The incidents highlight persistent vulnerabilities in cross-chain infrastructure as DeFi protocols increasingly rely on bridge technology to connect disparate blockchain networks.
Infrastructure Response and Recovery
Kelp DAO immediately moved to replace its cross-chain infrastructure following the exploit. The liquid staking protocol ditched LayerZero's cross-chain messaging system in favor of Chainlink's Cross-Chain Interoperability Protocol (CCIP), according to The Block.
The decision came after Kelp claimed LayerZero had approved the technical setup that enabled the $292 million bridge hack. LayerZero's omnichain protocol has facilitated over $50 billion in cross-chain transactions but faces scrutiny over its security model following the incident.
Drift Protocol outlined a user recovery plan following its $295 million exploit, which security firms linked to North Korean hackers. The Solana-based derivatives exchange joins a growing list of DeFi protocols targeted by DPRK-affiliated groups, who have stolen over $3 billion from crypto protocols since 2020.
Market Dynamics Amid Security Concerns
Despite the exploits, institutional demand for Bitcoin exposure remained strong. US spot Bitcoin ETFs attracted $532 million in net inflows, extending positive flows to a third consecutive day. BlackRock's IBIT and Fidelity's FBTC led the inflows, according to The Block.
The sustained ETF demand contrasts sharply with corporate treasury strategy shifts. K Wave Media scrapped its massive Bitcoin treasury plan, redirecting $485 million from crypto investments to artificial intelligence initiatives. The pivot reflects growing institutional interest in AI infrastructure over digital asset holdings.
Cross-Chain Security Assessment
The weekend's exploits underscore systemic risks in DeFi's cross-chain infrastructure layer. Bridge protocols have lost over $2.5 billion to hacks since 2021, representing nearly 60% of all DeFi exploit losses.
Chainlink's CCIP, which Kelp DAO adopted as replacement infrastructure, uses a different security model with decentralized oracle networks and multiple layers of verification. However, the migration process itself introduces temporary vulnerabilities as protocols transition between systems.
Risk Considerations: Cross-chain bridge protocols remain high-risk infrastructure with significant exploit history. Users should evaluate security models and consider insurance coverage when using bridge services.Data sources: The Block, CoinDesk. Figures as of May 5, 2026.