Kelp DAO Shifts rsETH to Chainlink After $292M LayerZero Exploit
Terrill Dicki May 06, 2026 04:25
Kelp DAO migrates rsETH to Chainlink CCIP after $292M LayerZero exploit, citing security concerns over LayerZero's cross-chain infrastructure.
Kelp DAO is migrating its restaking token, rsETH, to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) following a $292 million exploit in April tied to vulnerabilities in LayerZero’s cross-chain messaging infrastructure. The move is aimed at bolstering security for rsETH, a liquid restaking token designed for DeFi applications like lending, borrowing, and liquidity provision.
The April 18 exploit saw hackers drain 116,500 restaked ETH tokens via LayerZero’s bridge before using them as collateral on Aave to borrow wrapped Ether. This made it one of the largest DeFi exploits of 2026 and caused significant ripple effects across the ecosystem. Aave, for instance, paused rsETH reserves in a bid to recover funds.
Dispute Over Responsibility
At the core of the incident is a dispute between Kelp DAO and LayerZero over the root cause of the vulnerability. LayerZero’s postmortem blamed the hack on Kelp’s use of a single decentralized verifier network (DVN) configuration for cross-chain transactions—a setup it claims to have advised against. Kelp, however, has countered that the 1:1 DVN setup is a common default used by many LayerZero clients and that LayerZero approved its configuration during earlier communications.
“Kelp has operated on LayerZero infrastructure since January 2024 and maintained open communication with the team. The question of DVN configuration came up multiple times and was confirmed as secure at that time,” Kelp DAO said in an X post.
LayerZero CEO Bryan Pellegrino has refuted these claims, stating that Kelp initially used a multi-DVN configuration but manually switched to the riskier 1:1 setup. Pellegrino also revealed that external security firms are conducting an independent postmortem, which will be published soon.
Why Chainlink?
In a statement, Kelp DAO explained its decision to migrate rsETH to Chainlink CCIP, citing the protocol’s reputation for reliability and security. Chainlink’s decentralized oracle network is widely regarded as a market leader in providing secure cross-chain interoperability, making it an attractive alternative following the exploit.
This migration underscores the growing importance of robust cross-chain infrastructure in DeFi. As rsETH is used as collateral in lending platforms like Aave and for other liquidity-related activities, ensuring its security is critical to maintaining user confidence and preventing further ecosystem contagion.
Market Implications
The Kelp DAO exploit has already had a noticeable impact on the broader Ethereum ecosystem. As of May 6, Ethereum (ETH) is trading at $2,415.32, down 3.18% in the past 24 hours, reflecting ongoing concerns over DeFi security risks. The incident has also raised questions about the trustworthiness of cross-chain bridges, which remain a key vulnerability in multi-chain DeFi operations.
For traders, the migration to Chainlink could signal a more stable future for rsETH, potentially restoring its utility in DeFi protocols. However, the ongoing public spat between Kelp DAO and LayerZero may deter some institutional players from engaging with either party until the external postmortem is released.
Looking ahead, all eyes will be on Chainlink’s ability to integrate rsETH seamlessly and whether LayerZero’s shift to a multi-DVN standard can prevent similar exploits. As DeFi protocols compete for user trust, these developments could shape broader industry standards for cross-chain security.
Image source: Shutterstock.jpg)