AI News CryptoTRADE THE NEWS
Colorful abstract composition with technology and
Crypto
Bitcoin
Chainlink
DeFi
Ethereum

Solv moves to Chainlink CCIP after $293M Kelp rsETH exploit

Tydro and Kelp DAO also shifted oracle and bridge infrastructure as LayerZero disputes the root-cause narrative.

By AI News Crypto Editorial Team4 min read

DeFi teams are changing vendors, not just writing post-mortems, after an April 18 exploit drained 116,500 Kelp DAO rsETH worth $290 million to $293 million. Solv Protocol, Tydro, and Kelp DAO have each announced moves toward Chainlink infrastructure, reopening the security-versus-consolidation debate in DeFi plumbing.

Key Takeaways

  • An April 18 exploit drained 116,500 Kelp DAO restaked ETH (rsETH) tokens valued between $290 million and $293 million.
  • Solv Protocol said it will replace LayerZero bridges with Chainlink CCIP after an “extensive security review” found CCIP offered the “strongest security assurances.”
  • Tydro paused markets over concerns about inaccurate price feeds after an incident involving Chaos Labs, then announced a move to Chainlink.
  • Kelp DAO migrated rsETH to Chainlink and moved away from a LayerZero-powered bridge, while LayerZero blamed Kelp’s single-DVN configuration.

The $293M rsETH Drain That Triggered a Vendor Rethink

The trigger was straightforward and expensive. On April 18, attackers drained 116,500 Kelp DAO restaked ETH (rsETH) tokens worth between $290 million and $293 million.

What matters for market structure is the second-order response. In the days after the incident, multiple protocols publicly committed to swapping out oracle and cross-chain components, with Chainlink emerging as the default “safe” vendor choice. Chainlink Labs strategic initiatives lead Zach Rynes called the exploit a “wake-up call” and said multiple other DeFi teams are discussing potential migrations.

For traders, this is less about one exploit and more about how quickly counterparties reprice infrastructure risk. Bridges and oracles sit in the liquidation path. When they fail or are misconfigured, the immediate outcomes are halted markets, bad pricing, and forced risk-off behavior that can ripple into collateral and liquidity.

Solv and Tydro Swap Infrastructure: CCIP Replaces LayerZero, Oracles Get Repriced

Solv Protocol, a Bitcoin DeFi platform, said it will migrate to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) and replace LayerZero bridges. The team framed the decision as the result of an “extensive security review” that concluded CCIP provided the “strongest security assurances.” No migration timeline or scope was specified.

Tydro’s catalyst was operational disruption rather than a bridge exploit. The liquidity protocol said it is moving to Chainlink after an incident involving its prior oracle provider, Chaos Labs, that led Tydro to pause markets due to concerns about inaccurate price feeds. RedStone was brought in as an emergency measure and supported restoring oracle feeds.

This is the cleanest reminder that oracle incidents are not theoretical. Pausing markets is a protocol-level circuit breaker, and it can translate into abrupt changes in liquidity conditions and collateral behavior.

Who Owns the Root Cause? Kelp’s Cross-Chain Weakness vs LayerZero’s Single-DVN Claim

Kelp DAO responded by migrating its rsETH token to Chainlink and moving away from a LayerZero-powered bridge, attributing the incident to weaknesses in its cross-chain setup.

LayerZero disputes that framing. On April 20, LayerZero said the exploit stemmed from a single point of failure in Kelp DAO’s implementation, specifically reliance on a single LayerZero DVN as the only verified path despite prior warnings against that configuration.

The distinction matters because it splits the narrative into “provider risk” versus “integration risk.” If the failure is primarily integration design, vendor churn may not reduce risk unless teams also change how they configure verification and message paths.

Signals Traders Can Track From Here

The first signal is execution, not announcements. Solv’s CCIP migration should leave a trail: deployments, governance proposals, or explicit notices that LayerZero bridges are being disabled or deprecated.

Second is attribution clarity. Any post-mortem or technical write-up that resolves the disputed root cause will shape how the market prices LayerZero-style messaging frameworks versus protocol-specific configuration risk.

Third is whether the “wake-up call” becomes a broader migration wave. Rynes said multiple other teams are discussing potential moves, but no names were provided. Confirmed, named switches are the only data point that matters.

Fourth is the unresolved Chaos Labs incident detail. Tydro paused markets over inaccurate price feeds, but the scope, duration, and whether losses occurred were not specified. Those specifics will determine whether this stays a contained ops event or becomes a wider oracle trust issue.

Why This Migration Wave Matters More Than the Blame Game

I care less about which party wins the PR dispute and more about what the flow of integrations implies. When teams move quickly toward one vendor after a high-profile failure, it signals a live repricing of operational risk and a preference for long-lived infrastructure, not a slow-burn narrative.

The threshold that matters is whether these migrations compound into measurable concentration. DefiLlama data puts Chainlink at 58% oracle market share with more than $32 billion in value secured, versus Chronicle at $7.6 billion and RedStone at $3.7 billion with a 6.7% share. If this wave continues, the setup starts to look structural rather than narrative-driven, and the practical consequence is that a larger slice of DeFi’s liquidation and pricing stack depends on a smaller set of pipes.

Sources