LayerZero said the attackers compromised two RPC nodes the company's verifier relied on and DDoS'd the rest, with the attack working only because Kelp had ignored multi-verifier recommendations.