Coins: 17,547
Exchanges: 1,476
Market Cap: $2.674T 0.1%
24h Vol: $94.303B
Gas: 0.294 GWEI
Go Ad-free
Analysis
TABLE OF CONTENTS

47% of LayerZero OApps Could be the Next Kelp DAO

Loke Choon Khei
|
Edited by
Khor Win Win
-

Over $4.5 Billion Remains Exposed to the Vulnerability Behind the $292M Kelp DAO Hack

Kelp DAO Data Campaign main chart

What Happened to Kelp DAO?

On April 18, 2026, an unknown attacker, alleged to be Trader Traitor, a DPRK-state linked hacking group exploited a single security setting in Kelp DAO's LayerZero bridge to mint 116,500 unbacked rsETH tokens, worth approximately $292M before using it as collateral to borrow $230M worth of assets on the crypto lending platform Aave, passing the bad debt on to them. This sophisticated attack was enabled by KelpDAO’s 1-of-1 setting of LayerZero’s DVN (Decentralized Verifier Network) configuration. This meant that a single signer, LayerZero in this case, authorized cross-chain messages with no secondary verification required.

Days later, the crypto analytics firm Dune Analytics released an open analysis dataset and it was found that Kelp DAO’s security setting was not unique. Dune’s dataset revealed that 47% of all active LayerZero OApps run a similar 1-of-1 DVN security setting. We then analyzed this dataset and identified the top 10 at-risk assets by market capitalization which represented a combined exposure exceeding $4.5B.

Who Else Uses the 1-of-1 DVN Setting?

The main asset at risk is not a DeFi protocol but rather Tether’s omnichain version of the USDT stablecoin, USDT0. During our snapshot date on April 22, 2026, USDT0 carried a circulating supply of $4.065B, representing over 87% exposure of the top 10 at risk assets. While USDT0 is deployed across 14 blockchains — the majority of which operate on a more secure 2-of-2 DVN configuration — its Ethereum, Optimism, and Base contracts run on a 1-of-1 DVN configuration.

However, a successful exploit of the 1-of-1 contracts could result in unbacked USDT0 minted on Ethereum/Optimism/Base and deposited as collateral on lending markets. This chain of events could ultimately result in bad debt that cascades across the entire ecosystem, regardless of which chain it originated from.

The next project at risk is Pendle Finance’s PENDLE token which sits at over $229M in market capitalization and is deployed across Ethereum, Hyperliquid and Berachain. However, it is important for us to discuss that the exposure for the tokens ranked 2nd - 10th is much lower than that of USDT0 and the gap is not purely a function of market capitalization. This is because the main concern with this attack vector is for the token to be used as collateral to borrow other more valuable, and liquid crypto assets. Attackers will find it hard to cash out their illicitly minted tokens even if they were successful in doing so, but if they were able to collateralize the asset, the situation changes. This is why Kelp DAO’s rsETH was targeted, and is why it becomes dangerous if USDT0 is targeted. Other DeFi governance tokens on this list are unlikely to be accepted as collateral in most crypto lending platforms, making these projects a less attractive target for this specific attack vector.

What Is a 1-of-1 DVN and Why Does It Matter?

LayerZero's security model allows OApp developers to configure which DVNs must independently verify cross-chain messages before they are executed. A 2-of-2 configuration — the minimum widely considered secure — requires two independent signers to agree before any message is processed. A 1-of-1 configuration requires only one. If that single signer's key is compromised, leaked, or socially engineered, an attacker can forge arbitrary cross-chain messages: minting unbacked tokens, draining bridge escrow, or triggering unauthorized transfers.

Currently, LayerZero released a statement and maintained that they strongly communicated and recommended that all projects require at least a 2-of-2 configuration. However, KelpDAO rebutted and said that the 1-of-1 configuration was “the default for any new OFT deployment”.

Methodology

We referred to Dune’s dataset and identified projects using the 1-of-1 DVN configuration by filtering for the column “min_required_dvns” = 1. Dune’s dataset covered ~2,665 unique OApp contracts over a 90-day period ending approximately April 22, 2026. Market capitalization data is sourced from CoinGecko, snapshotted on April 22, 2026. Where the same OApp contract appeared under multiple project labels, entries were deduplicated by retaining the most descriptive named project label.

Projects where the 1-of-1 OApp represents only a subset of a larger independently-existing token supply were excluded, as the exposed fraction could not be reliably quantified. This reasoning specifically excludes wBTC which was initially in our top 10 list. At the time of writing, wBTC also announced an upcoming upgrade to its DVN configuration, to be completed by April 26, 2026, reinforcing this exclusion. USDT0 was included as its Ethereum, Optimism, and Base contracts had the relevant 1-of-1 exposure and route through LayerZero OFT infrastructure. The majority of USDT0's other chain deployments operate on a 2-of-2 DVN configuration.

Conclusion

The Kelp DAO exploit was a wake-up call, and the DeFi ecosystem appears to have heard it. Within hours of the attack, protocols across DeFi moved quickly, pausing markets, freezing collateral, and reviewing their own configurations. USDT0 paused its bridging infrastructure the very next day. That speed of response is encouraging and suggests the industry's incident response muscle has meaningfully improved since earlier generations of DeFi exploits.

The harder truth is that a fast response is not a substitute for a secure configuration. The 47% of LayerZero OApps still running 1-of-1 DVN settings represents a known, documented, and now publicly demonstrated attack surface.

The good news is that this is a solvable problem. Unlike smart contract vulnerabilities that require full redeployments, DVN configurations can be updated by OApp owners directly. The fix is a configuration change, not a protocol overhaul. For projects that have not yet reviewed their settings, the cost of inaction is now considerably clearer than it was on April 17. Even though we excluded wBTC in this list, the team announced that upgrades are in the works and an upgrade away from 1-of-1 DVN configurations is expected by April 26, 2026.  We foresee that many other projects are likely to follow suit, closing this attack vector with time.

If you cite these insights, we would appreciate a link credit to this article on CoinGecko, which allows us to keep supplying you with useful data-led content.

Related: Which was the Worst Year for Crypto Hacks and Exploits

This study is for illustrative and informational purposes only, and is not financial advice.

Raw Data: Top 10 At-Risk Assets by Market Capitalization — Snapshotted April 22, 2026

Rank

Project

Token

Market Cap (USD)

Category

Affected blockchains

1

USDT0

USDT0

$4,065,000,000

Cross-Chain Stablecoin

Ethereum, Optimism, Base

2

Pendle

PENDLE

$229,000,000

Yield Protocol

Ethereum, Hyperliquid, Berachain

3

Aethir

ATH

$117,000,000

GPU Infrastructure

Ethereum

4

Zama

ZAMA

$62,900,000

FHE Infrastructure

Ethereum, BNB Chain, Hyperliquid

5

Vana

VANA

$43,800,000

Data DAO

Ethereum, Arbitrum, Base, BNB Chain, Optimism, Polygon

6

Moonbirds

BIRB

$38,700,000

NFT / Memecoin

Ethereum

7

Swell Network

rswETH

$34,780,000

Liquid Restaking Token

Ethereum, Arbitrum

8

Sophon

SOPH

$28,000,000

Consumer L2

Arbitrum, BNB Chain, Base, Polygon, Sophon

9

Zentry

ZENT

$26,700,000

Gaming / AI OS

Ethereum, BNB Chain

10

Orderly Network

ORDER

$20,800,000

Perp DEX Infrastructure

Ethereum, Arbitrum, Avalanche, BNB Chain, Base, Berachain, Mantle, Optimism, Polygon, Sei, Sonic, Abstract, Plumephoenix

Market cap data sourced from CoinGecko as of April 22, 2026. DVN configuration and 90-day message volume data sourced from Dune Analytics. Projects are ranked by market capitalization of the specific token/asset routing through the 1-of-1 DVN OApp.

CoinGecko's Content Editorial Guidelines
CoinGecko’s content aims to demystify the crypto industry. While certain posts you see may be sponsored, we strive to uphold the highest standards of editorial quality and integrity, and do not publish any content that has not been vetted by our editors.
Learn more
Want to be the first to know about upcoming airdrops?
Subscribe to the CoinGecko Daily Newsletter!
Join 600,000+ crypto enthusiasts, traders, and degens in getting the latest crypto news, articles, videos, and reports by subscribing to our FREE newsletter.
Tell us how much you like this article!
Loke Choon Khei
Loke Choon Khei
Choon Khei has been involved in the cryptocurrency space since 2021. Choon Khei specialises in DeFi strategies and airdrop farming routes. When not accumulating more points, Choon Khei enjoys his time making himself a pour-over coffee. Follow the author on Twitter @Seol_luna

More Articles

New Portfolio
Icon & name
Select Currency
Suggested Currencies
USD
US Dollar
IDR
Indonesian Rupiah
TWD
New Taiwan Dollar
EUR
Euro
KRW
South Korean Won
JPY
Japanese Yen
RUB
Russian Ruble
CNY
Chinese Yuan
Fiat Currencies
AED
United Arab Emirates Dirham
ARS
Argentine Peso
AUD
Australian Dollar
BDT
Bangladeshi Taka
BHD
Bahraini Dinar
BMD
Bermudian Dollar
BRL
Brazil Real
CAD
Canadian Dollar
CHF
Swiss Franc
CLP
Chilean Peso
CZK
Czech Koruna
DKK
Danish Krone
GBP
British Pound Sterling
GEL
Georgian Lari
HKD
Hong Kong Dollar
HUF
Hungarian Forint
ILS
Israeli New Shekel
INR
Indian Rupee
KWD
Kuwaiti Dinar
LKR
Sri Lankan Rupee
MMK
Burmese Kyat
MXN
Mexican Peso
MYR
Malaysian Ringgit
NGN
Nigerian Naira
NOK
Norwegian Krone
NZD
New Zealand Dollar
PHP
Philippine Peso
PKR
Pakistani Rupee
PLN
Polish Zloty
SAR
Saudi Riyal
SEK
Swedish Krona
SGD
Singapore Dollar
THB
Thai Baht
TRY
Turkish Lira
UAH
Ukrainian hryvnia
VEF
Venezuelan bolívar fuerte
VND
Vietnamese đồng
ZAR
South African Rand
XDR
IMF Special Drawing Rights
Cryptocurrencies
BTC
Bitcoin
ETH
Ether
LTC
Litecoin
BCH
Bitcoin Cash
BNB
Binance Coin
EOS
EOS
XRP
XRP
XLM
Lumens
LINK
Chainlink
DOT
Polkadot
YFI
Yearn.finance
SOL
Solana
Bitcoin Units
BITS
Bits
SATS
Satoshi
Commodities
XAG
Silver - Troy Ounce
XAU
Gold - Troy Ounce
Select Language
Popular Languages
EN
English
RU
Русский
DE
Deutsch
PL
język polski
ES
Español
VI
Tiếng việt
FR
Français
PT-BR
Português
All Languages
AR
العربية
BG
български
CS
čeština
DA
dansk
EL
Ελληνικά
FI
suomen kieli
HE
עִבְרִית
HI
हिंदी
HR
hrvatski
HU
Magyar nyelv
ID
Bahasa Indonesia
IT
Italiano
JA
日本語
KO
한국어
LT
lietuvių kalba
NL
Nederlands
NO
norsk
RO
Limba română
SK
slovenský jazyk
SL
slovenski jezik
SV
Svenska
TH
ภาษาไทย
TR
Türkçe
UK
украї́нська мо́ва
ZH
简体中文
ZH-TW
繁體中文
Welcome to CoinGecko
Welcome back!
Login or Sign up in seconds
or
Sign in with . Not you?
Forgot your password?
Didn't receive confirmation instructions?
Resend confirmation instructions
Password must contain at least 8 characters including 1 uppercase letter, 1 lowercase letter, 1 number, and 1 special character
By continuing, you acknowledge that you've read and agree fully to our Terms of Service and Privacy Policy.
Get Price Alerts with CoinGecko App
Forgot your password?
You will receive an email with instructions on how to reset your password in a few minutes.
Resend confirmation instructions
You will receive an email with instructions for how to confirm your email address in a few minutes.
Get the CoinGecko app.
Scan this QR code to download the app now App QR Code Or check it out in the app stores
Add NFT
Track wallet address
Paste
We only display assets from supported networks.
Ethereum Mainnet
Base Mainnet
BNB Smart Chain
Arbitrum
Avalanche
Fantom
Flare
Gnosis
Linea
Optimism
Polygon
Polygon zkEVM
Scroll
Stellar
Story
Syscoin
Telos
X Layer
Xai
Read-only access
We only fetch public data. No private keys, no signing, and we can't make any changes to your wallet.
Create Portfolio
Select icon
💎
🔥
👀
🚀
💰
🦍
🌱
💩
🌙
🪂
💚
CoinGecko
Better on the app
Real-time price alerts and a faster, smoother experience.
You’ve reached the limit.
Guest portfolios are limited to 10 coins. Sign up or log in to keep the coins listed below.