Chainlink’s network just logged its busiest stretch in eight months. On May 9, active addresses hit 282,170, followed by 264,090 the next day — a surge coinciding with a wave of decentralized finance protocols jumping from LayerZero to Chainlink’s Cross-Chain Interoperability Protocol (CCIP). The trigger: a $292 million exploit on April 18 that drained roughly 116,500 rsETH from Kelp DAO’s LayerZero-powered bridge.
Why the exodus
That exploit didn’t just cost Kelp DAO. It set off industry-wide security reviews of cross-chain configurations. Kelp DAO promptly announced plans to migrate to Chainlink CCIP. Then on May 7, Solv Protocol confirmed it would move over $700 million in tokenized Bitcoin to the same protocol. The message was clear: after a nine-figure loss, trust in LayerZero’s security model had taken a hit.
The numbers behind the spike
Santiment flagged that the activity spike reflects genuine protocol usage — not just speculative trading. Historically, similar real-use surges have preceded consistent price rises for Chainlink. Meanwhile, wallets holding between 100,000 and 10 million LINK have been quietly accumulating: they added 32.93 million LINK over the past 30 days. On top of that, roughly 13.5 million LINK was pulled from centralized exchanges within five weeks — a signal of growing investor demand.
What’s next
The question now is whether the migration trend speeds up. More protocols are likely weighing their cross-chain options after the April 18 incident. Chainlink’s CCIP is positioning itself as the safer alternative, but the real test will be whether the network can handle the load — and whether the whales keep buying. For now, the on-chain data says the shift is real.
