KelpDAO plans to undertake Chainlink CCIP after the huge exploit final month.
KelpDAO has publicly disputed claims made by LayerZero Labs concerning the April 18, 2026, exploit. Within the newest publish on X, it argued that the incident stemmed from failures inside LayerZero’s infrastructure fairly than any misconfiguration by itself platform.
In response to KelpDAO, attackers exploited LayerZero’s programs, ensuing within the lack of greater than $300 million throughout a number of DeFi protocols. The group additional revealed that two extra cast transactions value over $100 million have been efficiently signed and processed by LayerZero’s DVN earlier than being halted after Kelp intervened and paused its contracts.
KelpDAO Counters LayerZero Narrative
Kelp claimed that this early response prevented additional monetary harm, despite the fact that the underlying bridging infrastructure remained energetic for a while after the problem had been detected and reported.
On the heart of the dispute is LayerZero’s assertion that the exploit resulted from a configuration difficulty particular to KelpDAO. Kelp rejected this rationalization, whereas claiming that the configuration in query was broadly used throughout the LayerZero ecosystem and aligned with its official documentation.
Information cited by Kelp signifies that a good portion of LayerZero functions relied on comparable DVN setups, together with many working underneath a 1-1 configuration involving LayerZero’s personal DVN. This setup was neither distinctive nor experimental however a part of commonplace deployment practices adopted by quite a few protocols.
Kelp additionally defined that LayerZero’s DVN is a core part of its ecosystem and is included in default configurations offered to builders. The corporate identified that LayerZero’s documentation and quickstart templates information builders towards these default setups, typically with out requiring extra DVNs. Kelp acknowledged that it adopted these pointers and maintained common communication with the LayerZero group since integrating the infrastructure in early 2024. Throughout this era, Kelp added that its configuration selections have been reviewed and authorised, and there was no indication that the setup posed a safety threat.
Experiences cited by Kelp describe compromised off-chain programs accountable for monitoring blockchain exercise, in addition to fraudulent attestations triggered via the DVN. Some researchers have detailed the occasion as a broader infrastructure breach fairly than a restricted RPC difficulty, which, once more, factors to compromised nodes and weaknesses inside LayerZero’s belief boundary.
You may additionally like:
In the meantime, LayerZero Labs admitted in its postmortem that attackers accessed RPC endpoints utilized by its DVN and took management of a number of nodes earlier than finishing up what it known as an RPC spoofing assault. Nonetheless, Kelp and impartial analysts imagine that this description downplays the problem, as faux messages have been nonetheless authorised regardless of safeguards.
Transition to Chainlink
KelpDAO carried out instant measures to safe its programs in response. This included pausing contracts and conducting a full evaluate of its bridging infrastructure. As a part of its long-term technique, the protocol has introduced plans emigrate away from LayerZero’s OFT commonplace and undertake the Cross-Chain Interoperability Protocol (CCIP) developed by Chainlink.
This transition will transfer rsETH to Chainlink’s Cross-Chain Token commonplace. The protocol revealed that the goal of this modification is to scale back reliance on single factors of failure whereas strengthening cross-chain safety going ahead.
