validator set | Configurable per application |
| Signature mechanism | Aggregated threshold signatures | Depends on DVN configuration (1/1 to n/m) |
| Security threshold | High validator quorum required (majority consensus) | Determined by application configuration |
| Trust assumption | Honest majority of validators | Application-selected validation nodes |
| Responsibility | Shared between protocol and validators | Primarily application-level responsibility |
Axelar’s security model relies on a validator quorum, requiring a high threshold of honest participation to compromise the network. In contrast, LayerZero’s security depends heavily on application-level configuration decisions. While flexible, this introduces variability in security standards across different deployments.
Industry Debate: Responsibility and Design Trade-offs
Mainstream interpretation: configuration error as primary cause
Most industry analyses attribute the incident primarily to configuration choices made by Kelp DAO. LayerZero stated that the protocol provides documentation recommending multi-node DVN configurations, which were not followed in this case.
However, some analysts argue that protocol designers also bear partial responsibility for allowing highly permissive configurations such as 1/1 to be deployed in production environments.
Additional on-chain analyses suggest that multiple contributing factors, including potential key management or infrastructure weaknesses, may have influenced the exploit path.
Core debate: flexibility vs security guarantees
The broader debate surrounding LayerZero’s architecture predates this incident. Its earlier V1 model relied on an oracle–relayer system, which was sometimes described as heavily dependent on off-chain assumptions.
With the introduction of DVN in V2, validation responsibilities were further delegated to applications. Critics argue this improves flexibility but reduces uniform security guarantees across the ecosystem.
In contrast, Axelar emphasizes protocol-level validation consistency through a unified validator set and threshold signature system, aiming to reduce variability in security assumptions across applications.
Market Impact and Sentiment Response
According to Gate market data, Axelar (WAXL) was priced at approximately 0.05456 USD as of April 20, 2026, with a 24-hour trading volume of roughly 227,000 USD and a market capitalization of about 63.35 million USD.
WAXL increased approximately 22.28% over the past 7 days, coinciding with heightened market attention on cross-chain security narratives following the Kelp DAO incident. Over the past 30 days, WAXL rose around 4.34%, while declining approximately 81.67% year-over-year, reflecting broader token market volatility.
Industry Impact: Repricing Cross-Chain Security Risk
Impact on protocol competition
LayerZero remains a leading cross-chain infrastructure provider, with daily transfer volumes estimated at approximately 293 million USD and cumulative bridged assets exceeding 44 billion USD. However, the incident exposed the potential risks of application-level misconfiguration in modular security systems.
Axelar has gained increased attention due to its protocol-level security design. The network currently connects over 60 blockchains using a hub-and-spoke interoperability model, allowing cross-chain communication without requiring repeated infrastructure deployment.
Its 2026 roadmap focuses on institutional adoption, improved economic security mechanisms, and compliance-oriented infrastructure development.
Impact on RWA and institutional adoption
Axelar’s integration with Hedera in early 2026 highlights its positioning toward institutional use cases. Hedera’s governance model and enterprise-oriented design make it suitable for tokenization and regulated financial applications.
With the real-world asset (RWA) market estimated at approximately 18.6 billion USD in 2026, institutional demand for secure cross-chain infrastructure continues to grow.
Axelar’s approach positions it as a potential interoperability layer for compliance-sensitive financial applications.
Systemic implications for DeFi
The incident highlights a structural risk pattern in DeFi composability:
- Cross-chain bridges secure asset integrity
- Lending protocols accept bridged assets as collateral
- Liquid staking tokens amplify systemic exposure
This creates a multi-layer dependency structure where risk can propagate across protocols.
As a result, cross-chain security is increasingly viewed not as an isolated technical issue, but as a systemic risk factor in DeFi infrastructure design.
Conclusion
The Kelp DAO incident, resulting in approximately 2.93 billion USD in losses, serves as a significant stress test for cross-chain interoperability architectures.
The key takeaway is not a single technical flaw, but a broader design trade-off: whether security should be delegated to application-level configuration flexibility, or enforced through protocol-level consensus mechanisms.
Axelar’s GMP model represents a protocol-level approach, relying on validator-based threshold signatures to ensure collective verification of cross-chain messages. While this may involve trade-offs in flexibility, it provides more consistent security guarantees across applications.
For developers and institutional participants, cross-chain infrastructure selection is increasingly less about performance optimization and more about trust architecture design. In a landscape where cross-chain bridge losses have already reached multi-billion-dollar levels, this decision is becoming increasingly consequential.
