LayerZero Co-founder Refutes Kelp DAO Claims, Reveals On-Chain Evidence of Configuration Change

Cross-Chain Security Dispute Intensifies as LayerZero Presents Evidence

The security controversy surrounding the cross-chain rsETH asset has taken a new turn. In response to allegations from Kelp DAO, LayerZero co-founder Bryan Pellegrino has issued a public rebuttal, supported by concrete on-chain evidence.

On-Chain Data Reveals Configuration Change

Pellegrino clarified that immutable blockchain records tell a different story. The data indicates that on April 1, 2024, it was Kelp DAO that proactively altered the cross-chain verification setup for rsETH. The configuration was manually changed from the default, more resilient "multi-DVN" architecture to a high-risk "1/1 single-DVN" mode.

He emphasized that LayerZero's official documentation has consistently and prominently warned against using such a single-point-of-failure configuration in production environments. This setup poses a direct threat to asset security if the sole verification node is compromised.

Security Advice Ignored, Transaction Data Shows Anomaly

Furthermore, Pellegrino revealed that the LayerZero technical team had repeatedly and explicitly recommended adopting the significantly more secure "2/3 multi-signature verification scheme" during their consultations with Kelp DAO. This advice was reportedly not followed.

Notably, Pellegrino shared an internal metric: during the period when rsETH operated under the risky single-DVN configuration, nearly 100% of the related cross-chain transaction volume originated from the rsETH asset itself. This anomalous data pattern highlights the concentration of risk associated with this specific setup.

Awaiting Final Audit, Pointing to Root Cause

LayerZero is currently awaiting a comprehensive review from an independent third-party cybersecurity firm. Pellegrino stated that a complete and detailed technical analysis of the incident will be released to the public once the final audit report is received.

He implied that the root cause of this security incident may not lie in a technical flaw of the underlying protocol but rather in a project's disregard for fundamental security operational standards widely recognized in the industry. This shifts the debate toward risk management and operational practices.

This public exchange not only concerns specific technical accountability but also raises broader questions about security norms and responsibility demarcation within the cross-chain DeFi ecosystem.