KelpDAO exploit pushes $3B into Chainlink CCIP
The exploit is a KelpDAO incident, but the structural story is the $3B rotating to Chainlink's CCIP as DeFi projects dump LayerZero for cross-chain messaging.
Every Zipp story tagged #KelpDAO, newest first.
The exploit is a KelpDAO incident, but the structural story is the $3B rotating to Chainlink's CCIP as DeFi projects dump LayerZero for cross-chain messaging.
A new risk framework for Aave is under proposal following an exploit involving KelpDAO, a liquid restaking protocol…
Five storylines from the week that matter for DeFi: Hyperliquid's perp volume peaks, Radiant Capital plans a wind-down, Polymarket alleges Kalshi espionage, Kelp DAO's bridge loses funds, and the…
Only ~$1.7M remains in the original wallets — the laundering path through THORChain, Wasabi, Tornado Cash, and Umbra has closed the window for direct transaction-level recovery.
Decentralized finance's total value locked has shed roughly 14% since the KelpDAO exploit rattled the restaking sector…
The contracts worked exactly as written — the problem was operational. As shared bridge infrastructure concentrates, a single LayerZero-adjacent weakness can cascade across the protocols sitting on…
The restart comes a week after a Lazarus-linked April 18 attack drained the restaking market's largest LRT — a clean recovery test for the DeFi lending stack that absorbed the impact.
The $292M Kelp DAO exploit exposed a single-verifier setup LayerZero now admits should never have shipped — and a 3.5-year-old multisig incident the protocol kept quiet until Friday.
The legal theory is binary: either the recovered ether belongs to Aave's users, or it belongs to North Korea — and Aave argues attribution to Lazarus Group is unproven, with $327M in industry…
After 116,500 rsETH were abnormally released in the April 18 bridge incident, the proposal leans on committed ETH funding plus a temporary oracle tweak to clear exploiter positions on Aave and…