L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!
LayerZero v2 OFTs
About
This page gathers significant Omnichain Fungible Tokens (OFTs) built on top of LayerZero v2 AMB protocol.
About
This page gathers significant Omnichain Fungible Tokens (OFTs) built on top of LayerZero v2 AMB protocol.
This page gathers significant Omnichain Fungible Tokens (OFTs) built on top of LayerZero v2 AMB protocol.
Risk associated with using any OFT varies, depending on the technological decisions (OApp configuration and security stack) made by the developers. LayerZero as a framework to build omnichain application does not provide any base security as applications can define their own security settings, however applications and tokens choosing the default security settings will leverage security provided by the current default Verifiers and Executor. Default settings are managed by LayerZero team.
Funds can be stolen if
- the OApp owner upgrades the OFT(Adapter) contract maliciously (CRITICAL),
- the Executor and the Verifiers collude to submit fraudulent block hash and relay fraudulent transfer (CRITICAL),
- the OApp owner changes the security stack maliciously (CRITICAL),
- there is no custom security stack configured and the LayerZero Multisig changes the default security stack maliciously.
Users can be censored if
Principle of operation
Omnichain Fungible Tokens (OFTs) are individually configurable Token Bridges. This means that an asset is usually locked or burned at its origin to start the bridging. Then a witness event of this is emitted, verified and relayed to the destination by third verfiiers. Finally, a permissioned Executor submits a transaction at the destination chain to mint the bridged asset.
The shared feature among all OFTs is the messaging interface, which always uses the LayerZero message protocol (or arbitrary message bridge, AMB). Apart from the OFT standard provided by LayerZero, which extends the ERC-20 standard, implementation details are highly customizable and vary widely.
Each OFT is a LayerZero OApp and can be configured to use custom security settings when interacting with the AMB. Among these OApp configuration parameters are the DVN(s) (who will read and verify the interchain messages), the executor (who will deliver and execute the transaction on the destination chain), and the minimum block confirmations needed. These can be set by the Oapp / OFT owner or a delegate that they can define in the EndpointV2 contract. Additionally, the OFT owner can often use other admin functions on the OFT contract that are specific to the ERC-20 implementation (similar to other ERC-20 tokens, like arbitrary minting or pausing functions) and not related to LayerZero.
OFTs can either be natively multichain or they can use an adapter. Native OFTs are burned at their origin and minted at their destination when bridging. Adapter OFTs have a main chain, where they are locked in an adapter escrow. This mints a ‘native’ OFT version of the locked token that can then be bridged on all chains by burn-minting. To receive the original locked token back, a user would have to return to the main chain and unlock it from the adapter escrow.
Funds can be stolen if the OApp owner upgrades the OFT(Adapter) contract maliciously (CRITICAL).
Configurable Verifiers
Each crosschain transaction is emitted on the origin chain and must be picked up and verified by preconfigured verifiers (LayerZero calls these DVNs). If they agree on a message, it is considered verified and can be executed by a permissioned Executor at the destination.
Users can be censored if the executor or all required verifiers fail to facilitate the transfer.
Funds can be stolen if the Executor and the Verifiers collude to submit fraudulent block hash and relay fraudulent transfer (CRITICAL).
Funds can be stolen if the OApp owner changes the security stack maliciously (CRITICAL).
Funds can be stolen if there is no custom security stack configured and the LayerZero Multisig changes the default security stack maliciously.
The system uses the following set of permissioned addresses:
This is a Gnosis Safe with 2 / 5 threshold. The owner of EndpointV2, both Uln302 and Treasury. Can register and set default MessageLibraries and change the Treasury address.
Used in:
Those are the participants of the LayerZero Multisig.
Messages passed through the LayerZero AMB are, by default, sent to the destination chain by this Executor. This can be changed by the respective OApp owner.
The system consists of the following smart contracts on the host chain (Ethereum):
The central Endpoint contract for LayerZero v2 on Ethereum. OApps like OFT adapters or token contracts register with this Endpoint to define their send and receive libraries and LayerZero-related configurations.
The default send library for the LayerZero EndpointV2. This contract defines a framework and configuration options for sending messages across the LayerZero Arbitrary Message Bridge (AMB). It also accumulates fees configured by the OApp owners via the Treasury contract. New libraries can be added by the LayerZero Multisig.
The default receive library for the LayerZero EndpointV2. This contract defines a framework and configuration options for receiving messages across the LayerZero Arbitrary Message Bridge (AMB). New libraries can be added by the LayerZero Multisig.
The LayerZero Verifier delivers their verified messages through this contract. It is one of the default DVNs configured in the LayerZero EndpointV2.
The GoogleCloud Verifier delivers their verified messages through this contract. It is one of the default DVNs configured in the LayerZero EndpointV2.
Implementation used in:
The Polyhedra Verifier delivers their verified messages through this contract. It is one of the default DVNs configured in the LayerZero EndpointV2.
Manages fees and fee recipients for registered OApps. Fees accumulate in the sendLib and OApp owners can withdraw them.
Value Locked is calculated based on these smart contracts and tokens:
OFT adapter escrow for ENA on Ethereum.
OFT adapter escrow 1 for CYBER on Ethereum.
OFT adapter escrow 2 for CYBER on Ethereum.
OFT adapter escrow for TRESTLE on Ethereum.
OFT adapter escrow for Trestle Wrapped TIA on Ethereum.
OFT adapter escrow for PARAM on Ethereum.
OFT adapter escrow for WOO on Ethereum.
OFT adapter escrow for MYSO Token on Ethereum.
OFT adapter escrow for ether.fi wrapped eETH on Ethereum.
OFT adapter escrow for sFRX on Ethereum.
OFT adapter escrow for sfrxETH on Ethereum.
OFT adapter escrow for FraxShares on Ethereum.
OFT adapter escrow for Peapods Finance on Ethereum.
OFT adapter escrow for USDe on Ethereum.
OFT adapter escrow for staked USDe on Ethereum.
OFT adapter escrow for TaoBank token on Ethereum.
OFT adapter escrow for Dinero Staked ETH on Ethereum.
OFT adapter escrow for MAVIA on Ethereum.
OFT adapter escrow for Kelp DAO rsETH on Ethereum.
