layerzero attack was not rpc poisoning

in networking poisoning is when the attacker outside the trust boundary taints a shared lookup (dns, arp, cache). the consumer has no reason to distrust the source.

this was not that.

the attackers got inside layerzero's trust boundary. they accessed the rpc list, compromised two nodes the dvn depended on, and swapped the op-geth binaries. that's an infra breach within the perimeter. supply-chain shaped, not network shaped.

and the payload was surgical. the malicious binary cloaked by ip, served forged payload only to the dvn, told the truth to scan and every other caller, then self-destructed to wipe logs and binaries.

rpc poisoning makes it sound like something that happened to the infra from the outside. the real story is a targeted implant operating inside the trust boundary.

that's a meaningfully scarier attack than the label suggests.