Kraken Abandons LayerZero for Chainlink CCIP Amid Mass Migration
Following its exploitation in April, LayerZero faces intense examination as cryptocurrency platforms reassess their cross-chain infrastructure choices and pursue more secure options.
On Thursday, cryptocurrency exchange Kraken revealed its decision to transition from LayerZero to Chainlink's Cross-Chain Interoperability Protocol as its cross-chain infrastructure provider, adding itself to a growing list of platforms that have switched following April's Kelp DAO security breach.
According to Kraken's announcement, the exchange is phasing out its current cross-chain infrastructure provider and transitioning to Chainlink CCIP as the sole cross-chain solution for securing Kraken Wrapped Bitcoin (kBTC) along with all upcoming wrapped token products.
The exchange stated its selection of Chainlink CCIP was driven by the platform's provision of "enterprise-grade infrastructure with strict security and risk management requirements." The security features encompass certifications, design that prioritizes security by default, 16 independent nodes, and built-in native rate limits.
Since April's Kelp DAO security breach, LayerZero has faced increased examination, with the incident resulting in approximately $292 million worth of liquid restaking tokens being stolen by threat actors believed to have connections to North Korea's Lazarus Group.
On May 9, LayerZero published an "overdue apology" acknowledging that the company had performed a "terrible job on comms over the past three weeks."
The company acknowledged that attackers targeted its internal RPCs (remote procedure calls), resulting in their "source of truth poisoned," while external RPC providers experienced concurrent denial of service attacks, though LayerZero attributed responsibility to Kelp's configuration as a direct result of their single-DVN (Decentralized Verifier Network) setup.
According to LayerZero's confirmation, no additional applications were compromised, and since April 19, the protocol has processed more than $9 billion worth of bridged assets.
Other protocols migrate away from LayerZero
Kraken isn't the only platform executing this transition. Kelp DAO has disclosed that it's currently undergoing migration to Chainlink's CCIP, having burned the attacker's 117,132 rsETH this week as a component of its recovery efforts.
On May 7, Solv Protocol revealed its transition from LayerZero to CCIP as the official cross-chain solution for its $700 million portfolio of tokenized Bitcoin.
Additionally, on May 8, onchain reinsurance platform Re disclosed its migration of $475 million in total value locked away from LayerZero to the Chainlink protocol infrastructure.
Since the Kelp security breach, over $3 billion in TVL has transitioned to CCIP, with multiple protocols halting their LayerZero-based bridging operations, as reported by MEXC.
Lido, the largest Ethereum liquid staking protocol globally, is also a CCIP user. "Chainlink's defense-in-depth model acts as the definitive standard for cross-chain interoperability," the platform stated in Thursday's blog post.
No reaction in token prices
Chainlink's native token LINK showed no price movement in response to the news, continuing to trade near bear market lows around $10, representing an 80% decline from its 2021 peak.
In contrast, LayerZero's native token ZRO has experienced a decline exceeding 30% following the April security breach and sits more than 80% below its 2024 all-time high, based on CoinGecko data.
Cointelegraph contacted LayerZero requesting comment but did not receive an immediate response.