Decentralized finance protocols are reevaluating their blockchain oracle providers’ security after the fallout from the $293 million Kelp DAO exploit last month. Several protocols have announced migrations to Chainlink infrastructure in recent days, citing security concerns around third-party oracle and bridge providers.

On Thursday, Bitcoin DeFi platform Solv Protocol announced it would migrate to Chainlink’s Cross-Chain Interoperability Protocol (CCIP) and replace LayerZero bridges, citing an “extensive security review” concluding that CCIP provided the “strongest security assurances.” 

A day earlier, liquidity protocol Tydro also said it was moving to Chainlink after its previous oracle provider, Chaos Labs, suffered an incident that prompted Tydro to pause markets over concerns about inaccurate price feeds.

The migrations come after an April 18 exploit in which attackers drained 116,500 Kelp DAO restaked ETH (rsETH) tokens worth between $290 million and $293 million. Following the exploit, Kelp DAO also migrated its rsETH token to Chainlink, moving away from its previous LayerZero-powered bridge after attributing the incident to weaknesses in its cross-chain setup.

Source: Solv Protocol

LayerZero, however, said on April 20 that the exploit resulted from a single point of failure in Kelp DAO’s implementation, which relied on a single LayerZero DVN as the only verified path despite prior warnings against that configuration.

DeFi protocols review oracle security after Kelp exploit

The Kelp DAO exploit triggered a “wake-up call” for DeFi providers, according to Zach Rynes, strategic initiatives lead at Chainlink Labs.

Related: Aave liquidates Kelp DAO hacker’s rsETH positions on Ethereum, Arbitrum

Rynes told Cointelegraph that DeFi teams conducting security reviews are increasingly deciding to replace older oracle and bridge systems with Chainlink infrastructure to strengthen baseline security protections, and multiple other DeFi protocols are discussing potential migrations to Chainlink following the exploit.

Oracle providers with long operating histories and strong reliability are becoming increasingly important as hacks continue across the sector, Marcin Kazmierczak, co-founder of RedStone, the fourth-largest blockchain oracle provider, told Cointelegraph, adding that RedStone has also kept a “fully reliable track record.”

Redstone was also contacted by Tydro as an emergency measure after the Chaos Labs oracle attack and provided support to help restore oracle feeds for the protocol.

Source: Redstone

Oracle consolidation raises new questions for DeFi

Following the Kelp DAO exploit, only a smaller group of specialized providers may be able to meet the “demand and reliability requirements” created by growing institutional participation in DeFi, Kazmierczak said.

“A smaller set of trusted oracles is forming in the market,” he said, adding that as capital concentrates around providers with proven track records, the risk of oracle-related exploits could decline.

When asked about the risks of multiple DeFi protocols depending on fewer providers, Rynes said Chainlink’s infrastructure was designed to withstand extreme market conditions.

He pointed to periods including the 2020 Covid market crash, the 2022 FTX collapse and major volatility events in 2025, saying Chainlink continued operating throughout those disruptions.

Related: Arbitrum vote to release $71M in frozen Kelp exploit ETH set to pass

Nik Kunkel, founder of Chronicle, the second-largest oracle provider, said that an overreliance on a single infrastructure provider will always present additional risks.

“There are risks anytime a large portion of an ecosystem depends on a single piece of infrastructure,” Kunkel told Cointelegraph, adding that reducing those risks also requires data infrastructure to remain independently transparent and verifiable.

Top Oracle providers by market share. Source: DefiLlama.com

Chainlink remains the largest oracle provider with a 58% market share and more than $32 billion in value secured, according to DefiLlama. Chronicle ranks second with $7.6 billion in total value secured, while RedStone holds fourth place with $3.7 billion, representing a 6.7% market share.

Magazine: 53 DeFi projects infiltrated, 50M NEO tokens could be ‘given back’: Asia Express

Mantle tokenholders backed a proposal authorizing a credit facility of up to 30,000 Ether (ETH), worth about $68 million, for Aave DAO, advancing remediation tied to bad debt from the April rsETH exploit.

The proposal, MIP-34, passed in a seven-day Snapshot vote that ended Friday, according to DAO governance platform Snapshot. The measure authorizes the Mantle Foundation to negotiate and execute definitive agreements with Aave DAO for a loan from the Mantle Treasury, though the facility remains subject to Aave implementing its recovery plan and the parties finalizing terms.

The credit facility is intended to help address the impact of the rsETH incident on Aave V3. The proposal said the attacker deposited 89,567 unbacked rsETH on Aave and borrowed about $190 million in WETH, wstETH and stablecoins, creating potential bad debt estimated at between $123.7 million and $230.1 million.

The vote comes as the fallout from the rsETH exploit has moved beyond the initial liquidity shock into a broader remediation phase, with Mantle positioning its treasury as a backstop while Aave works to address bad debt and restore confidence in its lending markets. 

Source: Aave

Aave WETH market cools after post-exploit squeeze 

The Mantle credit facility would address the shortfall that also created liquidity stress across Aave’s lending markets.

Galaxy Research said in a Thursday report that the rsETH exploit pushed Aave’s Wrapped Ether (WETH) market into a prolonged squeeze, with WETH utilization staying above 99% for 12.7 days after the incident. 

“Across the full analysis horizon, WETH utilization stayed structurally elevated and close to the 100% ceiling, with an average around 99.6% and only easing to about 98.47% by the end of the snapshot period,” Galaxy said. 

Related: Aave asks Arbitrum to send 30K ETH from Kelp exploiter to ‘DeFi United’

High utilization means most of the supplied asset has already been borrowed, leaving little idle liquidity available for immediate withdrawals. In Aave’s case, Galaxy said the WETH market remained strained because supply contracted faster than borrows declined, keeping utilization near full capacity even after the initial shock. 

30-day WETH utilization rate chart. Source: Aavescan

The market has since cooled from the near-100% levels described in Galaxy’s analysis. Aavescan data showed Aave’s Ethereum V3 WETH market at about 91.6% utilization on Friday, with roughly 2.02 million WETH supplied and 1.85 million WETH borrowed. 

Magazine: North Korea denies crypto hacks, Upbit’s bank tests Ripple: Asia Express

Blockchain layer-2 (L2) network Polygon reduced its average block time by 250 milliseconds to 1.75 seconds, marking its first block-time reduction since genesis as the network pushes deeper into stablecoin payments and settlement infrastructure.

Polygonscan shows that the latest blocks on the network were created in 1.75 seconds. The upgrade means that Polygon can process around 14% more payments per second, reaching a maximum theoretical throughput of about 3,260 transactions per second (TPS), according to Polygon software engineer Lucca Martins.

Shorter block times can help transaction backlogs clear faster, reducing the duration of network congestion and subsequent transaction fee spikes, which is particularly important for high-frequency use cases such as payments, stablecoins or decentralized finance (DeFi) trading.

The upgrade comes as Polygon makes efforts to position itself for use cases targeting more institutional adoption, such as private stablecoin payments. On Tuesday, Polygon introduced a new wallet feature that enables users to privately route stablecoin transactions through a shielded pool verified by zero-knowledge proofs.

The upgrade is part of the Polygon Improvement Proposal PIP-86, a two-step motion that seeks to further reduce block time to 1.5 seconds and scale down checkpoint rewards to maintain the Polygon (POL) token emissions at the target 1% after the block time reduction. 

Polygon blockchain explore, latest blocks, production time. Source: Polygonscan

Cointelegraph reached out to Polygon for comment on its block time reduction plans, but had not received a response by publication.

Related: Morgan Stanley takes on crypto trading rivals with E*Trade pilot

Polygon targets private stablecoin payments to onboard institutions

Polygon’s new wallet feature is part of an aim to onboard more institutional users as it hides senders, receivers and amounts onchain while maintaining compliance through Know Your Transaction (KYT) screening and auditable files.

The feature introduces more privacy for businesses transacting with stablecoins, according to Polygon community lead Smokey. 

Despite the upgrade, Polygon’s (POL) token remained stagnant over the past 24 hours and traded at $0.09 at the time of writing. The token is down 54% over the past year, CoinMarketCap data shows.

POL/USD, one-year chart. Source: CoinMarketCap

Polygon has also integrated with large credit card providers. On April 29, global payments giant Visa expanded its stablecoin pilot to include support for Polygon Base, the Canton Network, Arc and Tempo.

Launched by Visa in 2023, the pilot allows partners to settle transactions through stablecoins rather than traditional banking rails, to evaluate whether stablecoins can offer faster settlement.

Magazine: Will the CLARITY Act be good — or bad — for DeFi?

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.