Blockchain interoperability protocol LayerZero has issued a public apology after weeks of criticism surrounding a $292 million crypto exploit that affected Kelp DAO and triggered several major clients to leave the platform.
The incident stems from an April 19 exploit targeting Kelp DAO, a decentralized finance platform that relied on LayerZero’s cross-chain infrastructure. Attackers managed to steal approximately $292 million in crypto assets in what became one of the largest cryptocurrency thefts reported in 2026.
Following the attack, LayerZero initially blamed Kelp DAO for using an insecure “1-of-1” decentralized verifier network configuration. The setup allowed a single verifier to approve cross-chain transactions, creating a critical single point of failure that attackers were able to exploit.
However, after weeks of public backlash and mounting pressure from the crypto community, LayerZero reversed its position and acknowledged its own role in enabling the risky configuration.
In a public statement, the company admitted it “made a mistake” by allowing its decentralized verifier network to operate as a single verifier for high-value transactions. LayerZero said it failed to properly assess the risks associated with the setup and accepted responsibility for the oversight.
The apology came after several high-profile decentralized finance projects began distancing themselves from the protocol. Kelp DAO reportedly moved infrastructure to competing providers, while other clients also shifted assets away from LayerZero amid concerns about security practices and crisis handling.
LayerZero said it has now disabled support for single-verifier configurations within its decentralized verifier network system. The company also announced plans to migrate applications toward more secure multi-verifier setups and increase developer education around safe deployment practices.
Despite the admission, LayerZero maintained that its core protocol was not directly compromised. The company argued the exploit targeted infrastructure configuration weaknesses rather than a flaw in the underlying protocol itself.
The breach has intensified scrutiny around cross-chain bridge infrastructure, which remains one of the most frequently targeted sectors in the cryptocurrency industry. Security researchers have repeatedly warned that blockchain bridges often introduce additional attack surfaces due to their reliance on validators, smart contracts, and external verification systems.
Cross-chain protocols have been linked to some of the largest crypto thefts in recent years, including attacks associated with state-sponsored North Korean hacking groups and organized cybercriminal operations targeting decentralized finance ecosystems.
Community reaction to LayerZero’s apology remained mixed. Some users criticized the company for initially blaming the victim instead of acknowledging shared responsibility, while others questioned whether the protocol’s reputation could fully recover following the incident.