Hoskinson: Cardano, Midnight Could Curb Cross-Chain Forgeries

On April 18 a cross‑chain message forgery drained 116,500 restaked ether from KelpDAO, roughly $292 million. The breach prompted widespread withdrawals across decentralized finance, with roughly $13 billion of value pulled within 48 hours, according to onchain analysis and incident reports.

The attacker submitted a spoofed LayerZero packet that reached KelpDAO’s restake adapter and released tokens from an Ethereum escrow. The forged message claimed a Uni‑Chain endpoint as its source. KelpDAO’s configuration relied on a single decentralized verifier network, a one‑of‑one setup that created a single point of compromise. Instead of selling the stolen restaked ETH on exchanges, the attacker used the tokens as collateral in lending markets such as Aave and borrowed assets against that collateral, leaving bad debt in lending pools.

The exploit strained liquidity across multiple chains. Wrapped ETH pools on Arbitrum, Base, Mantle, Linia and Plasma hit near 100 percent utilization and limited withdrawals. Aave recorded between $6.6 billion and $8.45 billion in outflows. At least nine protocols were identified as directly affected, including Compound, Morpho, Lido, Ethena, Pendle, Euler, Beefy and Lombard Finance. Onchain forensics cited in a joint incident report found about 83,471 ETH equivalent spread across seven attacker wallets on Ethereum mainnet and Arbitrum.

A joint report from Llamarisk outlined two remediation scenarios. One would apply a 15.12 percent haircut across all restaked ETH holders, absorbing roughly $123 million in bad debt. The other would isolate losses at layer‑two networks, repricing tokens to about 26.46 percent backing and concentrating roughly $230 million in bad debt on Mantle, Arbitrum and Base while leaving Ethereum mainnet reserves untouched. KelpDAO, LayerZero and Llamarisk have published separate postmortems and do not agree on where responsibility lies.

LayerZero announced it will stop signing or attesting messages for any application still running a one‑of‑one verifier configuration and is urging migration to multi‑verifier setups. KelpDAO maintains that LayerZero’s default shipped with single‑source verification and said many applications continue to use that configuration.

In a video presentation from Wyoming that used an AI‑generated incident report site, Cardano founder Charles Hoskinson framed the incident as evidence that bridge verification failures have overtaken smart‑contract bugs as the dominant risk vector. He noted the speed at which stolen funds were redeployed into lending markets, and added, “The standard DeFi threat model assumes smart contract bugs are the dominant risk.” He also said, “When people send messages, they can verify that what they’re seeing is correct,” referring to protocols that carry state proofs with cross‑chain messages.

Hoskinson described Cardano’s staking model as liquid and non‑custodial, and pointed to Midnight, a Cardano sidechain, as a design that bundles chain state into proofs that travel with cross‑chain messages so recipients can verify state before accepting transfers. He recommended multi‑party computation to support multi‑verifier configurations with lower operational friction and cited zero‑knowledge proofs as a way to block poisoned messages at the verification layer. He warned that advanced AI tools can accelerate attackers’ ability to scan codebases for subtle vulnerabilities.

Investigators have noted onchain links consistent with tactics used by a state‑linked hacking group known as the Lazarus Group, but no independent forensics firm has publicly confirmed attribution and the FBI has not commented. The incident has prompted protocol operators and infrastructure providers to reassess cross‑chain verification practices and consider moving away from single‑verifier models toward state‑carrying proofs, multi‑party verification and cryptographic techniques to reduce the risk of forged messages.