LayerZero admits mistake in $292M exploit

LayerZero has acknowledged a significant error in its security configuration, admitting it "made a mistake" by allowing its own verifier network to secure high-value crypto assets in a vulnerable setup. This admission reverses weeks of blaming Kelp DAO for a $292 million hack attributed to North Korean attackers. The company stated its core protocol remained uncompromised, attributing the exploit to an attack on internal RPC infrastructure. In response, LayerZero is shifting its defaults to more secure configurations and has implemented enhanced security measures for its multisig operations. The incident has led to major clients like Kelp and Solv Protocol migrating their services to competitors, including Chainlink, as they reassess their security providers.