Why cross-chain bridges are DeFi’s weakest link after $293m Kelp DAO hack

Crypto bridges are back in the spotlight — and not for the right reasons.

Saturday’s $293 million exploit of Kelp DAO has pushed bridge security to the top of the crypto industry’s spotlight, says Ari Redbord, global head of policy and government affairs at TRM Labs.

“When the security model of a $300 million issuer reduces to one validator’s signing key, the attack surface stops being technical and becomes structural,” he wrote on Sunday.

The analysis follows an attacker draining 116,500 rsETH — about 18% of the token’s circulating supply — by triggering a function on LayerZero’s cross-chain messaging system. In simple terms, the attacker sent a fake message that told Kelp’s bridge money had arrived from another blockchain. The bridge believed the signal and released the tokens.

Kelp DAO is a liquid restaking protocol built on Ethereum that allows users to earn both standard staking rewards and additional restaking yield through EigenLayer.

When users deposit eligible tokens, they receive rsETH, a tradable asset that can be used across DeFi platforms while the underlying funds continue to secure multiple networks. In effect, the structure allows investors to keep their capital productive without locking it up, preserving liquidity while generating layered returns.

The attack adds to the $286 million loss Drift suffered on April 1, bringing this month's DeFi losses to over $550 million.

How do bridges work?

A cross-chain bridge is software that connects different blockchains, such as Ethereum and Arbitrum.

When users move tokens across chains, the bridge locks the original tokens and creates matching ones on the new chain. That process depends on validators — trusted computers that confirm whether a blockchain transaction is genuine.

The bridge was fooled into believing a fake message from another blockchain was real, so it released tokens it should never have. Because only one validator was configured to approve those messages, a single point of failure enabled the attacker to unlock hundreds of millions of dollars.

Kelp’s setup reportedly relied on a 1/1 Decentralised Verifier Network, or DVN. That means a single validator had the authority to approve cross-chain messages. Once that validator was compromised or fooled, the entire system trusted a fake signal.

The "blast radius" extended beyond Kelp. Aave, SparkLend, Fluid, and Upshift paused markets tied to rsETH, Redbord said.

Aave alone saw more than $5.4 billion in ether withdrawals as users moved to limit exposure, he added.

Two additional attempts to drain another $100 million were blocked after Kelp’s emergency multisignature wallet froze contracts within 46 minutes.

“The answer is to lean into defense: diverse validator sets on messaging layers, real-time monitoring on mint and burn flows, fast-acting pauser multisigs, and cross-protocol playbooks that assume contagion,” Redbord wrote.

“April has been a tough month for DeFi builders.”

Lance Datskoluo is DL News’ Europe-based markets correspondent. Got a tip? Email him at lance@dlnews.com