- LayerZero (ZRO) token has witnessed a significant surge in price over the past week, as the token’s price surged by 52%.
- Security concerns around the LayerZero protocol raised concerns.
LayerZero Token ZRO To The Moon?
Regardless of ZRO’s price rise, Bitcoinworld’s analysis of Santiment’s data indicated that its Network Growth had declined, indicating that new users were losing interest in the token at the time of writing.
Coupled with that, the Velocity had fallen, which was indicative of the fact that the frequency at which ZRO was trading at, had slowed down.
Some Challenges For LayerZero
Along with these factors, conversations around security vulnerabilities of the Layer Zero protocol could cast a pall over the ZRO token.
0x52’s inspection of the UXDProtocol under the SherlockDefi program uncovered potential issues with LayerZero.
Specifically, the user claimed that the Layer Zero endpoint contract, responsible for message flow between protocols, lacked restrictions on message size and destination addresses.
This vulnerability creates a potential exploit. A malicious actor could send a message with an excessively large destination address, intentionally causing errors within the contract.
These errors could disrupt communication between different blockchain networks, potentially leading to significant financial losses for affected protocols relying on LayerZero’s functionality.
According to 0x52, this vulnerability could affect many protocols using LayerZero, especially those involving both EVM (Ethereum [ETH] Virtual Machine) chains and non-EVM chains like Solana [SOL], which use different address sizes.
A Rebuttal
However, LayerZero Labs wasn’t taking these accusations lying down. Bryan Pellegrino, the co-founder and CEO, stepped forward to address 0x52’s concerns.
He argued that the ability for applications to configure payload limits was a deliberate design choice made with a specific purpose in mind.
Pellegrino explained that imposing a fixed limit on message size could introduce the possibility of censorship, which directly contradicts LayerZero’s core goal of fostering a censorship-resistant system.
Pellegrino further clarified the situation by highlighting the vintage of the code referenced by 0x52. He emphasized that it belonged to 2022 and was related to application configuration, not the core protocol itself.
This distinction is crucial, as it implies the vulnerability doesn’t lie within the fundamental workings of LayerZero.
Pellegrino went on to explain that the payload size limit functions as part of an application’s security settings, granting individual applications the power to adjust it according to their specific needs.
This is entirely baseless. First off, all of the code you're referencing was pushed in 2022. Secondly, all of this is app-config not protocol config.
payload size limit is a part of the apps’ security configuration. It is setting the DVNs. even in the latest version, the app… pic.twitter.com/HyleAhP4U3
— Bryan Pellegrino (臭企鹅) (@PrimordialAA) July 1, 2024
After hearing about this response, 0x52 deleted all their previous tweets and agreed with Pellegrino.
I have deleted my prior posts. I should have further validated all aspects before posting.
Apologies to @LayerZero_Labs. Many thanks to @PrimordialAA for doing what I failed to do and for correcting my mistake.
— 0x52 (@IAm0x52) July 1, 2024
The Weighted Sentiment around ZRO was negative at press time, however, there was a significant improvement in the overall outlook around the protocol, compared to the last few weeks.
If sentiment continues to improve, it could be reflected in ZRO’s price movement as well. At press time, ZR was trading at $3.89.
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.