Kraken Migrates kBTC to Chainlink Amid LayerZero Security Concerns

Severity: High (Score: 70.5)

Sources: Decrypt.Co, re.xyz, Kucoin

Summary

Kraken has announced its migration of the Kraken Wrapped Bitcoin (kBTC) product from LayerZero to Chainlink's Cross-Chain Interoperability Protocol (CCIP) due to security issues highlighted by a recent $292 million exploit involving Kelp DAO. This incident, attributed to North Korea's Lazarus Group, raised alarms about LayerZero's security standards, prompting Kraken and other firms to abandon the technology. The total value locked (TVL) across protocols migrating to Chainlink now exceeds $2.57 billion, with kBTC's TVL around $333 million. Kraken's decision aims to enhance security, as CCIP requires 16 independent node operators for transaction verification. The migration is part of a broader trend as multiple projects, including Kelp DAO and Solv Protocol, have also shifted away from LayerZero. Kraken's integration with Chainlink is expected to support all future wrapped assets, ensuring better security and risk management. Key Points: • Kraken is migrating its kBTC product to Chainlink due to security concerns with LayerZero. • The Kelp DAO exploit, linked to Lazarus Group, involved a $292 million loss attributed to LayerZero's vulnerabilities. • Chainlink's CCIP requires 16 independent nodes for transaction verification, enhancing security.

Key Entities

• Lazarus Group (apt_group)
• Kelp DAO (company)
• LayerZero Labs (company)
• North Korea (country)
• exploit.as (domain)
• LayerZero (platform)