1 hour ago
A Dune Analytics study shows that astir fractional of Layerzero applications trust connected the lowest level of DVN security. The findings rise concerns astir cross-chain hazard pursuing caller exploits.
Key Takeaways
- Dune Analytics recovered 47% of 2,665 Layerzero apps usage 1-of-1 DVN, raising information risks.
- KelpDAO rsETH exploit highlights however minimal setups tin exposure cross-chain vulnerabilities.
- Only ~5% usage 3+ DVNs, suggesting stronger configs whitethorn emergence arsenic scrutiny increases.
Most Layerzero OApps Rely connected Basic DVN Security Configurations
Nearly fractional of applications built connected Layerzero are operating with the lowest level of information configuration, according to caller information from Dune Analytics, highlighting imaginable vulnerabilities successful cross-chain infrastructure.
The analysis, conducted implicit the past 90 days, reviewed astir 2,665 unsocial omnichain exertion (OApp) contracts and their usage of Layerzero’s Decentralized Verifier Network (DVN). It recovered that 47% of these applications trust connected a 1-of-1 DVN setup, the minimum threshold required to validate cross-chain messages.
Another 45% usage a 2-of-2 configuration, portion lone astir 5% employment much robust setups requiring 3 oregon much autarkic verifiers. The findings travel successful the aftermath of the KelpDAO exploit, which has drawn renewed scrutiny to however cross-chain protocols negociate security.
KelpDAO’s rsETH product, which was affected successful the incident, falls wrong the lowest 1-of-1 category, according to the data.
Layerzero’s DVN exemplary allows developers to take however galore autarkic verifiers are required to corroborate transactions crossed chains. While this flexibility enables customization based connected outgo and performance, it besides introduces trade-offs betwixt ratio and security.
A 1-of-1 configuration, for example, relies connected a azygous verifier, creating a imaginable azygous constituent of failure. Higher configurations administer spot crossed aggregate parties but tin summation operational complexity and cost.
Dune’s dashboard provides a elaborate breakdown of however applications configure these parameters crossed antithetic chains, assets, and projects. The information presented didn’t fertile oregon delegate information scores, arsenic the steadfast noted that DVN number unsocial does not afloat specify a protocol’s hazard profile.
Other factors, specified arsenic the independency of verifier operators, optional information thresholds, and the worth of assets being transferred, besides play a role. Still, the prevalence of minimal configurations suggests that galore developers prioritize simplicity and outgo implicit redundancy.
The findings underscore a broader situation successful decentralized finance, wherever infrastructure flexibility often shifts work for information decisions to developers. In practice, this tin pb to uneven standards crossed the ecosystem. For now, the information constituent to a strategy successful which baseline information remains wide adopted, adjacent arsenic the risks associated with it go much visible.
English (US) 