Skip to content
- The Lazarus Group targeted internal LayerZero Labs systems, but the core protocol remained secure throughout the event.
- LayerZero Labs is moving away from managing default security settings, urging developers to “pin” their own configurations to avoid single points of failure.
- A historical multisig wallet error led to the removal of a signer and the creation of a new, custom security tool called OneSig.
LayerZero Labs recently broke a three-week silence to address a targeted cyberattack and internal management errors. Bryan Pellegrino, the company’s CEO, acknowledged that the team failed to communicate effectively during the crisis.
However, while the LayerZero protocol remained untouched, the internal Decentralized Verifier Networks (DVNs) were attacked by the Lazarus Group, a hacker organisation that receives backing from the state. The hackers poisoned the internal source of truth by attacking the labs’ internal infrastructure at the same time as mounting a DDOS attack on their external infrastructure providers.
The combination of both attacks resulted in an information blindspot. Incredibly, the team isolated the damage; the breach affected only 0.14% of applications on the network, representing 0.36% of the total funds locked.Nevertheless, the network has been able to move over $9 billion since mid-April.
LayerZero Shifts to End-to-End Decentralized Security
LayerZero’s philosophy centres around eliminating systemic risk by making sure every application owns the security stack from start to finish. Unfortunately, the team committed a grave mistake: they made their DVN solely responsible for validating important transactions.
In other words, LayerZero’s protocol created a “single point of failure,”, the exact vulnerability the protocol was supposed to mitigate. Security experts and blockchain analysts have frequently cautioned that depending on the “default” settings is not a good idea. In order to address this problem, LayerZero is stepping up its educational efforts to encourage developers to stop using the default settings that are provided by the labs for testing purposes.
Instead, the protocol recommends using three to five validators while keeping extremely strict block confirmation requirements. In this case, an application becomes entirely self-sufficient and independent of LayerZero Labs. In case the labs experience a downtime or are subjected to a cyberattack, user assets will stay intact.
OneSig and the Evolution of Protocol Security
The news also helped settle a longstanding issue surrounding a multisig wallet signer. About 42 months back, a company insider mistakenly employed a very secure protocol wallet for a private transaction. The company didn’t worry about the lost protocol funds, but the breach proved significant enough to trigger a complete revamp of its inner workings.
Management dismissed the offending individual and moved toward improved security measures. They added localised anomaly detection to their signing devices and completed the development of “OneSig”, a customised multisig architecture.
Such improvements are indicative of the company’s commitment to higher levels of security, especially when dealing with over $260 billion in lifetime volume. Future developments will center on “immutability” and “permissionless” execution to ensure these systems completely phase humans out of the security chain.
Also Read: Bitcoin Faces Critical Moment as Analyst Warns of Massive BTC Breakdown Risk
