Kelp DAO Shifts rsETH to Chainlink CCIP After LayerZero OK

On May 5 Kelp DAO confirmed it is migrating rsETH from LayerZero’s OFT standard to Chainlink’s Cross-Chain Interoperability Protocol (CCIP). The project posted GitHub updates that list “CCIP (Chainlink) RSETH (New)” alongside the legacy RSETH_OFT contract and uploaded screenshots of communications it says show LayerZero approved the 1-of-1 verifier. Kelp wrote the technical migration is under way and that the change aims to secure rsETH after the April 18 incident.

On April 18 attackers drained 116,500 rsETH, about 18% of that liquid restaking token in circulation on Kelp’s LayerZero-powered bridge. The breach formed part of a wider incident that resulted in roughly $292 million in losses across decentralized finance. Analysis indicates attackers first compromised internal RPC nodes operated by LayerZero Labs, then used a distributed denial-of-service tactic to route traffic through the poisoned nodes. Because Kelp’s bridge used a 1-of-1 Decentralized Verifier Network, a single forged signature allowed the destination chain to release tokens without a matching burn on the source chain.

LayerZero’s April 19 post-mortem attributed the breach to application-level configuration, stating Kelp’s setup conflicted with the multi-DVN model LayerZero recommends. Kelp disputed that account and published a Telegram screenshot showing a LayerZero team member writing, “No problem on using defaults either.” Kelp also pointed to data indicating about 47% of active LayerZero application contracts used a 1-of-1 DVN at the time of the exploit. LayerZero has since banned the 1-of-1 configuration and is urging affected projects to migrate.

Chainlink and Kelp described technical reasons for the switch. Chainlink co-founder Sergey Nazarov described CCIP’s architecture as running each cross-chain lane across three separate oracle networks, with a separate risk-management network that enforces chain-specific policies. Nazarov added: “Even if you’re able to break one of those codebases because you know one language or you found one flaw, that flaw does not extend to the other codebase.” Kelp cited those protections in its migration announcement.

Other remedial actions after the exploit include a 10,000 ETH pledge from LayerZero to a DeFi recovery fund and a freeze of about 30,766 ETH linked to attacker wallets by the Arbitrum Security Council. The legal ownership of frozen funds is contested after U.S. claimants with terrorism-related judgments sought to attach some assets as property of the DPRK. The exploit also triggered rapid outflows from the Aave lending protocol, temporarily reducing total value locked by about $13 billion and exposing roughly $177 million in bad debt before recovery efforts.

Kelp described the migration as a measure to protect rsETH holders. LayerZero is enforcing a transition away from single-verifier configurations across roughly half its application base as it responds to the April 18 incident.