Original title: LayerZero v2- Industry Intel
Original author:revelointel
Original source: https://revelointel.com/
Compiled by: Mars Finance, Daisy
Table of contents
introduce
Key Takeaways
background
Introduction to LayerZero
Requirements for LayerZero v2
The universal language of blockchain
LayerZero V2 Introduction
Core protocol design
General semantics
Application-level security
Competitive Landscape
$ZRO
Protocol and Token
in conclusion
statement
introduce
We live in a multi-chain world, with multiple L1s and L2s, each with its own set of trade-offs and properties. However, as the number of chains continues to increase, liquidity is fragmented across multiple places, forcing users to “bridge” assets from one chain to another.
Key Takeaways
LayerZero aims to solve the problem of liquidity fragmentation in the current multi-chain environment. It is not a messaging standard or a L1 blockchain. It is a protocol that prioritizes immutability, censorship resistance, and permissionlessness, embedding these values into its core architecture.
By operating as a messaging protocol, it allows for various types of cross-chain interactions beyond mere asset transfers, as arbitrary data can be passed from one chain to another.
V2 introduces a modular approach to security that differentiates between intrinsic security (core protocol code) and extrinsic security (infrastructure), thereby providing a customizable and adaptable security framework based on the specific needs of different applications.
The main upgrade of LayerZero V2 compared to V1 is the separation of security and execution. V2 integrates an additional verification step that ensures that messages are independently verified before execution.
With v2, the protocol continues to align with the vision that each layer 1 or layer 2 blockchain should leverage its unique strengths and interoperate with other blockchains, envisioning a transition from a world of isolated chains to a world where chains are interconnected within a larger network (the full chain network).
background
Bridges are one of the most commonly attacked infrastructures by malicious actors. Not only do they hold a large number of assets, but they also have a large number of vulnerabilities. According to the Rekt rankings, six of the top ten crypto hacks involved bridge vulnerabilities, highlighting the importance of the security of these systems. Data from DefiLlama reports that of the $5.79 billion hacked in the DeFi field, $2.83 billion (49%) can be attributed to bridges.
Since its launch on March 17, 2022, LayerZero has successfully processed millions of messages involving billions of dollars in assets across more than 40 blockchain networks without any security breaches. This is not due to good luck, but because LayerZero provides a solution without storing assets in a bridge that may be attacked.
Unlike traditional bridges that require locking or wrapping tokens, LayerZero is a messaging protocol that focuses on unifying liquidity between different blockchain networks. At its core, it enables communication between different blockchains, not just asset transfers.
Source: LayerZero White Paper v1.0
The way it works is by listening to events occurring on chain A, passing them to chain B, verifying that the message is correct, and executing the instructions of the message (which can be asset transfers, state mutations, function calls...).
In the case of a simple cross-chain swap, we want to exchange token A on chain X for token B on chain Z. It will destroy token A on chain X and mint token B for you on chain Z. There are no wrapped assets. No tokens are held on the bridge. This is achieved through contract standards that provide developers with out-of-the-box functionality. For example, the OFT20 standard is an extension of ERC20 that helps reduce development time.
It’s important to understand that LayerZero is not a messaging standard or a L1 blockchain. It’s a protocol that prioritizes immutability, censorship resistance, and permissionlessness, and embeds these values into its core architecture.
Source: LayerZero Twitter
First, LayerZero’s core smart contracts cannot be modified, minimizing trust in the core development team. Once deployed, the rules of the game cannot be changed. Every piece of core protocol code is non-upgradeable.
Secondly, LayerZero v2 distinguishes between "verification" and "execution", ensuring that the parties involved in each process are independent and there is no risk of collusion. This functional separation is very important to reduce the surface area for malicious actors to attack the system. A single message can only be executed after it has been verified.
Third, it is a permissionless protocol that anyone can access without asking for permission. Since it is a protocol, anyone can run the infrastructure required to verify and execute cross-chain messages. Imagine a hypothetical scenario where every project developer or infrastructure provider stops running their service. In this case, anyone can step in and continue working from where they left off.
Similar to TCP/IP (the underlying protocol that enables different computers to communicate over the internet), LayerZero aims to be the TCP/IP of blockchain.
Source: LayerZero Twitter
Just as TCP/IP was critical to the development of the internet by standardizing communication between computers, LayerZero seeks to standardize cross-chain interactions, thereby solving the challenge of fragmented liquidity in the current multi-chain world.
Introduction to LayerZero
LayerZero’s core proposition lies in its ability to function as an agnostic protocol, enabling application developers to facilitate messaging between different chains.
This functionality is critical for creating cross-chain applications, eliminating the need for trusted intermediaries or custodians. For example, a DeFi platform using LayerZero could allow users to deposit collateral on one chain and take out loans on another.
Adhering to the philosophy that each layer 1 or layer 2 blockchain should leverage its unique strengths and interoperate with other blockchains, LayerZero’s vision is to transition from a world of isolated chains to a world where chains are interconnected within a larger network - the Omnichain.
Source: LayerZero White Paper v1.0
By unifying liquidity and facilitating seamless communication, each blockchain can complement the other, forming a more powerful collective ecosystem.
Requirements for LayerZero v2
In v1, LayerZero’s functionality is supported by two key off-chain components: oracles and relayers. These elements work together to facilitate communication between blockchains. Oracles monitor activity on one chain and communicate this information to another, while relayers are responsible for the actual data transmission and execution.
Source: LayerZero Twitter
Since its inception, LayerZero v1 was designed with the expectation that teams would be able to manage their own relay infrastructure and choose custom oracle configurations. However, the situation has proven to be more complicated, with multiple teams choosing to trust the “default configuration”.
In reality, there is a lot of complexity involved in operating a relayer. Specifically, the role of a relayer involves handling 50+ chains, a large number of gas abstraction paths, processing billions of RPC calls, and millions of messages. Building DeFi protocols is difficult enough, and managing the additional overhead of operating relayers is too much work for DeFi projects. Although LayerZero is designed to be trustless, the team often defaults to relying on trusted entities such as Chainlink, Polyhedra, Google Cloud, and LayerZero Labs.
Source: LayerZero Twitter
To understand why and why LayerZero v2 was developed, it’s key to note that in the original version of LayerZero (V1), relayers handled both security (verifying messages on the target chain) and executing transactions.
Although a repeater's dual duty does not cause any issues in a production environment, there is a risk that the repeater may experience downtime. If this happens, the message cannot be executed.
LayerZero V2 marks a major evolution by distinguishing between verification and execution — each managed by a separate party. This concept is called “decoupling liveness and execution from security.”
In v2, since message validation and execution are separated, liveness issues do not arise at the core protocol level, as execution is a permissionless role outside of the protocol and validation process.
Source: LayerZero Twitter
Separating liveness from security allows for a more robust security framework that leverages a “multi-signature” approach with veto power for added security. This change gives developers and protocol teams more control over security configurations to suit their specific needs.
For context, critics in the past have compared the oracle/relay setup to 2/2 multisig. While that comparison is also inaccurate, v2 introduces what is known as the “X of Y of N” approach.
X of Y of N allows applications to arbitrarily combine DVNs. For example, a "1 of 3 of 5" DVN combination would include one required DVN and two arbitrary DVNs out of a total of five that are used to validate the message before continuing. This means that if two of the five DVNs outside of the required DVNs are unresponsive, message flow can continue. This addresses the assumed risk in v1 that relays could experience downtime.
Source: LayerZero Twitter
In V2, the execution of transactions is shifted to the end-user, reinforcing the permissionless nature of transactions. The idea behind this self-executing model is to ensure that operations can be registered without the need for intermediaries while providing gas abstraction for the end-user.
Source: LayerZero Twitter
The universal language of blockchain
LayerZero is the lingua franca of blockchains, bridging liquidity between a variety of different chains, including EVM, Solana, and Move-based chains. This model is particularly user-friendly because it simplifies complex processes such as bridging assets between chains with different gas requirements and execution environments.
To understand why this is important, consider use cases like depositing collateral on one chain to mint a stablecoin or borrow on another chain (e.g., Gibberish and Cassava), or accessing a name service like ENS, but that is accessible on multiple chains (e.g., Swarm).
Source: LayerZero White Paper v2.0
The protocol design has not changed fundamentally and continues to operate by listening to events and transferring state or funds across chains.
That being said, you should note that there are two components involved to make this happen: the LayerZero protocol and the associated infrastructure.
On the one hand, the LayerZero protocol remains unchanged on every supported chain and is considered “intrinsic” — these are contracts that exist forever (immutable), anyone can build on top of them (permissionless), and enforces verification and execution of transactions in a censorship-resistant manner.
On the other hand, infrastructure is needed to validate and execute messages. This is an external component. This stack is permissionless and anyone can become an infrastructure provider. Individual applications can therefore choose the type of validation methods they feel are appropriate, and the type of entities they trust and are willing to pay for execution.
More importantly, by remaining protocol agnostic, LayerZero can seamlessly integrate any chain, regardless of its specific requirements. This remains a challenge for many interoperability protocols, which are often limited by their execution environment, i.e. only supporting interoperability across EVM-compatible chains, only supporting interoperability across L2s built on a specific stack, only supporting L3s built on top of L2s, etc.
By design, LayerZero acknowledges that validation algorithms and blockchain designs will continue to evolve. Therefore, as an agnostic protocol, it must be flexible enough to adapt to these changing conditions. This is achieved by making append-only additions to endpoints. Once added, they cannot be removed. Therefore, they remain unchanged while still allowing the protocol to upgrade validation methods when necessary.
Developers will never be forced to accept or update to the new MessageLib, just like you will never be forced to use Uniswap v3 instead of the initial Uniswap v1 version.
LayerZero V2 Introduction
At the core of LayerZero V2 is a modular security model that separates security into intrinsic and extrinsic components.
Intrinsic security ensures lossless, once-and-final delivery of data packets.
External security, on the other hand, is adaptable and can evolve with new capabilities and verification algorithms.
This ensures long-term, reliable intrinsic security while allowing applications to tailor their external security levels to their needs and budget.
In general, LayerZero V2’s protocol integrity is divided into four aspects: channel validity, channel liveness, data validity, and data liveness. The Omnichain Messaging Protocol (OMP) handles the first two aspects, while the integrity of the underlying chain ensures the latter two.
Source: LayerZero White Paper v2.0
Core protocol design
The protocol runs through immutable smart contracts called "endpoints." They are the main interface between blockchains in the Omnichain network, acting as gateways for information and transaction flows. Endpoints are deployed on each chain and handle core protocol functions such as packet transmission and censorship resistance.
Once deployed on-chain, their code cannot be changed. They serve as a common interface to enable cross-chain communication. While immutable, the functionality of Endpoints can be extended by appending only libraries, allowing developers to follow the most advanced standards at all times.
Source: Revelo Intel
Keep in mind that the original vision was to redefine blockchain communication, moving from isolated systems to interconnected networks. Therefore, the protocol must guarantee that endpoints can handle packets that arrive out of order without losing data. This is critical in an environment involving multiple heterogeneous chains with different transmission times (note that each chain has its own specific block time and finalization time).
All of these properties are guaranteed by the intrinsic security of the protocol, represented by Endpoints and MessageLibs. However, to fully build scalable, secure, and fast cross-chain applications, external infrastructure that can interact with the underlying protocol is required. This is where the concept of external security comes in.
In terms of external security, we find different infrastructure components: the Decentralized Verification Network (DVN), the Executor, and the security stack.
The DVN is responsible for validating cross-chain messages. This is a permissionless role, and any entity that is able to validate cross-chain data can join LayerZero and start participating as a DVN. These can be native layer 2 bridges, oracles, third-party bridges, or any other validating system. Some names you may recognize that perform this function are Axelar, Chainlink, Gitcoin, Google Cloud, and Tapioca.
Once validation is complete, the next step is execution. In this regard, LayerZero V2 allows applications to choose their own executor, which is responsible for quoting and managing transaction complexity. The simplicity of running an executor compared to a relayer encourages competitive pricing and quality of service.
Similar to DVN, any entity can run an executor as it is also a permissionless role. Not only do they ensure that messages are executed smoothly, but they also abstract away all the complexities associated with handling gas payments on different chains. The executor does this by referencing the end user on the source chain in the source chain gas tokens while automatically executing the transaction on the target chain.
General semantics
From the above, it can be seen how the strategic separation of execution and security enhances the resilience and reliability of the protocol.
Once the message is verified, either party can execute the transaction.
Applications can choose the execution order based on their priority, such as throughput optimization for gaming applications or sequential ordering for DeFi applications.
These principles address fundamental flaws in existing cross-chain messaging services, such as a single security model and over-specialization, and provide a powerful framework for secure and efficient interoperability.
It’s important to note that LayerZero assumes that developers will choose a security stack that fits their specific use case. As a protocol, it simply enables a competitive marketplace with the ultimate goal of applications being able to run their entire infrastructure. However, until there is sufficient demand, they will manage costs accordingly. Therefore, there is a trade-off between security and demand for applications - each application is responsible for the costs it wants to incur.
Source: LayerZero White Paper v2.0
This flexibility ensures that the addition or modification of functionality does not compromise the security of message transmission.
Source: Revelo Intel
Together, these components form a two-tier architecture, which we distinguish between an execution layer and a validation layer.
Source: Revelo Intel
From a more granular perspective, LayerZero messages consist of two main parts: payload and path. These messages are converted into packets before being sent across the network. This process is critical to ensuring that information can be efficiently transmitted across the mesh network.
Once these packets reach the target blockchain, they go through a validation process. This is done by a validation layer specific to that blockchain.
Source: LayerZero White Paper v2.0
After successful verification, the data packet is committed as lossless, ensuring that no data is lost during transmission.
Source: LayerZero White Paper v2.0
The next step involves the delivery of these authenticated packets. This function is responsible for processing incoming packets on the target chain.
Source: LayerZero White Paper v2.0
Note how this design ensures that even if the DVN encounters problems or the executor stops delivering messages, the OApp can still recover its functionality. It can do this by adjusting its security stack or having another entity step in to deliver packets.
Source: LayerZero White Paper v2.0
Application-level security
LayerZero’s design includes a feature called PreCrime, an off-chain application-level security mechanism that adds an additional layer of packet filtering to existing protocols.
OApps can use PreCrime to detect and filter out authenticated but potentially harmful messages, such as those that may trigger failures at the OApp level.
Source: LayerZero White Paper v2.0
PreCrime works by allowing a subset of peers in an OApp (which may include some or all of the OApp’s contracts) to enforce security invariants.
This is achieved by simulating packet delivery results and checking them against criteria related to the functional and security requirements of the OApp. If any peer reports a violation of these invariants, the off-chain worker will stop the delivery of the corresponding packet.
For example, in a token bridge scenario across three chains (Chain A, Chain B, Chain C), suppose Chain A is attacked and attempts to mint more tokens on Chain B without locking the corresponding assets. PreCrime detects this discrepancy by comparing the total amount of tokens minted (∑mint) with the total amount of liquidity locked (∑lock) across all chains. If it is found that ∑mint exceeds ∑lock due to unauthorized minting on Chain B, PreCrime intervenes to prevent this malicious behavior.
It is important to note that PreCrime is not designed to enhance LayerZero’s core protocol security. It does not address data integrity issues that may be caused by malicious DVNs or blockchain-level failures. Instead, its primary role is to provide an additional layer of protection at the application level, complementing existing security measures in the LayerZero protocol.
This flexibility in the security stack is very beneficial to developers. For example, if a DVN fails or is hacked, OApp can change its security stack to require signatures from other DVNs. This impartial stance on verification is a design choice, unlike most other messaging protocols, which typically only offer a single security configuration.
Competitive Landscape
LayerZero stands out in the interoperability space due to its agnostic design, which allows it to evolve in two main ways:
Expanding chain support: by increasing the number of blockchain networks it supports.
Encouraging Omnichain dApps (OApps): By attracting more decentralized applications (dApps) running across multiple chains while maintaining unified liquidity.
This creates a positive feedback loop: as LayerZero supports more chains, it becomes increasingly attractive for applications to integrate with them.
LayerZero’s ability to connect chains between different compatibility groups (e.g. EVM chains, MoveVM chains, Solana, etc.) further enhances this appeal.
With V2, LayerZero is radically different from other interoperability protocols, which typically focus on either validation or execution. As a result of this upgrade, LayerZero separates liveness from execution, covering a wider range of functionality. This separation is a deliberate design choice and not just a simple combination of existing cross-chain messaging systems.
A significant advantage of LayerZero is the developer experience it offers. LayerZero Labs provides tools and libraries that allow development teams to choose the level of security they need based on their preferences and cost considerations. This flexibility and scalability makes LayerZero particularly attractive to developers who are not limited to a one-size-fits-all solution.
Additionally, while LayerZero Labs provides default configurations to simplify the development process, these are just default options. Unlike other cross-chain protocols that only provide default settings, LayerZero enables developers to customize their configurations and parameters.
For example, with the exception of IBC, Hyperlane, and a few others…most cross-chain protocols rely on inflexible shared security models that require a single monolithic end-to-end security model (such as validator sets, oracles, intermediate chains, etc.) to be updated to include new chains.
This means that even in the worst case scenario (using the protocol with default configuration), LayerZero provides what would be considered a best case scenario in any other messaging protocol.
It is important to note that these default settings do not affect the basic working of the protocol. They provide developers with a standard implementation to get started with, providing a foundation for customization and extension.
$ZRO
You can already understand that LayerZero is designed to be anti-fragile and decentralized, avoiding control by centralized entities like LayerZero Labs. This is further reinforced by the immutability of its endpoints.
In fact, the protocol currently operates similarly to standard web protocols such as SMTP, FTP, and HTTP, which are free to use and build upon. LayerZero is currently token-free, allowing dApps to be built freely, which is consistent with LayerZero Labs’ position of not discussing token-related matters.
However, LayerZero Labs has confirmed that it will introduce tokens.
Source: LayerZero Twitter
The developer documentation includes a section on estimating message fees, highlighting three types of fees: oracle fees, relayer fees, and LayerZero fees.
Source: LayerZero documentation
As v2 rolls out, these will likely evolve into validator fees, executor fees, and LayerZero fees.
It is reasonable to speculate that validator fees will be collected by the Decentralized Validation Network (DVN), executor fees by executors, and LayerZero fees will likely go into the protocol treasury, with token holders likely claiming a portion of that.
This fee structure fosters a competitive environment, with profit margins decreasing as more validators and executors join the network. As messages pass between chains, the protocol accumulates fees from all interactions, remaining agnostic to the content of messages as validators and executors perform their duties.
Protocol and Token
While LayerZero’s potential monetization via the $ZRO token differs from traditional network protocols, there are compelling reasons for this approach.
Tokens can help protect public infrastructure and prevent malicious actors, while revenue flows to token holders or protocol treasuries.
Unlike traditional web protocols that are governed by standards bodies, Web3 protocols can employ community-based or decentralized governance, where token holders can influence upgrades and changes to the core protocol.
Monetizing protocols through transaction fees also gives protocol tokens intrinsic value, creating cost barriers to acquiring significant governance power and preventing centralization. For example, due to Ethereum’s high valuation and widespread token distribution, the cost of acquiring control of Ethereum governance by purchasing tokens is prohibitively high.
Therefore, while Web3 protocols are open and permissionless, monetizing them can help manage fee distribution. Sharing fees with compliant applications can promote positive-sum behavior, incentivize rule compliance, and deter spammers and bad actors, thereby indirectly protecting the protocol.
in conclusion
With V2, LayerZero is poised to become a cornerstone in the world of blockchain interoperability, similar to how TCP/IP is to the internet.
This upgrade marks a major step toward creating infrastructure that standardizes and secures communications across different blockchain networks.
By decoupling liveness from execution, the protocol significantly increases its resistance to censorship. This development could set a new standard for immutable and permissionless protocols, suggesting that such systems should not only be decentralized but also potentially governed by tokens.
statement
Revelo Intel has never had a commercial relationship with LayerZero and this report was not paid or commissioned in any way.
Members of the Revelo Intel team, including those directly involved in the analysis above, may have a position in the tokens discussed.
This content is for educational purposes only and does not constitute financial or investment advice. You should do your own research and only invest what you can afford to lose. Revelo Intel is a research platform, not an investment or financial advisor.
