Crypto exchange Kraken has decided to transition away from LayerZero’s cross-chain interoperability technology following its involvement in last month’s significant $292 million exploit of Kelp DAO. As part of this shift, Kraken will migrate its existing wrapped Bitcoin product, known as kBTC, to Chainlink’s cross-chain interoperability protocol (CCIP). Going forward, any wrapped products from Kraken will incorporate Chainlink’s technology.
In a recent announcement on X, Kraken stated, “Kraken chose Chainlink CCIP because it offers enterprise-grade infrastructure with strict security and risk management requirements.” It reassured its users that holders of the kBTC token, which is backed 1:1 by Bitcoin stored in custody at Kraken, need not take any action at this time. Currently, kBTC holds a market cap of approximately $266 million.
This move by Kraken is part of a larger trend among significant crypto firms distancing themselves from LayerZero’s technology in the aftermath of the Kelp DAO exploit. The team behind the interoperability protocol acknowledged that a mistake was made, leading to the exploit’s occurrence. Following Kraken’s announcement, Kelp DAO expressed its intention to migrate to Chainlink’s technology. Additionally, Solv Protocol has announced plans to move its technology, which supports $700 million in Bitcoin-related assets, to CCIP. On-chain reinsurance protocol Re has also revealed its intentions to switch from LayerZero to Chainlink.
Kraken emphasized the potential benefits of its collaboration with Chainlink, stating that together they can foster greater global adoption of cryptocurrency by enhancing utility and distribution for all Kraken Wrapped Assets across decentralized finance (DeFi).
While Kraken did not explicitly reference the Kelp DAO exploit, the decision to migrate away from LayerZero comes in the wake of the exploit on April 18, which was ultimately attributed to the Lazarus Group, a notorious state-sponsored hacker organization from North Korea. According to a postmortem released by LayerZero Labs, the attackers managed to drain 116,500 rsETH liquid staking tokens from Kelp DAO’s infrastructure by “poisoning” the internal remote procedure calls (RPCs) utilized by the protocol. LayerZero subsequently assured that no other applications within its network were affected and that funds remained secure.
