The $292 million exploit linked to KelpDAO is the latest in a long line of crypto bridge hacks, underscoring how systems designed to connect blockchains have become some of the easiest ways to break them.
The incident involved KelpDAO’s use of the LayerZero cross-chain messaging system, a type of infrastructure widely used to move data and assets between blockchains.
Bridges are intended to allow users to move assets from one blockchain to another, such as from Ethereum to a different network. But instead of acting as seamless connectors, they have repeatedly become weak points, draining billions of dollars in recent years.
So why does this keep happening?
Crypto ecosystem leaders say the answer isn’t just bad code or careless mistakes. The problem is more fundamental; It’s in how bridges are built in the first place.
The central problem: trusting the intermediary
To understand the problem, it is helpful to look at what a bridge actually does.
If you move tokens from one blockchain to another, the second chain needs proof that your tokens existed and were locked on the first. In an ideal world, he would check it himself. In reality, this is too expensive and complex.
“Most bridges don’t fully verify what happened on another chain,” said Ben Fisch, CEO of Espresso Systems. “Instead, they rely on a smaller system to report it. [second] The system becomes something you trust.”
So instead of independently verifying the truth, bridges outsource it, often to small groups of validators or external networks like LayerZero or Axelar. That shortcut creates risk. In the Kelp DAO-related exploit, attackers targeted data coming into the bridge.
“The attackers compromised the nodes and fed the system a false version of reality,” Fisch said. “The bridge worked as designed. He just believed the wrong information.”
Bridge tricks often look different on the surface. Some involve stolen keys, others faulty smart contracts. But experts say those are symptoms of a deeper problem. The real problem lies in how the systems are designed.
“Anything that can go wrong, will go wrong, and bridge hacks are a perfect example,” said Sergej Kunz, co-founder of 1inch. “You see vulnerabilities in the code, centralization problems, social engineering and even economic attacks. It’s usually a combination.”
How bridges work
To users, the bridges appear simple. You click a button and move assets from one blockchain to another. Behind the scenes, the process is more complicated.
First, your tokens are locked on the original blockchain. An independent system then confirms that the tokens are locked. This system is usually made up of a small group of operators or validators. Those operators then send a message to the second blockchain saying that the tokens were locked so that new ones can be issued. If that message is accepted, the second chain creates a new version of its tokens. These are wrapped tokens, like rsETH or WBTC.
The problem is that this process depends on trusting the person sending that message. If attackers compromise that system, they can send a fake message and create tokens that were never backed up on the original chain.
“The worst case scenario is when the system doesn’t really check anything,” says Fisch. “It’s just trusting someone else’s version of events.”
When failure spreads
Given how often bridges fail, why hasn’t the industry repaired them?
Part of the answer comes down to incentives. “Safety is often not the top priority,” Kunz said. “Teams are focused on launching quickly, increasing users and increasing total value locked.”
Building secure systems takes time and money. Many DeFi projects operate with limited resources, making it difficult to invest large amounts in auditing, monitoring, and infrastructure.
At the same time, projects are rushing to support more blockchains. Each new integration adds complexity. “Each new connection adds more assumptions,” Fisch said.
Bridge hacks rarely remain contained. Bridge assets are used in lending protocols, liquidity pools, and yield strategies. If those assets are compromised, the damage spreads.
“Other platforms may treat a hacked asset as legitimate,” Kunz said. “This is how contagion happens.” Users are rarely told how a bridge actually works or what could go wrong.
There are ways to make bridges safer. Fisch says a key step is to eliminate single points of failure by relying on independent data sources rather than shared infrastructure.
In practice, these “data sources” are computers that look at the blockchains and report back what happened. They can be managed by the bridge itself, by external networks such as LayerZero or by infrastructure providers. But many depend on the same underlying services, meaning a single compromised source can feed bad data into multiple systems.
“If everyone depends on the same source, the risk has not been reduced,” he said. “You just copied it.”
Other approaches include hardware protections and better monitoring to detect configuration errors early. Some developers are also working on designs that verify data directly using cryptography instead of intermediaries.
Kunz believes a more fundamental change is needed. “As long as we rely on validator-based bridges, these problems will continue,” he stated.
Read More: North Korea’s Crypto Heist Playbook Is Expanding and DeFi Continues to Get Hit
