Crypto News Ethereum Exchanges Ripple

Kelp DAO migrates rsETH to Chainlink CCIP amid blame dispute

Kelp Dao Migrates Rseth To Chainlink Ccip Amid Blame Dispute
Kelp Dao Migrates Rseth To Chainlink Ccip Amid Blame Dispute

Kelp DAO is moving its restaking token, rsETH, away from LayerZero’s cross-chain framework and toward Chainlink CCIP after the April exploit that exposed a vulnerability in the DeFi infrastructure. The decision comes as the project, LayerZero and the wider ecosystem debate who bears responsibility for the breach and how best to secure fast-moving cross-chain activity. The incident—one of the largest security shocks this year—saw 116,500 rsETH stolen from a LayerZero-powered bridge and later used as collateral on Aave v3 to borrow wrapped Ether. Kelp said the migration to Chainlink CCIP is a step toward restoring trust and security for rsETH holders and users.

Key takeaways

  • Kelp DAO will migrate rsETH to Chainlink CCIP following the April LayerZero exploit, citing security concerns and a desire to harden cross-chain reliability.
  • The attack involved the theft of 116,500 rsETH from Kelp’s LayerZero-enabled bridge on April 18, with the tokens subsequently posted as collateral on Aave v3 to borrow wrapped Ether (WETH).
  • LayerZero released a postmortem blaming Kelp’s DVN configuration (a single verifier path) for the breach, while Kelp pushes back, saying the 1/1 setup is a common default and that many protocols rely on similar configurations.
  • LayerZero announced it will no longer validate cross-chain messages for apps relying on a single DVN and will migrate affected protocols to a multi-DVN model, signaling a broader shift in how cross-chain security is approached.
  • The dispute has intensified ongoing concerns about DeFi security, adding fuel to conversations about accountability and best practices in cross-chain architectures, alongside other high-profile incidents such as the Drift Protocol breach.

Cross-chain architecture under scrutiny

The Kelp episode has thrust LayerZero’s cross-chain architecture into the spotlight. LayerZero’s postmortem contends that the breach occurred due to an inadequate DVN (decentralized verifier network) configuration—specifically, relying on a single DVN as the verified path for cross-chain messages instead of requiring multiple independent checks. LayerZero maintains that it advised against this setup, emphasizing that the risk lies in depending on a single chain path for critical asset transfers.

In response, Kelp DAO characterized the postmortem as incomplete and contested LayerZero’s framing of the vulnerability. The project pointed to data suggesting that a substantial portion of LayerZero users operate with a single DVN, a situation Kelp said is not unusual in practice. The DAO argued that the default configurations have historically included multi-DVN setups and that Kelp’s own changes to DVN configuration were not unusual for production environments. The exchange further argued that LayerZero had been aware of the configuration issues and did not provide timely warnings about the associated risks.

The broader debate hinges on whether a single-verification path should ever be acceptable for bridge-like functionality, even if widely used. The incident underscores how quickly a vulnerability in cross-chain messaging can translate into real value loss and liquidity disruption across DeFi protocols tied to the asset. It also highlights the tension between ease of deployment and robust security controls in a rapidly evolving cross-chain landscape.

Kelp’s pivot to Chainlink CCIP and what it means for rsETH

In the wake of the exploit, Kelp DAO said it would migrate rsETH to Chainlink CCIP to strengthen security and reduce exposure to cross-chain messaging risks. The move signals a broader appetite among DeFi projects to diversify or upgrade cross-chain infrastructure after major breaches, especially when tied to restaking mechanisms that rely on cross-chain bridges to facilitate fast, liquidity-efficient operations.

rsETH was designed to represent staked ETH that can be restaked across networks and used as collateral on lenders like Aave. The April incident saw the stolen rsETH being used to back a borrowing position on Aave v3, illustrating how compromised cross-chain liquidity can propagate through DeFi money markets. By transitioning to CCIP, Kelp aims to restore a layer of assurance around asset integrity and cross-chain message validation while maintaining the restaking utility that rsETH offers to users.

The development matters for investors and users who rely on rsETH as part of yield strategies or liquidity provisioning. It also raises questions for builders about how best to architect cross-chain flows that combine speed, security, and resilience. Chainlink CCIP’s approach—emphasizing a trusted, globally verifiable oracle network—offers an alternative that some teams may see as better aligned with enterprise-grade security standards, particularly for critical collateral and staking flows.

LayerZero’s response and the path forward

LayerZero’s leadership contest this narrative with a focus on the security architecture, stating that moving away from single-DVN configurations is a prudent, long-term step for the ecosystem. The company announced it would stop validating or approving cross-chain messages for any application relying on a single verifier and that it is actively migrating protocols using the single-DVN setup to a multi-DVN model. The aim is to reduce single points of failure and improve the integrity of cross-chain message delivery.

LayerZero’s co-founder and CEO, Bryan Pellegrino, publicly pushed back against some of Kelp’s claims, describing portions of the DAO’s narrative as inaccurate. He noted that Kelp’s rsETH had originally operated with multi-DVN defaults and that a later manual change to a 1/1 configuration was not recommended for production systems. Pellegrino argued that the defaults cited by Kelp—multi-DVN paths and, in some cases, DeadDVN configurations that are effectively non-usable—reflect the evolution of LayerZero’s recommended security posture, and he signaled that an external, independent postmortem would soon be published to shed additional light on the incident.

The disagreement has not cooled expectations that more external audits and third-party security analyses will accompany post-incident transparency. The industry has long argued that independent, external reviews are essential for validating internal postmortems and restoring user trust after major cross-chain breaches.

Broader ripple effects in DeFi

The Kelp breach has reverberated through the DeFi ecosystem, reinforcing concerns about how interconnected lending, staking, and cross-chain protocols can become fragile in the face of cross-network attacks. Cointelegraph’s coverage has described the event as a notable episode of contagion that affected the broader crypto lending market and raised the stakes for risk management across bridges and restaking mechanisms. The incident sits alongside other high-profile security events this year, including the Drift Protocol attack that was linked by investigators to North Korean-linked actors, underscoring a pattern of sophisticated cross-chain exploits targeting DeFi liquidity and collateral flows.

As the industry digests these developments, observers will be watching not only the outcomes of Kelp’s migration but also the broader adoption of CCIP versus LayerZero’s approach, and how major protocols balance ease of integration with stringent security controls. The regulatory and market implications—ranging from risk disclosures to the appetite for more end-to-end security guarantees—could shape how new cross-chain solutions are evaluated and deployed in the months ahead.

Meanwhile, Kelp has pledged that a complete external postmortem by independent security firms will be published, which could provide valuable, objective insights into the breach and the efficacy of the surrounding defenses. Until then, investors and builders alike should monitor how rsETH’s transition unfolds, how LayerZero and CCIP-scale cross-chain security strategies evolve, and what practical lessons emerge for securing restaking and collateral flows in a highly interconnected DeFi ecosystem.

As the dust settles, the core question remains: will the cross-chain security debate translate into lasting architectural changes that fortify DeFi, or will it spur a continual cycle of migrations and reconfigurations as protocols chase the latest, seemingly safer, standards? Readers should watch the upcoming security reviews and the continued evolution of cross-chain messaging standards for concrete, actionable guidance in the near term.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

The Crypto Breaking News editorial team curates the latest news, updates, and insights from the global cryptocurrency and blockchain industry.

Related Posts