Kelp DAO – the DeFi lending protocol that was at the center of a bridging attack that cost $292 million last month – has officially announced it is abandoning LayerZero and switching to Chainlink's cross-chain infrastructure. This decision marks a major turning point in the debate over blockchain bridging security, as Kelp DAO becomes the first large-scale protocol to leave LayerZero since the incident.
The hack that occurred on April 18th rocked the DeFi ecosystem when the attacker – suspected of being linked to the Lazarus Group – exploited the "single-verifier" configuration of the Omnichain Fungible Token (OFT) bridge running on LayerZero. With just a single authentication point, the hacker withdrew 116,500 rsETH from the Kelp DAO. This is XEM one of the most serious bridge attacks of 2026 and continues to raise concerns about cross-chain security risks, which have repeatedly been a critical weakness of DeFi in recent years.
Following the incident, the two sides presented conflicting viewpoints. LayerZero asserted that they had previously warned about the risks of the 1-of-1 Decentralized Verifier Network (DVN) configuration. However, Kelp DAO and many observers argued that this configuration was actually the default recommendation during onboarding. The latest analysis cited by Kelp DAO showed that approximately 47% of the 2,665 LayerZero applications running at the time of the attack were using the same single-verifier configuration. Under pressure from the community, LayerZero subsequently announced that it would stop signing authentication for single-verifier configurations.
Meanwhile, Chainlink takes a completely different approach. Chainlink 's Cross-Chain Interoperability Protocol (CCIP) infrastructure utilizes a decentralized oracle network with a minimum of 16 independent nodes to validate cross- chain transactions. According to the Kelp DAO, the move to CCIP aims to “directly address the core architectural vulnerability that led to the exploit.” Alongside the infrastructure migration, the rsETH Token will also adopt the Cross-Chain Token (CCT) standard to enhance security and scalability. To date, Chainlink states that its system has supported over $30 trillion worth of cross-chain transactions – a figure XEM a testament to the reliability and scale of this oracle network.
The Kelp DAO incident wasn't just a technical issue; it created a domino effect throughout the entire DeFi ecosystem. Following the hack, a recovery alliance called DeFi United was formed to restore the rsETH collateral. Notably, LayerZero also joined this effort with a contribution of approximately 10,000 ETH, including 5,000 ETH in funding and 5,000 ETH lent through AAVE. The total amount raised for recovery to date has exceeded $300 million – demonstrating a rare level of solidarity within the DeFi community after the crisis.
