LayerZero Apologizes After $292M Kelp DAO Exploit Fallout

LayerZero finally broke its silence — sort of. The company published a blog post Friday apologizing for what it called poor communication in the three weeks following the $292 million Kelp DAO exploit.

The mea culpa went beyond PR damage control. LayerZero acknowledged that the single-verifier setup used by Kelp DAO was deficient. That's a significant admission given the scale of the breach.

Here's the kicker: according to Dune data, roughly 47% of LayerZero OApps were running the exact same default configuration back in April. Nearly half the ecosystem was sitting on the same vulnerability.

LayerZero's apology centers on its communication failures post-exploit, but the broader question looms large — how did a known-deficient setup become the default for almost half of all applications built on its infrastructure?