After initially framing the exploit as a developer configuration failure, LayerZero said it “owns” the decision to let its own verifier secure high-value transfers in a vulnerable setup.