Several developers pushed back on early assumptions that the issue stemmed from core infrastructure. “The KelpDAO exploit (~$290M, is NOT a LayerZero protocol bug. It’s a configuration issue and a case study every project with a cross-chain token needs to look at today,” one technical breakdown by cryptogoblin read.

The thread detailed how a single verification point enabled the attack. “One signature and 116,500 rsETH materialized out of thin air on Ethereum,” the post said, describing a system where “the [smart] contracts weren’t broken. The verification layer was,” the post claimed.

Others argued the problem runs deeper than a single setup choice.

One critique, who goes by Fishy Catfish on X, framed it as a design flaw, alleging that: “there is no security floor… A configuration can be a 1/1 DVN and the DVN you chose can be a single node ran by a single entity.” A DVN (Decentralized Verifier Network) in DeFi, specifically within LayerZero V2, is an independent entity responsible for validating and attesting to the authenticity of messages sent across different blockchain networks. Essentially, DVNs verify message hashes between a source chain and a destination chain.

To make the point clearer, the author drew a real-world comparison: “imagine if a roller coaster manufacturer allowed amusement parks to individually decide what the minimum safety specs were.” Essentially, the author is simply saying that flexibility without guardrails can create hidden risks.

The post went so far as to claim that the setup was the problem within the design. “I personally think this is a flawed design. Modular security is a worthwhile design space, however, the range of security should have a native security floor that is quite strong, and then allow *additional* layering of security on top of that for more high-value use-cases.”

‘DeFi is dead’

It’s not just the amount and complexity of the exploit that drew the harsh, panicked criticism. The scale of the exploit has heightened concerns.

Roughly 116,500 rsETH, about 18% of supply, was affected. The attacker tricked LayerZero’s cross-chain messaging layer into believing a valid instruction had arrived from another network, which triggered Kelp’s bridge to release 116,500 rsETH to an attacker-controlled address.

Protocols responded by freezing markets and pausing features. Aave halted rsETH activity. Lido paused deposits tied to the asset. Other projects took similar steps to limit exposure as the situation unfolded.

Beyond the technical debate, sentiment across crypto turned sharply negative. One post perhaps captured the mood shift in blunt terms: “DeFi is dead… ‘just use aave’ is dead,” while adding that “The age of crypto is over” and asking, “If you’re reading this – why are you still in crypto?”

While the response may sound like an overreaction, that kind of ‘knee-jerk’ reaction is not unusual after large exploits, but the breadth of this event stands out.

The attack affected cross-chain infrastructure, restaking models and lending markets simultaneously. It also follows a string of recent incidents. The hack lands in an unusually hostile stretch for DeFi, particularly this month. Solana-based perpetuals protocol Drift was drained of about $285 million on April 1 in an attack later linked to North Korea-affiliated actors, and at least a dozen smaller protocols have been exploited in the weeks since, including CoW Swap, Zerion, Rhea Finance and Silo Finance.

‘Check your configs’

Despite all the explanations, there are still more questions than answers.

Even LayerZero is still trying to figure out the full details of the exploit. “We’re fully aware of the rsETH exploit and have been in active remediation with the @KelpDAO team since the incident and continue to monitor. All other applications remain safe,” it said in a post on X. “We are still identifying the root cause alongside @_SEAL_Org and others. We will publish a complete post-mortem with @KelpDAO as soon as we have all information.”

KelpDAO echoed this sentiment. “Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate. We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA. We will keep you posted as we learn more about this situation.”

Still, some developers see a clearer lesson in the chaos.

The exploit did not rely on breaking encryption or bypassing smart contracts. Instead, it exposed how fragile systems can become when they depend on layered assumptions.

In simple terms, the tools worked as designed. The way they were configured did not.

That distinction may shape what comes next. Builders are now urging projects to review their setups, especially those relying on cross-chain messaging.

As cryptogoblin put it bluntly: “Check your configs. Stay safe out there.”

Read more: DeFi yields are crashing so hard that they can’t compete with a traditional savings account

DeFi

More For You

Prediction markets backlash builds possible stormcloud for 2027

By Jesse Hamilton|Edited by Nikhilesh De
Mar 31, 2026

Polymarket founder and CEO Shayne Coplan (Jesse Hamilton/CoinDesk)

Odds favor a Democratic rise in Congress next year, when lawmakers who’ve begun going after firms such as Kalshi and Polymarket may have greater sway.

What to know:

  • Prediction markets are having a moment in the U.S., though unfortunately for Polymarket and Kalshi, the moment has drawn more than half a dozen pieces of critical congressional legislation.
  • The industry is getting getting tied to accusations of insider trading and sports-betting violations from various critics even as its close…
Read full story
Latest Crypto News
Digitally altered photo of a dollar bill (Ryan Quintal/Unsplash, Modified by CoinDesk)

Stablecoins can help businesses turn costs into revenue, Paxos Labs cofounder says

1 hour ago

Aave Labs founder Stani Kulechov and Ethena founder + CEO Guy Young (Margaux Nijkerk/ CoinDesk)

Aave sees $6 billion deposit drop as Kelp hack exposes structural risk for DeFi lender

2 hours ago

Bitcoin slides back into familiar range (Shutterstock)

RaveDAO’s RAVE token collapses 90% in a day as exchange probes widen

3 hours ago

Every two to three days, a crypto investor or executive is kidnapped or their home invaded by criminals who have some how found out they have digit5al assets. ((Stephanie LeBlanc/Unsplash)

Inside the rise of wrench attacks against crypto holders and how France has become the focus

3 hours ago

Toky-headquartered Nomura Holdings defends its recently announced crypto strategy. (Photo by mako on Unsplash/Modified by CoinDesk)

Nomura study says 65% of institutional investors see crypto as a vital portfolio diversifier

4 hours ago

Keys (Filip Szalbot/Unsplash)

One person holds the keys to $200 million of a project’s crypto. His co-founder says that has to end

6 hours ago

Top Stories
Cypher Protocol suffers exploit (Clint Patterson/Unsplash)

2026’s biggest crypto exploit: $292 million gets drained from Kelp DAO with wrapped ether stranded across 20 chains

20 hours ago

People with a laptop in front of a whiteboard (Kaleidico/Unsplash)

Binance and Bitget to probe RAVE’s 4,500% token surge as claims of insider-orchestrated rally grow

Apr 18, 2026

Strategy Executive Chairman Michael Saylor on CoinDesk Television

Why Michael Saylor’s Strategy decided to make STRC’s dividend bi-monthly

21 hours ago

A bulk carrier shrouded in mist awaits entry to the Strait of Hormuz

Bitcoin falls back to $76,000 as Iran shuts Hormuz again

Apr 18, 2026

Strategy Executive Chairman Michael Saylor at the Digital Asset Summit in New York City on March 20, 2025. (Nikhilesh De)

Strategy proposes semi-monthly dividends on its popular STRC preferred stock

Apr 17, 2026

Worldcoin co-founders Alex Blania and Sam Altman (Marc Olivier/Worldcoin)

Sam Altman’s World project launches major upgrade to fight deepfakes and bots

Apr 17, 2026

About the Author

Melinda

Author

View All Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Stories

Kelp DAO Loses $293M in Bridge Exploit, Leaving Aave With Over $200M in Bad Debt

Kelp DAO Loses $293M in Bridge Exploit, Leaving Aave With Over $200M in Bad Debt

Rasha Siddiqi 46 minutes ago 0
Bithumb Seeks to Retain Controversial CEO Amid Regulatory Scrutiny

Previewing Consensus’ Policy Summit: State of Crypto

Melinda 1 hour ago 0
Crypto's Future Brightens as Experts Predict AI-Powered Payments and Institutional Growth

DeFi Lender Aave Battles Withdrawal Crisis After KelpDAO rsETH Exploit

Rasha Siddiqi 2 hours ago 0

You May Have Missed

Kelp DAO Loses $293M in Bridge Exploit, Leaving Aave With Over $200M in Bad Debt

Kelp DAO Loses $293M in Bridge Exploit, Leaving Aave With Over $200M in Bad Debt

Rasha Siddiqi 46 minutes ago 0
Bithumb Seeks to Retain Controversial CEO Amid Regulatory Scrutiny

Previewing Consensus’ Policy Summit: State of Crypto

Melinda 1 hour ago 0
Ethereum Staking Milestone Under Fire: Experts Question 50% Claim

Web3 VCs have a differentiation problem

Melinda 1 hour ago 0
SEC Pivots: A Call for Regulatory Clarity in the Crypto Space

TIm Draper’s $250,000 BTC Call, New Whale Data, and More – Week In Review

Rasha Siddiqi 1 hour ago 0