Kelp DAO and the $292 Million Bridge Exploit: What the rsETH Hack Reveals About Liquid Restaking Security

Kelp DAO entered 2026 as one of the most established liquid restaking protocols in the Ethereum ecosystem  a top liquid restaking protocol with $2 billion-plus in TVL, with rsETH available on over 40 DeFi platforms. By April 2026, it had become the subject of one of the year's most significant security events: a $292 million exploit targeting its LayerZero-powered cross-chain bridge, followed by a sophisticated laundering operation attributed to North Korea's Lazarus Group, and a coordinated recovery effort involving Aave, Arbitrum's Security Council, and the broader DeFi United recovery infrastructure.

The Kelp DAO incident is not just a news event  it is a case study in how liquid restaking protocols, cross-chain bridges, and on-chain governance mechanisms interact under adversarial conditions. For intermediate traders with capital deployed across DeFi, understanding what happened and why is directly relevant to risk management.

1. What Kelp DAO Is  rsETH, EigenLayer Integration, and Liquid Restaking Mechanics

Before analyzing the exploit, traders need to understand what Kelp DAO actually does — because the protocol's architecture is directly relevant to how the attack was executed and why the losses were so large.

Kelp DAO is a collective DAO designed to unlock liquidity, DeFi access, and higher rewards for restaked assets, providing a single liquid restaked token for accepted liquid staking tokens. The core mechanic is stacking yield layers. A user who holds stETH — already earning Ethereum staking rewards — deposits it into Kelp and receives rsETH in return. That rsETH represents the user's share in Kelp's restaking pool, which is deployed through EigenLayer's infrastructure to secure additional Actively Validated Services beyond Ethereum's own consensus. The result is simultaneous exposure to base ETH staking yield, EigenLayer restaking rewards from AVS fees, and any additional incentives from the broader DeFi ecosystem where rsETH is deployed.

rsETH can be freely transferred across different DeFi platforms, and the deposited funds interact with the EigenLayer infrastructure, which allows Ethereum security to be extended to additional services including oracle networks and data availability layers. This composability — rsETH usable as collateral in lending protocols, in liquidity pools, in yield optimizers  is precisely what made Kelp attractive to capital-efficient DeFi participants. rsETH is available on multiple DeFi protocols, DEXs, and wallets, with over $300 million deployed across lending protocols, optimizers, and on-chain.

The cross-chain dimension is critical for understanding the exploit. As rsETH grew in adoption, Kelp deployed bridge infrastructure to make the token accessible on Layer 2 networks including Arbitrum, where gas costs are lower and DeFi activity is more accessible for retail users. This bridge  powered by LayerZero's cross-chain messaging infrastructure  is the component that was exploited. The attacker drained approximately 116,500 rsETH from Kelp DAO's LayerZero-powered rsETH bridge adapter, funding initial gas fees via Tornado Cash before swapping stolen assets back into ETH.

Kelp DAO implements several security measures including admin and manager multi-signature accounts for contract changes. However, the protocol had previously faced a UI attack due to compromised nameservers. The April 2026 exploit represented a qualitatively different threat  not a UI attack or a smart contract bug, but a compromise of the cross-chain verification layer itself.

The Gain Vaults product  specialized strategies designed to optimize restaking rewards by automatically directing rsETH into the most profitable EigenLayer services — was not the direct attack target, but the protocol's composability meant that a compromise of the bridge adapter had cascading implications for rsETH holders across all networks where the token was active.

2. The Exploit Mechanics  Bridge Vulnerability, Lazarus Group Attribution, and the Arbitrum Freeze

The Kelp DAO exploit drained around $290 to $292 million through the project's LayerZero-powered cross-chain bridge. The technical root cause became the subject of a public dispute between Kelp DAO and LayerZero that continued through the recovery period.

Preliminary findings from LayerZero suggested that compromised RPC nodes allowed a fraudulent cross-chain message to pass verification, with criticism directed at the use of a 1-of-1 validation configuration. Kelp DAO contested that claim and argued that the setup followed default documentation and had been previously confirmed as appropriate. Regardless of where responsibility ultimately lies in that dispute, the technical failure mode is instructive: a cross-chain message that should have required multiple independent validators to confirm was processed with only a single verification point, meaning that compromising one RPC node was sufficient to forge a legitimate-looking cross-chain transaction.

LayerZero said that North Korea's Lazarus Group was likely behind the Kelp DAO exploit. The attribution was based on forensic analysis of the attack patterns, the malware characteristics, and the subsequent laundering methodology — all of which closely matched documented Lazarus Group operational signatures. LayerZero also said the malware used in the attack was built to delete itself afterward.

The immediate response from Kelp DAO was to pause contracts and blacklist attacker-linked wallets. This prevented an additional 40,000 rsETH, worth roughly $95 million, from being drained. The speed and effectiveness of this containment action is worth noting — it represents the kind of rapid-response capability that has become a differentiating factor between DeFi protocols that limit exploit damage and those that suffer total losses.

The most consequential containment action came from Arbitrum's Security Council. Arbitrum said its Security Council secured 30,766 ETH tied to attacker-linked addresses on Arbitrum One. The transfer was completed on April 20 at 11:26 p.m. ET. Based on market value at the time, the recovered amount was about $70.97 million. The ETH was moved into a frozen intermediary wallet controlled through governance safeguards. Arbitrum said the exploiter can no longer access those assets, and any future movement would require governance approval coordinated with relevant parties.

This governance-level freeze  where an L2 Security Council used chain-level powers to prevent an attacker from moving stolen funds  is a capability that exists only on networks with sufficient decentralized governance infrastructure. It is also a capability that the broader crypto community debates: the same authority that enables freezing stolen funds from a nation-state attacker could theoretically be used to freeze any user's funds under different circumstances. The Kelp DAO event reignited that debate without resolving it.

3. The Laundering Operation, THORChain's Role, and the Recovery Process

The wallet addresses tied to the $292 million Kelp DAO bridge exploit began a laundering operation on April 21, moving approximately 75,701 ETH worth roughly $175 million across three transactions into freshly created addresses on the Ethereum mainnet. The movements signal the start of a systematic exit strategy by the suspected North Korean Lazarus Group actors, who may have accelerated their timeline after Arbitrum's Security Council froze $71 million in stolen ETH on Arbitrum One the night before.

The Kelp DAO exploiter laundered around $80 million, with most of the stolen funds routed through THORChain. The 24-hour swap volume on THORChain surged to $394 million, significantly exceeding usual daily volumes of under $35 million. THORChain does not require Know Your Customer checks and allows direct cross-chain swaps between Ethereum and Bitcoin without a centralized intermediary. During the $1.4 billion Bybit hack in 2025, Lazarus Group converted roughly 83% of stolen ETH into bitcoin, with 72% of those funds moving through THORChain. Once stolen funds enter Bitcoin rails via decentralized protocols, recovery becomes materially harder: forensic traceability degrades with each hop, and no protocol-level freeze mechanism exists on THORChain equivalent to the governance action Arbitrum used on its own chain.

THORChain maintained that it will continue to operate with a strict hands-off policy, stating: "THORChain was modelled after Bitcoin, to be permissionless and censorship resistant. There's no single person or entity in control of the protocol. There's no admin key." This position  philosophically consistent with decentralization principles  functionally means THORChain serves as a reliable exit route for state-sponsored actors with large ETH positions to convert.

The recovery process that followed was notable for its coordination across multiple parties. Kelp DAO and Aave completed a series of steps to restore rsETH backing, including burning the exploiter's rsETH tokens on the Arbitrum network. The 117,132 rsETH  currently worth about $278 million — will be refilled progressively over two weeks from the Aave Recovery Guardian, a multisignature wallet controlled by the DeFi United recovery group and Kelp's own recovery safe, routed through the LayerZero OFT adapter.

The protocol also completed a security hardening pass. Bridging security now requires four independent attestors and 64 block confirmations, while it has deprecated some Layer 2 routes. It is also in the process of migrating to Chainlink's Cross-Chain Interoperability Protocol for further strengthened cross-chain bridging. These post-exploit security improvements directly address the single-verifier configuration that enabled the attack  moving from a 1-of-1 to a 4-of-4 attestation model for bridge verification.

For traders evaluating liquid restaking protocols on BYDFi or across DeFi, the Kelp DAO incident provides a concrete checklist: verify bridge architecture and attestation model before deploying capital, confirm that governance-level emergency response mechanisms exist and have been previously tested, and understand that cross-chain rsETH or LRT positions carry bridge risk in addition to the protocol-level and EigenLayer risks that are more widely discussed.

FAQs

Q1. What is Kelp DAO and how does rsETH work?
Kelp DAO is a liquid restaking protocol built on Ethereum that allows users to maximize staking rewards while maintaining liquidity. Instead of having ETH locked in traditional staking, users restake their liquid staking tokens through EigenLayer to earn additional rewards. When users deposit supported assets, the system issues rsETH — a token representing their share in the restaking pool that can be freely deployed across DeFi platforms.

Q2. What caused the $292 million Kelp DAO exploit in April 2026?
Preliminary findings from LayerZero suggested that compromised RPC nodes allowed a fraudulent cross-chain message to pass verification, with the attack exploiting the use of a 1-of-1 validation configuration on the bridge. Kelp DAO contested that characterization, arguing the setup followed default documentation. The exploit drained approximately 116,500 rsETH from the LayerZero-powered cross-chain bridge adapter before Kelp paused contracts and blacklisted attacker wallets.

Q3. How was Lazarus Group identified as the attacker?
LayerZero said that North Korea's Lazarus Group was likely behind the Kelp DAO exploit. THORChain had been previously used by North Korean hackers who stole over $1.5 billion from the Bybit crypto exchange, laundering ETH into BTC. Attribution was based on forensic analysis of attack patterns, self-deleting malware characteristics, and laundering methodology that closely matched documented Lazarus Group operational signatures from prior large-scale exploits.

Q4. How did Arbitrum freeze attacker funds and what are the implications?
Arbitrum's Security Council secured 30,766 ETH tied to attacker-linked addresses on Arbitrum One, completing the freeze on April 20. The ETH was moved into a frozen intermediary wallet controlled through governance safeguards, with the exploiter unable to access those assets and any future movement requiring governance approval. This demonstrated L2 chain-level containment capabilities, while simultaneously reigniting debate about the governance authority required to execute such actions.

Q5. What security changes did Kelp DAO implement after the exploit?
The protocol completed a security hardening pass in which bridging security now requires four independent attestors and 64 block confirmations, while it deprecated some Layer 2 routes. It is also migrating to Chainlink's Cross-Chain Interoperability Protocol for further strengthened cross-chain bridging. Kelp and Aave also coordinated a progressive two-week restoration of rsETH backing by burning the exploiter's tokens and refilling the bridge adapter through the DeFi United recovery infrastructure.