LayerZero pledges $23M to DeFi united after $292M Kelp DAO exploit fallout Nellius Irene | usagoldmines.com

LayerZero will commit 10,000 ETH to help clean up the $292 million Kelp DAO exploit, 5 days after watching rivals write big checks. The company posted on X, saying it will deposit 5,000 ETH into the DeFi United rescue fund and another 5,000 ETH directly into Aave to strengthen its liquidity. It also pledged to support GHO liquidity. 

Following the attack, DeFi United is racing to restore full backing for the token. The coalition has since published a technical recovery plan that relies on staged ETH deposits into Kelp’s lockbox contract,

How did the $292M hack actually happen, and what did it break?

On April 18, 2026, attackers stole $292 million from Kelp DAO by feeding its bridge fake data to mimic a real transaction. Kelp stopped further attempts 46 minutes later, but the system had already released the first 116,500 rsETH in a single transaction.

LayerZero blamed TraderTraitor, a subunit of North Korea’s Lazarus Group, linked to another $285M hack on April 1 2026. When combined, the Lazarus Group has drained over $575 million from DeFi in just 18 days using two different attack methods. 

Instead of dumping the stolen tokens on the open market, the attacker deposited about 90,000 rsETH into Aave and borrowed roughly $190 million worth of real ETH and other assets. That left Aave with bad debt that the protocol failed to fix.

Aave’s TVL dropped by about $ 13 billion, from $32 billion to $20.3 billion, within days. Users were unable to withdraw USDC or USDT due to exhausted liquidity.

Who is to blame, and why did it take LayerZero five days to commit?

The blame is appended to both Kelp DAO and LayerZero. Kelp DAO had a weak 1-of-1 setup, making it a single point of failure as only one LayerZero verifier could validate messages. And while LayerZero cautioned that multi-verifier options are safer, Kelp says the default setup used the one described by LayerZero.

David Schwartz, Ripple CTO Emeritus, raised some concerns about LayerZero’s explanation. He cited previous comments by LayerZero CEO Bryan Pellegrino that no application used only the LayerZero DVN, calling them false. X users reacted very aggressively because many users labeled LayerZero as the one behind the mess. They also called it out for not donating aid to Aave while others deposited large checks.

Five days later, LayerZero contributed 10,000 ETH, once the recovery fund had crossed $300 million in total pledges. Consensys and Joe Lubin pledged 30,000 ETH, and Mantle made a 30,000 ETH low-interest loan before LayerZero acted. Stani Kulechov posted on X and then pledged 5,000 ETH, while Kelp contributed 2,000 ETH — just before LayerZero.

What is DeFi United, and how does the recovery plan work?

DeFi United is the rescue coalition formed to support Aave after the attacks. According to reports, 14 entities joined and contributed grants, deposits, and lines of credit to rescue Aave users. 

Who has pledged to DeFi United and how much

The recovery plan has two main parts. First, supporters will slowly convert their pledged ETH into rsETH and deposit it into the Kelp DAO bridge. 

Second, they will liquidate the attacker’s remaining positions on Aave and Compound through special steps to recover more funds. Arbitrum also froze 30,766 ETH from the attacker’s wallet, so most of the missing funds will be recovered if governance approves.

What does this mean for DeFi?

According to Galaxy Research, DeFi lost more than $605 million in only 20 days across 12+ protocols. Applications built on LayerZero must now upgrade to a stronger multi-verifier step, as LayerZero now rejects any application that uses a 1-of-1 verifier.

According to DeFi, no single group controls the system. But as we’ve seen, recovery relied on centralized powers like Arbitrum approving emergency actions, Circle freezing wallets, and Aave rushing governance votes.

So the question that remains is whether the system proved it can handle self-recovery, or whether it only survived because central actors stepped in. The answer to that depends on whether protocols upgrade their systems before the next incoming attack.

If you’re reading this, you’re already ahead. Stay there with our newsletter.

This articles is written by : Nermeen Nabil Khear Abdelmalak

All rights reserved to : USAGOLDMIES . www.usagoldmines.com

You can Enjoy surfing our website categories and read more content in many fields you may like .

Why USAGoldMines ?

USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.