Kraken Dumps LayerZero for Chainlink CCIP After Kelp Hack

Kraken announced on Thursday it would shift its cross-chain infrastructure from LayerZero to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) for all wrapped assets, including Kraken Wrapped Bitcoin. The decision follows the April Kelp DAO exploit, where attackers stole approximately $292 million in liquid restaking tokens, with investigations linking the attack to North Korea’s Lazarus Group. LayerZero acknowledged communication failures and internal security breaches, including poisoned RPCs and denial-of-service attacks on external providers. It blamed Kelp’s single-DVN structure for the incident, though it claimed no other applications were compromised. Since April 19, over $9 billion in assets have moved through LayerZero, according to the protocol. Kraken cited Chainlink CCIP’s enterprise-grade security, including 16 independent nodes, native rate limits, and certifications, as key reasons for the switch. The exchange emphasized stronger controls for DeFi transfers, aligning with growing scrutiny of cross-chain systems. Chainlink highlighted its defense-in-depth model as a standard for interoperability. The migration trend extends beyond Kraken. Kelp DAO burned the hacker’s 117,132 rsETH as part of recovery efforts and plans to use CCIP moving forward. Solv Protocol migrated its $700 million in tokenized Bitcoin to CCIP on May 7, while Re shifted its $475 million in total value locked the following day. MEXC reported over $3 billion in TVL moving to CCIP since the Kelp attack, with Lido already relying on the protocol for Ethereum liquid staking. LayerZero’s reputation has suffered amid the fallout, prompting several protocols to pause bridging activities. Kraken’s partnership with Chainlink aims to expand utility for its wrapped assets while addressing security gaps exposed by the Kelp incident. The shift underscores broader industry concerns about cross-chain vulnerabilities and the growing preference for audited, decentralized solutions.