Kelp Moves rsETH to Chainlink After $292M Exploit as Cross-Chain Liability Debate Deepens

## The visible move is migration; the deeper issue is cross-chain trust  According to Cointelegraph, Kelp DAO said on May 6, 2026 that it will migrate rsETH to Chainlink CCIP after the April 18 exploit involving 116,500 rsETH, roughly $292 million. The announcement did not close the dispute. It shifted attention from a single incident to default settings, verifier design, and accountability boundaries. Treating this as a pure vendor switch misses the core conflict. When a protocol runs with a default-like path and later suffers losses, who is responsible for communicating known constraints clearly enough for production use? ## Factual Anchors: How the April 18 incident propagated Public reporting describes a sequence in which stolen rsETH was used as collateral on Aave v3 to borrow wrapped Ether. The timeline is concrete, and so is the control-path debate that followed. The key argument is whether a single 1/1 DVN route was an acceptable deployment practice for a high-value bridge.  LayerZero has argued that single-path verification should not be treated as production-safe. Kelp has argued that the setup was common in practice and that risk warnings were not explicit enough in prior communication. ## Core Tension: Default configuration versus duty of care The conflict is not only technical. It is governance and disclosure. If many integrations rely on similar defaults, both infrastructure providers and application teams carry a stronger duty to document risk assumptions, change history, and operational guardrails. A practical accountability frame has three parts: verifiable configuration guidance, auditable change records, and consistent pause-recovery procedures. Missing any one part can turn a security event into a prolonged trust event. ## Variable One: External postmortem quality LayerZero leadership has said an external-firm postmortem is coming. The quality of that report matters more than timing alone. A useful postmortem should include a clear timeline, node behavior evidence, and explicit mapping between configuration state and exploit path. If the report stays at the conclusion level without reproducible details, attribution arguments will likely continue and delay confidence repair across integrated protocols. ## Variable Two: Governance pressure after moving to CCIP Migration does not automatically resolve systemic risk. A new route still requires policy on validator diversity, rollback controls, and upgrade audits. Migration can reduce some single-path exposure, but it cannot replace governance discipline. For Kelp, the next credibility step is transparent publication of migration scope, verifier policy, and emergency thresholds that external reviewers can test. ## Variable Three: Spillover into lending liquidity The April event affected collateral confidence and cross-protocol liquidity conditions. Even after a patch, stress can persist through collateral haircuts, borrow spreads, and liquidation parameters for weeks. That is why the more durable indicators are on-chain collateral quality, utilization stability, and whether risk parameters normalize in parallel rather than in isolation. ## Takeaway The meaning of the rsETH migration is not the stack label itself. It is whether the ecosystem can rebuild trust through verifiable evidence and governance upgrades after a major incident.  --- Author: Coinalx Editorial Team｜First published: 2026-05-06 | Last updated: 2026-05-06 Source: https://cointelegraph.com/news/kelp-dao-to-migrate-rseth-to-chainlink-as-it-continues-to-blame-layerzero-infrastructure-failure