Kelp Moves rsETH to Chainlink After $292M Exploit

Image credit: Shutterstock

Kelp DAO will migrate rsETH to Chainlink’s Cross-Chain Interoperability Protocol after a $292 million exploit hit its LayerZero-powered rsETH bridge in April.

The protocol said the move is meant to strengthen cross-chain security for rsETH, its liquid restaking token. The migration will move rsETH away from LayerZero’s OFT standard and onto Chainlink’s Cross-Chain Token standard.

116,500 rsETH Exploit Spread Losses Into Aave

The attack took place on April 18 and involved about 116,500 rsETH. Reports said the stolen tokens were later used as collateral on Aave v3 to borrow wrapped Ether, spreading the impact into DeFi lending markets.

The incident became one of the largest DeFi exploits of the year. It also created bad debt concerns for Aave and triggered recovery efforts involving frozen ETH, liquidity providers and protocol-level negotiations.

Kelp said the move to Chainlink CCIP is part of its effort to rebuild confidence in rsETH after the bridge failure.

Kelp and LayerZero Dispute 1-of-1 Bridge Setup

The migration comes as Kelp DAO and LayerZero continue to dispute what caused the exploit. Kelp claims LayerZero approved a 1-of-1 decentralized verifier network setup and did not properly warn the protocol about the risks. Kelp also said the setup had been discussed during integration talks and was confirmed as secure at the time.

LayerZero has rejected that version of events. Reports said LayerZero blamed the vulnerability on Kelp’s use of a single verification route instead of multiple independent checks. LayerZero CEO Bryan Pellegrino has pushed back on Kelp’s claims and said an external security postmortem will be published.

Chainlink CCIP Migration Shifts Focus to Postmortem

Kelp said the Chainlink migration is both a security upgrade and a step toward restoring user confidence in cross-chain rsETH transfers. The dispute remains unresolved, with both sides pointing to different causes for the failed verification setup. Kelp says the incident exposed weaknesses in the bridge setup, while LayerZero says the issue was tied to Kelp’s configuration.

For now, the immediate change is clear. Kelp is moving rsETH to Chainlink CCIP as it tries to reduce cross-chain risk after the April exploit. The next key development is the external postmortem, which could determine how responsibility is assessed and whether other protocols need to review similar bridge configurations.