Kraken has switched its cross-chain infrastructure from LayerZero to Chainlink CCIP, becoming the latest major protocol to abandon LayerZero following the April Kelp DAO exploit that drained $292 million. The exchange selected Chainlink’s competing interoperability platform to secure Kraken Wrapped Bitcoin (kBTC) and future wrapped token infrastructure, citing enterprise-grade security requirements. The move marks a significant erosion of confidence in LayerZero’s security model, with at least three major protocols migrating to Chainlink CCIP since the Kelp incident.
LayerZero’s RPC Attack Exposed Configuration Weaknesses
The Kelp DAO exploit in April exposed critical vulnerabilities in LayerZero’s infrastructure. During the attack, LayerZero’s internal remote procedure call (RPC) servers were compromised, while external RPC providers faced coordinated denial-of-service attacks. LayerZero attributed the breach to Kelp DAO’s configuration, which relied on a single designated verifier network (DVN) rather than LayerZero’s multi-node setup. The exploit burned 117,132 rsETH tokens and triggered $9 billion in bridged asset transfers via LayerZero within days, raising questions about the protocol’s security architecture across its ecosystem.
Protocol Exodus Signals Deeper Trust Deficit
Kraken’s migration follows similar announcements from Solv Protocol and Re Protocol, which together moved $1.175 billion in total value locked (TVL) to Chainlink CCIP in early May. Since the April hack, approximately $3 billion in TVL has migrated to Chainlink’s platform. LayerZero’s governance token ZRO has declined 30% since the exploit and remains 80% below its 2024 all-time high, reflecting broader market skepticism. On May 9, LayerZero issued a public apology, acknowledging it “did a terrible job on comms over the past three weeks,” but the statement failed to stem the defection wave.
Chainlink CCIP’s Defense-in-Depth Model Gains Traction
Chainlink CCIP operates with 16 independent nodes and employs a defense-in-depth security model that has attracted institutional protocols. Lido, the dominant Ethereum liquid staking platform, already uses CCIP and has publicly endorsed its architecture as “the definitive standard for cross-chain interoperability.” Kraken’s endorsement of Chainlink’s “enterprise-grade infrastructure with strict security and risk management requirements” signals that institutional players now view CCIP as the safer alternative for high-value wrapped assets and cross-chain operations.
LayerZero Faces Structural Challenge Despite Denial
LayerZero maintains that no other applications were compromised by the RPC attack, describing the incident as a “source of truth poisoned” scenario. However, the coordinated migration away from the platform contradicts this narrative. Kraken’s timeline for completing the kBTC migration remains unspecified, and LayerZero has not provided a detailed technical remediation plan. The protocol now faces a critical window to restore institutional confidence or risk further TVL exodus to competing interoperability solutions.
