Kenny B

Two weeks ago, a forged transaction on infrastructure we trusted cost our users 116,500 rsETH. I'm not going to pretend that doesn't stay with me. Earning users' trust takes years. Watching it get tested like this is something I wouldn't wish on anyone. We paused the contracts. We flagged the breach. We coordinated recovery. We documented everything. And we didn't speak until we had something worth saying. I want to thank everyone who showed up for DeFi these past two weeks. Every team that prioritized the ecosystem over everything else. That solidarity is what this industry is built on. We have always chosen our users over the noise. But silence isn't the same as having nothing to say. Here's what happened. Here's what the facts show.

Tbh, for me, Kelp vs. LayerZero is a David vs. Goliath story. LZ is a $1B FDV company. Kelp’s valuation is ~ $20M. That’s ~50x smaller in market terms. So yeah, it’s easy for LZ to point fingers at Kelp – while ignoring the fact that 47% of protocols use a 1/1 DVN config. Plus, CT keeps calling out the 1/1 DVN config, but the bridge attack would have happened with a 3:1 configuration as well. The root cause is LZ’s RPC nodes. In the end, what matters for DeFi is that the three parties – Aave, Kelp, and LayerZero – finally start collaborating on how to overcome this crisis.

rsETH from kelpdao was the only asset with a 1-of-1 config that got exploited because it had the biggest pot that the exploiter could exit with No other asset with large enough bridged supply had as good of an exit path for the exploiter as rsETH did - because of aave v3 market listings with ample liquidity to borrow The exploiter was sophisticated enough to know that he will only get one shot at this and calculated the target meticulously to maximize their extractable value from the exploit

The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times, weighed its commitment to the security and integrity of the Arbitrum community without impacting any Arbitrum users or applications. After significant technical diligence and deliberation, the Security Council identified and executed a technical approach to move funds to safety without affecting any other chain state or Arbitrum users. As of April 20 11:26pm ET the funds have been successfully transferred to an intermediary frozen wallet. They are no longer accessible to the address that originally held the funds, and can only be moved by further action by Arbitrum governance, which will be coordinated with relevant parties.