BroadChain has learned that on April 22 at 19:46, on April 18, an attacker exploited a vulnerability in Kelp DAO's LayerZero routing configuration, which used a 1-of-1 DVN with no optional verifiers, to forge cross-chain messages. This resulted in the contract incorrectly releasing 116,500 rsETH. Under different loss-sharing scenarios, the potential bad debt faced by Aave ranges from approximately $123.7 million to $230.1 million.
This is not only the largest DeFi security incident since 2026 but, more critically, it has shattered the industry's architectural assumption of over-centralizing security in a few default trusted middle layers in pursuit of efficiency and liquidity. This incident has exposed the compounded single points of failure.
The first layer is the verification single point: Kelp DAO compressed the legitimacy of the entire message into the assumption that "one validation node does not fail." In contrast, LayerZero officially recommends a 2/2 or multi-validator redundant configuration. Furthermore, this risk had been publicly highlighted by security researchers as early as January 2025.
The second layer is the reserve single point: once the mainnet reserve pool was breached, rsETH on other chains exposed its nature as merely an IOU built on a single anchor point. The risk spilled over along DeFi's composability, forcing Aave to urgently freeze multiple related markets to prevent contagion. A deeper issue is that this logic of "outsourcing security to a single point" also lurks within the interfaces users interact with daily.
Web3 emphasizes "Don't trust, Verify," but at the interaction level, users often default to entrusting the understanding of transaction meaning and the judgment of call results to front-end interpretation, forming a hidden trust outsourcing. Historically recurring incidents like front-end hijacking and address replacement all point to the same underlying issue: what users sign is not always the transaction they believe it to be.
This leads to the concept of "Verifiable UI." Its core is not about beautifying the front-end but establishing a verifiable connection between the content presented by the interface and the actual on-chain execution—a connection that users can check, wallets can verify, and can be traced afterward. This means wallets should, as much as possible, revert calldata into human-readable, clear operational intent before signing, and every step described by the interface should have on-chain verifiable evidence supporting it.
As interaction paradigms shift from users clicking step-by-step on front-ends to expressing intents and having systems execute automatically, the importance of interface verifiability will rise sharply. In the Agent era, execution paths, parameters, etc., are more easily folded out of the user's sight, bringing new risks alongside efficiency gains.
Therefore, the responsibility of the next-generation wallet needs to evolve from a mere signing tool to the final checkpoint for certainty before execution, translating probabilistic generative results into verifiable, deterministic content. The discussion triggered by the Kelp DAO incident should not remain confined to technical details like DVN configuration. It warns the industry that the efficiency and returns of many on-chain products are still built upon single-point assumptions that users cannot verify.
Decentralization is the baseline for security, and "Verifiable UI" has the potential to become an indispensable new security boundary in the intent-driven era.