Key Takeaways
Dune Analytics discovered 47% of two,665 Layerzero apps use 1-of-1 DVN, elevating safety dangers.KelpDAO rsETH exploit highlights how minimal setups can expose cross-chain vulnerabilities.Solely ~5% use 3+ DVNs, suggesting stronger configs could rise as scrutiny will increase.
Most Layerzero OApps Depend on Primary DVN Safety Configurations
Almost half of purposes constructed on Layerzero are working with the bottom degree of safety configuration, in line with new knowledge from Dune Analytics, highlighting potential vulnerabilities in cross-chain infrastructure.
The evaluation, carried out over the previous 90 days, reviewed roughly 2,665 distinctive omnichain software (OApp) contracts and their use of Layerzero’s Decentralized Verifier Community (DVN). It discovered that 47% of those purposes depend on a 1-of-1 DVN setup, the minimal threshold required to validate cross-chain messages.
One other 45% use a 2-of-2 configuration, whereas solely about 5% make use of extra sturdy setups requiring three or extra impartial verifiers. The findings come within the wake of the KelpDAO exploit, which has drawn renewed scrutiny to how cross-chain protocols handle safety.
KelpDAO’s rsETH product, which was affected within the incident, falls inside the lowest 1-of-1 class, in line with the info.
Layerzero’s DVN mannequin permits builders to decide on what number of impartial verifiers are required to substantiate transactions throughout chains. Whereas this flexibility permits customization primarily based on value and efficiency, it additionally introduces trade-offs between effectivity and safety.
A 1-of-1 configuration, for instance, depends on a single verifier, creating a possible single level of failure. Greater configurations distribute belief throughout a number of events however can enhance operational complexity and value.
Dune’s dashboard gives an in depth breakdown of how purposes configure these parameters throughout completely different chains, belongings, and tasks. The information introduced didn’t rank or assign safety scores, because the agency famous that DVN depend alone doesn’t absolutely outline a protocol’s threat profile.
Different elements, such because the independence of verifier operators, non-obligatory safety thresholds, and the worth of belongings being transferred, additionally play a task. Nonetheless, the prevalence of minimal configurations means that many builders prioritize simplicity and value over redundancy.
The findings underscore a broader problem in decentralized finance, the place infrastructure flexibility typically shifts accountability for safety selections to builders. In follow, this may result in uneven requirements throughout the ecosystem. For now, the info level to a system wherein baseline safety stays extensively adopted, even because the dangers related to it turn out to be extra seen.
