Decentralized finance protocols are reevaluating the security of their blockchain oracle providers following the fallout from the $293 million Kelp DAO exploit last month. Several protocols have announced migrations to the Chainlink infrastructure in recent days, citing security concerns surrounding third-party oracle and bridge providers.
On Thursday, Bitcoin DeFi platform Solv Protocol announced it would migrate to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) and replace its LayerZero bridges, citing a “comprehensive security assessment” that concluded CCIP provided the “strongest security guarantees.”
A day earlier, liquidity protocol Tydro also said it would move to Chainlink after its previous oracle provider, Chaos Labs, experienced an incident that prompted Tydro to pause markets over concerns about inaccurate price feeds.
The migrations come after an April 18 exploit in which attackers emptied 116,500 Kelp DAO reoccupied ETH (rsETH) tokens worth between $290 million and $293 million. Following the exploit, Kelp DAO also migrated its rsETH token to Chainlink, moving away from its previous LayerZero-powered bridge after the incident was attributed to weaknesses in the cross-chain setup.
Source: Solv protocol
However, LayerZero said on April 20 that the exploit was due to a single point of failure in the Kelp DAO implementation, which relied on a single LayerZero DVN as the only authenticated path, despite previous warnings against that configuration.
DeFi protocols assess Oracle’s security after Kelp exploit
The Kelp DAO exploit caused a “wake-up call” for DeFi providers, according to Zach Rynes, strategic initiatives lead at Chainlink Labs.
Rynes told Cointelegraph that DeFi teams conducting security assessments are increasingly deciding to replace legacy oracle and bridge systems with Chainlink infrastructure to strengthen core security, and that multiple other DeFi protocols are discussing possible migrations to Chainlink following the exploit.
Oracle providers with long histories and strong reliability are becoming increasingly important as hacks continue across the industry, Marcin Kazmierczak, co-founder of RedStone, the fourth largest blockchain oracle provider, told Cointelegraph, adding that RedStone has also maintained a “completely reliable track record.”
Redstone was also contacted by Tydro as a stopgap measure after the Chaos Labs oracle attack, providing support in restoring oracle feeds to the protocol.
Source: Redstone
Oracle’s consolidation raises new questions for DeFi
After the Kelp DAO exploit, only a smaller group of specialized providers may be able to meet the “demand and reliability requirements” created by growing institutional participation in DeFi, Kazmierczak said.
“A smaller number of trusted oracles are forming in the market,” he said, adding that as capital concentrates around providers with proven track records, the risk of oracle-related exploits could decrease.
When asked about the risks of multiple DeFi protocols relying on fewer providers, Rynes said Chainlink’s infrastructure is designed to withstand extreme market conditions.
He pointed to periods such as the Covid market crash in 2020, the FTX collapse in 2022 and major volatility events in 2025, saying Chainlink continued to operate during these disruptions.
Nik Kunkel, founder of Chronicle, the second-largest oracle provider, said over-reliance on a single infrastructure provider will always bring additional risks.
“There are risks anytime a large part of an ecosystem depends on a single piece of infrastructure,” Kunkel told Cointelegraph, adding that mitigating those risks also requires keeping the data infrastructure independently transparent and verifiable.
Top Oracle providers by market share. Source: DefiLlama.com
Chainlink remains the largest oracle provider with a 58% market share and an insured value of more than $32 billion, according to DefiLlama. Chronicle ranks second with a total value of $7.6 billion, while RedStone ranks fourth with $3.7 billion, representing a 6.7% market share.
Magazine: 53 DeFi Projects Infiltrated, 50 Million NEO Tokens Could Be ‘Returned’: Asia Express