Kelp DAO's Strategic Shift: Moving rsETH to Chainlink Amid Ongoing Security Dispute
By Abdus Salam
2 Views
In a dramatic turn of events for the decentralized finance (DeFi) landscape, Kelp DAO is set to migrate its restaking token, rsETH, to the Chainlink platform. This decisive move comes in the wake of a staggering $292 million exploit tied to its previous infrastructure powered by LayerZero. The fallout from this incident has prompted a heated exchange of blame, as both parties present conflicting narratives over the breach's root causes.
The exploit, which occurred on April 18, 2026, saw hackers make off with 116,500 Kelp DAO restaked ETH tokens, subsequently using them as collateral to borrow wrapped Ether from Aave v3. Following the breach, Kelp DAO communicated through an X post, emphasizing, "After the recent LayerZero exploit, we are taking steps to ensure rsETH is fully secure, which is why we are migrating to Chainlink CCIP."
Security Breach and the Blame Game
The attack on Kelp DAO has been characterized as one of the most significant security breaches of the year, stirring concerns across the interconnected crypto lending market. At the heart of the incident is a contentious debate about the vulnerability of LayerZero’s infrastructure. Kelp DAO firmly attributes the security lapses to inadequate safeguards within LayerZero’s system.
In the aftermath of the exploit, LayerZero's leadership released their own postmortem report, asserting that the breach was a direct result of Kelp DAO using a single decentralized verifier network (DVN) instead of a more robust multi-verifier system. They contend that warnings regarding the risks of this setup had been communicated to Kelp prior to the incident.
Kelp DAO's Counterarguments
Kelp DAO has strongly countered these accusations, stating that their chosen DVN configuration is not only a standard practice but also endorsed by LayerZero. They referenced data from the analytics firm Dune, which indicates that approximately half of LayerZero's users operate under similar setups. "Kelp has operated on LayerZero infrastructure since January 2024 and maintained open communication throughout the process, with DVN configurations repeatedly confirmed as secure,” the DAO claimed.
LayerZero CEO Bryan Pellegrino has not held back in rebutting these assertions, labeling many of Kelp's allegations as "completely untrue." He specified that Kelp initially operated under a multi-DVN configuration but opted for a less secure single verification setup, which is not recommended for production applications.
Looking Ahead: What’s Next for Kelp DAO?
As the crypto community absorbs the implications of this incident, Kelp DAO is poised to enhance its security posture through its transition to Chainlink's cross-chain interoperability protocol. Meanwhile, security analysts await a comprehensive postmortem from external firms that promises to shed more light on the exploit and the parties involved.
The evolving dynamics of this situation serve as a stark reminder of the pressing need for rigorous standards in DeFi security and the complexities involved in cross-chain transactions. As Kelp DAO embarks on this new chapter, all eyes are on the outcomes of this migration and its long-term implications for the decentralized finance ecosystem.
Source: Cointelegraph