Kelp DAO has announced plans to migrate its cross-chain infrastructure to Chainlink’s CCIP, while disputing claims that its own configuration caused the $300M exploit linked to LayerZero.
In a detailed post published on 5 May, Kelp said the 18 April attack originated from vulnerabilities within LayerZero’s infrastructure, not from protocol-level misconfiguration as previously suggested.
Kelp rejects ‘misconfiguration’ narrative
The protocol pushed back against claims that its use of a 1-of-1 DVN [Decentralized Verifier Network] setup was the cause of the vulnerability.
Kelp stated that the configuration was:
- widely used across the LayerZero ecosystem
- included in default documentation
- explicitly approved in prior communications
It cited public data suggesting that nearly half of LayerZero-integrated applications operated under similar configurations, with most transactions relying on LayerZero’s own DVN.
Attack traced to infrastructure-level compromise
According to Kelp, the exploit involved a breach of LayerZero’s off-chain infrastructure, allowing attackers to manipulate RPC nodes and generate forged transaction attestations.
The attackers reportedly triggered the minting of unbacked rsETH and extracted funds across DeFi protocols.
Kelp added that it paused contracts within an hour of detecting the attack and claims to have prevented additional losses exceeding $100 million.
LayerZero’s response raises further questions
Kelp also questioned inconsistencies in LayerZero’s postmortem, particularly its characterization of the incident as an isolated configuration issue.
The protocol noted that LayerZero later restricted 1-of-1 DVN setups after the exploit, a move it says contradicts earlier guidance that such configurations were acceptable.
It further raised concerns about:
- shared infrastructure dependencies
- lack of monitoring alerts
- exposure of RPC endpoints
Kelp argued that these factors point to systemic risks within LayerZero’s trust model.
Shift to Chainlink signals broader impact
As part of its response, Kelp confirmed it will transition to Chainlink’s Cross-Chain Interoperability Protocol [CCIP], citing its track record and security model.
The move reflects a broader shift toward more robust cross-chain infrastructure following the exploit.
Kelp said its priority remains securing user funds and rebuilding trust, with a full forensic report expected at a later date.
Final Summary
- Kelp DAO has announced a migration to Chainlink CCIP after accusing LayerZero of infrastructure failures in the $300M exploit.
- The dispute highlights growing concerns about cross-chain security and the systemic risks posed by widely adopted default configurations.