Back to the list

LayerZero Hit With Hefty Backlash After ‘Frontrunning’ Lido Governance

source-logo  decrypt.co 27 October 2023 11:58, UTC

A bridge too far it seems for LayerZero.

After announcing it would integrate a wrapped version of Lido’s ever-popular staked Ethereum token, the team behind the cross-chain protocol was hit with hefty backlash from the Lido community.

The wrapped version of stETH is an ERC-20 version of the original blend stETH, making it easier to be reused in other applications. Lido Finance is a popular staking protocol.

This is what LayerZero had integrated on Wednesday across BNB Chain, the buzzy layer-2 network Scroll, and Avalanche.

Why Ethereum Bulls Are Turning to LSD

But why the backlash exactly?

Well, first and foremost, they didn’t ask first apparently, circumventing the governance powers that oversee the smooth operation of Lido Finance.

Often, when a decentralized finance (DeFi) project wants to make a change to the project, it first seeks approval from members of its decentralized autonomous organization (DAO) who vote for or against the change using their governance tokens. Lido's governance token, for example, is LDO.

“Honestly shocked by LayerZero’s move here,” wrote bridging project Socket’s growth lead Lito Coen. “Completely frontrunning LidoDAO's governance process and its network expansion team to deploy a wstETH version to Scroll, BNB chain and Avalanche.”

Simultaneous with the technical implementation, LayerZero did actually introduce a governance proposal to approve the integration and transfer bridge ownership to LidoDAO.

However, a LidoDAO representative told Decrypt that the decentralized organization was not aware of the integration.

The staking protocol tweeted yesterday that the LayerZero “bridge is not canonical and has not been audited or endorsed by the Lido DAO” and advised “extreme caution” when using the bridge.

Beyond “frontrunning” governance, others in the Lido community pointed to security concerns around LayerZero’s design.

Security concerns around LayerZero

LayerZero is a complicated beast, but understanding its architecture in broad strokes can also make clear some of the concerns raised by those in the Lido community.

When the bridging protocol integrated wstETH, they basically made it available as an Omni-chain Fungible Token (OFT). This token standard is what allows tokens from different networks to interact with one another through LayerZero.

In the process of transferring tokens, it creates a new token on the bridged side, whose supply is based on the amount of assets bridged through LayerZero.

LayerZero Raises $135M From Andreessen, FTX, Sequoia to Build Out 'Omnichain' Protocol

If a user were to send 1 wstETH token from Ethereum to Avalanche, for example, it’s not technically the exact same token. Instead what is happening is LayerZero is custoding the original wstETH token in a smart contract and then minting an Avalanche-compatible representation on the other side.

When the user decides to move that representation back to Ethereum, the LayerZero protocol then destroys that representation before returning the original wstETH token.

This, in a nutshell, is what is understood as a “mint-and-burn” bridge. This mechanism isn’t without its risks, though.

Hart Lambur, a LidoDAO community member and co-founder of UMA Protocol wrote, “This means that if this messaging layer is ever corrupted, there is the possibility of an unlimited mint of wstETH.”

Additionally, the security of LayerZero’s OFT-based tokens is dependent on LayerZero’s native validators. That’s not the case with other layer-2 networks like Arbitrum and Optimism, which already have wstETH added to the ecosystem via a native bridge.

Independent DeFi analyst Arixon tweeted that layer-2 blockchains are supposed to provide a “trustless bridge to layer-1; you lose this with OFT.”

DefiYaco, a business development lead at LidoDAO, agreed with Arixon’s point in the LidoDAO discussion forum saying that “wstETH should be by default minted with the native bridge.”

He added, “using any other bridge provider without a strong case for it just adds more risk.”

LayerZero drops Scroll

To make amends, the bridging protocol appears to be backtracking on at least one integration.

A LayerZero representative said in a reply on LidoDAO’s governance proposal, “we recognize the preferences of the DAO regarding native bridges and L2s,'” before removing LayerZero’s wstETH token from Scroll Network.

The representative added that they “strongly agree” with the DAO regarding the preferences of both users and protocol developers for native bridges over those built by LayerZero.

Edited by Liam Kelly.