In a major escalation, KelpDAO blamed LayerZero for the recent $293 million exploit. For that reason, KelpDAO announced plans to migrate operations to Chainlink’s CCIP.
Through their official X account, the Kelp team posited that
Kelp also claimed that two additional forged transactions totaling $100 million were signed and processed by LayerZero Labs DVN. However, these two transactions were blocked by Kelp after the team paused contracts.
The team used independent data from major on-chain investigators, including SEAL 911 and Chainalysis, to back the claim.
On the 18th of April, an attacker drained approximately 116,500 rsETH from a LayerZero cross-chain bridge used by Kelp.
According to Kelp, LayerZero approved the configuration associated with the exploit and failed to warn the relevant parties of potential risks. Thus, Kelp argued the attack originated from an attack on LayerZero as attackers compromised the verifier network’s RPC nodes.
Source: KelpDAOThe compromise allowed fake transactions to get approved. Kelp argues that LayerZero’s termination of the 1.1 DVN configuration confirms widespread usage and that it changed only after the exploit.
To avoid such an exploit in the future, Kelp seeks to adopt Chainlink CCIP, which uses multiple independent validators instead of a single verifier.
Layerzero refutes the claims and defends its infrastructure
In response to KelpDAO’s claims, LayerZero CEO and co-founder Bryan Pellegrino said most were false.
Pellegrino claimed that Kelp initially used the defaults, MultiDVN or DeadDVN, but migrated to a 1/1 configuration. He added that rsETH accounted for nearly 100% of the volume on the 1/1 configuration.
On his X, he posited that,
In essence, Pellegrino blamed Kelp for its manual migration to 1/1 and its configuration, and used multiple screenshots to support the claim.
Chainlink and LayerZero face off
Kelp’s decision to switch to Chainlink is a major blow to LayerZero as it signals a dwindling confidence in the network. At the same time, it’s a strong boost to Chainlink and its public trust.
In fact, Chainlink welcomed the developments, promising to work with Kelp and others to improve the cross-chain security of rsETH.
The migration suggests that market players no longer trust LayeZero’s infrastructure and its capabilities. In fact, Chainlink’s Community Liaison Zach Rynes blamed LayerZero for over-ignoring the protocol’s infrastructural failure.
Final Summary
- KelpDAO blames LayerZero’s failure over the recent attack and announced plans to migrate to Chainlink’s CCIP.
- LayerZero refutes claims, calling Kelp’s claims false, arguing that Kelp migrated manually to a 1/1 configuration instead of multiDVN.
Source: https://ambcrypto.com/kelpdao-dumps-layerzero-for-chainlink-ccip-after-293mln-exploit/
