The $292 million vulnerability tied to KelpDAO is the latest in a long line of crypto bridge hacks, highlighting how systems designed to connect blockchains can become the easiest way to hack them.
The incident involved KelpDAO’s use of LayerZero’s cross-chain messaging system, an infrastructure widely used to move data and assets between blockchains.
The purpose of the bridge is to allow users to transfer assets from one blockchain to another, much like moving from Ethereum to another network. But instead of acting as a seamless connector, they have repeatedly become weak points, costing billions of dollars over the past few years.
So why does this keep happening?
Leaders in the crypto ecosystem say the answer isn’t just bad code or careless mistakes. The issue is more fundamental; the first is how the bridge is built.
Core Issue: Trust the Middleman
To understand this problem, it helps to understand what bridges actually do.
If you transfer your tokens from one blockchain to another, the second chain needs to prove that your tokens exist and are locked on the first chain. In an ideal world, it would verify this on its own. In fact, it’s too expensive and complicated.
“Most bridges don’t fully verify what’s happening on the other chain,” said Ben Fisch, CEO of Espresso Systems. “Instead, they rely on smaller systems for reporting. [second] The system becomes something you trust. “
So instead of independently checking the truth, the bridge outsources it, usually to a small group of validators or an external network like LayerZero or Axelar. This shortcut comes with risks. In the vulnerability related to Kelp DAO, attackers targeted data fed into the bridge.
“The attacker compromised the node and fed the system a false version of reality,” Fish said. “The bridge worked as designed. It just believed the wrong information.”
Bridge hacks often look different on the surface. Some involve stolen keys, some involve flawed smart contracts. But experts say these are symptoms of a deeper problem. The real question is how the system is designed.
“Anything that can go wrong will go wrong, and bridge hacks are a perfect example of this,” said 1inch co-founder Sergej Kunz. “You see code vulnerabilities, centralization issues, social engineering, and even economic attacks. Often it’s a mix.”
How bridges work
To the user, the bridge looks simple. You can move assets from one blockchain to another with the click of a button. Behind the scenes, the process is more complicated.
First, your tokens are locked on the original blockchain. A separate system then confirms that the token has been locked. The system usually consists of a small group of operators or validators. These operators then send a message to the second blockchain indicating that the tokens have been locked so that new ones can be issued. If the message is accepted, the second chain will create a new version of your token. These are wrapper coins such as rsETH or WBTC.
The problem is that the process depends on trusting the person sending the message. If an attacker compromises the system, they can send false messages and create tokens that were never supported on the original chain.
“The worst-case scenario is that the system doesn’t really check anything,” Fish said. “It’s just believing someone else’s version of events.”
When a failure spreads
Given that bridges fail so frequently, why isn’t the industry fixing them?
Part of the answer comes down to incentives. “Safety is often not a priority,” Kunz said. “The team is focused on launching quickly, adding users and increasing the total value locked.”
Building a secure system takes time and money. Many DeFi projects operate with limited resources, making it difficult to make significant investments in auditing, monitoring, and infrastructure.
At the same time, projects are racing to support more blockchains. Each new integration adds complexity. “Each new connection adds more hypotheses,” Fish said.
Bridge hacks are rarely contained. Bridging assets are used in various lending protocols, liquidity pools, and yield strategies. If these assets are compromised, losses will amplify.
“Other platforms may view hacked assets as legitimate assets,” Kunz said. “That’s how contagion happens.” Users are rarely told how the bridge actually works or what problems might arise.
There are ways to make bridges safer. Fish said a key step is eliminating single points of failure by relying on independent data sources rather than shared infrastructure.
In effect, these “data sources” are computers that monitor the blockchain and report what is happening. They may be run by the bridge itself, an external network such as LayerZero, or an infrastructure provider. But many systems rely on the same underlying services, meaning a single compromised source can serve up bad data across multiple systems.
“If everyone relies on the same source, the risk is not reduced,” he said. “You just copied it.”
Other approaches include hardware protection and better monitoring to detect misconfigurations early on. Some developers are also working on designs that use cryptography directly to verify data instead of an intermediary.
Kunz believes a more fundamental shift is needed. “As long as we rely on validator-based bridges, these problems will continue to exist,” he said.
Read more: North Korea’s Crypto Heist Tactics Are Expanding, DeFi Keeps Hit
