After Disputing LayerZero Claims, KelpDAO Prepares Chainlink CCIP Migration
KelpDAO has publicly disputed claims made by LayerZero Labs regarding the April 18, 2026, exploit. In the latest post on X, it argued that the incident stemmed from failures within LayerZero’s infrastructure rather than any misconfiguration on its own platform.
According to KelpDAO, attackers exploited LayerZero’s systems, resulting in the loss of more than $300 million across multiple DeFi protocols. The team further revealed that two additional forged transactions worth over $100 million were successfully signed and processed by LayerZero’s DVN before being halted after Kelp intervened and paused its contracts.
KelpDAO Counters LayerZero Narrative
Kelp claimed that this early response prevented further financial damage, even though the underlying bridging infrastructure remained active for some time after the issue had been detected and reported.
At the center of the dispute is LayerZero’s assertion that the exploit resulted from a configuration issue specific to KelpDAO. Kelp rejected this explanation, while claiming that the configuration in question was widely used across the LayerZero ecosystem and aligned with its official documentation.
Data cited by Kelp indicates that a significant portion of LayerZero applications relied on similar DVN setups, including many operating under a 1-1 configuration involving LayerZero’s own DVN. This setup was neither unique nor experimental but part of standard deployment practices followed by numerous protocols.
Kelp also explained that LayerZero’s DVN is a core component of its ecosystem and is included in default configurations provided to developers. The company pointed out that LayerZero’s documentation and quickstart templates guide builders toward these default setups, often without requiring additional DVNs. Kelp stated that it followed these guidelines and maintained regular communication with the LayerZero team since integrating the infrastructure in early 2024. During this period, Kelp added that its configuration choices were reviewed and approved, and there was no indication that the setup posed a security risk.
Reports cited by Kelp describe compromised off-chain systems responsible for monitoring blockchain activity, as well as fraudulent attestations triggered through the DVN. Some researchers have detailed the event as a broader infrastructure breach rather than a limited RPC issue, which, again, points to compromised nodes and weaknesses within LayerZero’s trust boundary.
Meanwhile, LayerZero Labs admitted in its postmortem that attackers accessed RPC endpoints used by its DVN and took control of multiple nodes before carrying out what it called an RPC spoofing attack. However, Kelp and independent analysts believe that this description downplays the issue, as fake messages were still approved despite safeguards.
Transition to Chainlink
KelpDAO implemented immediate measures to secure its systems in response. This included pausing contracts and conducting a full review of its bridging infrastructure. As part of its long-term strategy, the protocol has announced plans to migrate away from LayerZero’s OFT standard and adopt the Cross-Chain Interoperability Protocol (CCIP) developed by Chainlink.
This transition will move rsETH to Chainlink’s Cross-Chain Token standard. The protocol revealed that the aim of this change is to reduce reliance on single points of failure while strengthening cross-chain security going forward.
The post After Disputing LayerZero Claims, KelpDAO Prepares Chainlink CCIP Migration appeared first on CryptoPotato.
