Kelp DAO has announced plans to migrate its cross-chain infrastructure to Chainlink’s CCIP, while disputing claims that its own configuration caused the $300 million exploit linked to LayerZero.
In a detailed post published on May 5Kelp said April 18 The attack stemmed from vulnerabilities within LayerZero’s infrastructure, rather than a protocol-level misconfiguration as previously suggested.
Kelp dismisses ‘misconfiguration’ narrative
The protocol opposed claims that the use of a 1-of-1 DVN [Decentralized Verifier Network] setup was the cause of the vulnerability.
Kelp stated that the configuration was:
- widely used in the LayerZero ecosystem
- included in the standard documentation
- expressly approved in previous communications
It cited public data showing that nearly half of applications integrated into LayerZero operated under similar configurations, with most transactions relying on LayerZero’s own DVN.
Attack reduced to compromise at infrastructure level
According to Kelp, the exploit breached LayerZero’s off-chain infrastructure, allowing attackers to manipulate RPC nodes and generate forged transaction attestations.
The attackers reportedly triggered the generation of unbacked rsETH and extracted funds via DeFi protocols.
Kelp added that it paused contracts within an hour of detecting the attack and claims to have prevented additional losses $100 million.
LayerZero’s answer raises further questions
Kelp also questioned the inconsistencies in LayerZero’s postmortem, particularly the characterization of the incident as an isolated configuration issue.
The protocol noted that LayerZero later limited 1-of-1 DVN setups after the exploit, a move the company said contradicts previous guidance that such configurations were acceptable.
Furthermore, concerns have been raised about:
- shared infrastructure dependencies
- lack of monitoring alerts
- exposure of RPC endpoints
Kelp argued that these factors point to systemic risks within LayerZero’s trust model.
The shift to Chainlink signals a broader impact
As part of its response, Kelp confirmed that it will be switching to Chainlink’s Cross-Chain Interoperability Protocol [CCIP]citing its track record and security model.
This move reflects a broader shift towards a more robust cross-chain infrastructure post-exploit.
Kelp said the priority remains securing user funds and rebuilding trust, with a full forensic report expected at a later date.
Final summary
- Kelp DAO has announced a migration to Chainlink CCIP after accusing LayerZero of infrastructure flaws in the $300 million exploit.
- The dispute highlights growing concerns about cross-chain security and the systemic risks posed by widely accepted standard configurations.