According to D2 Finance analysis, the fundamental reason for the nearly $300 million attack on the rsETH cross-chain bridge under Kelp DAO has been confirmed on-chain: this incident is not a protocol-level vulnerability of LayerZero, but rather a trust issue with the OApp node caused by the private key leak on the source chain. The analysis points out that the rsETH OFT Adapter on the mainnet trusted messages from legitimate deployment nodes labeled as "Kelp DAO" by LayerZero Scan, which led to a single lzReceive call directly releasing 116,500 rsETH from the custodial contract. This indicates that the attack was not due to setPeer injection, but rather the project's own source chain private key theft.
According to D2 Finance analysis, the fundamental reason for the nearly $300 million attack on the rsETH cross-chain bridge under Kelp DAO has been confirmed on-chain: this incident is not a protocol-level vulnerability of LayerZero, but rather a trust issue with the OApp node caused by the private key leak on the source chain. The analysis points out that the rsETH OFT Adapter on the mainnet trusted messages from legitimate deployment nodes labeled as "Kelp DAO" by LayerZero Scan, which led to a single lzReceive call directly releasing 116,500 rsETH from the custodial contract. This indicates that the attack was not due to setPeer injection, but rather the project's own source chain private key theft.