Executor wallets in LayerZero’s architecture are the components responsible for actually delivering messages between chains. They pick up a package on one chain and drop it off on another.
In April 2026, KelpDAO suffered a major breach linked to LayerZero infrastructure, in which approximately 116,500 rsETH, worth around $292 million at the time, was drained after attackers forged a cross-chain message by compromising a single-signer DVN role.
That attack was attributed to North Korea’s Lazarus Group. The KelpDAO breach also revealed a systemic configuration problem: nearly half of all LayerZero applications were still operating with what security researchers called a “1-of-1” DVN setup. That means one compromised verifier is all it takes to forge a valid message.
The KelpDAO incident triggered calls across the ecosystem for applications built on LayerZero to migrate toward multi-signer DVN configurations, which require more than one independent verifier to approve a message before it can be executed.
LayerZero’s architectural approach emphasizes configurability over a single canonical security model, giving applications control over their own risk parameters. The tradeoff is that misconfigured or under-secured applications become the weakest links.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

1 hour ago
10









English (US) ·