FireHaux 🔥
3.9K posts





People still do not understand what this means Being in crypto for 10+ years and NEVER ever once in my life have I launched a coin I have to get this right. I will get this right. @RobinhoodCrypto get involved. get your KOLs involved. send your wallets for the last time.




ZECFi is Live in noir wallet 🛡️ . One click supply $ZEC as collateral . Swap directly in-wallet — no bridges, no friction. Powered by @rhea_finance, @near_intents and @NEARProtocol Chain Abstraction. ⛓️ noir wallet connect on x.rhea.finance live in 4 days. Download noir wallet here bit.ly/4nQjnv3




A ton of this is just completely untrue. 1) Kelp originally used the defaults which were MultiDVN or DeadDVN and manually migrated to a 1/1 config later 2) Almost 100% of the volume on a 1/1 config was rsETH 3) Not using a 1/1 for production applications is mentioned many times in the documentation. The defaults Kelp is referencing in their screenshot were multiDVN or DeadDVN, which force-rejects an application using the defaults at all and requires them to manually set configuration. rsETH was originally configured to use the default LayerZero configuration of a multiDVN setup of LayerZero Labs + Google: Here are the exact transactions where that happens Ethereum → Arbitrum: etherscan.io/tx/0xd7c864adb… at 2024-02-06 03:09:47 UTC Ethereum → Optimism: etherscan.io/tx/0x7075bfe9a… at 2024-02-06 03:09:59 UTC KelpDAO then manually changed these to 1/1 configs: For the original Feb 6 Ethereum routes to Arbitrum/Optimism, KelpDAO’s Ethereum contract switched from defaults to manual OApp-scoped config on 2024-04-01: Send-side manual config: etherscan.io/tx/0x7485c16c9… 2024-04-01 07:12:11 UTC Receive-side manual config: etherscan.io/tx/0x21e967c99… 2024-04-01 07:12:23 UTC From this point on, Kelp began deploying all of their configurations as 1/1 configs. Here is Kelp’s deployment on Unichain: Unichain → Ethereum was opened on 2025-04-01 18:55:41 UTC. Pathway-open / setPeer tx: uniscan.xyz/tx/0x31ea2b10a… The manual ULN config followed 6 seconds later in uniscan.xyz/tx/0xd8ef5416a…. During this time the Unichain -> Ethereum and Ethereum -> Unichain defaults were set to DeadDVN which is a contract which makes it impossible for any application to transact without manually configuring their DVNs, this was not possible on the defaults of this pathway. Here is the code in the DeadDVN (#code" target="_blank" rel="nofollow noopener">etherscan.io/address/0x747C…
) that specifically prohibits this. (Screenshot 1) This is called out many many times in the docs: 1. Integration Checklist — "Do" list - Last edited: 2025-11-26 (Nazreen) - Content: "Do: … Use more than one DVN for each production pathway instead of relying on a single DVN." - File: v2/tools/integration-checklist.mdx:244 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 2. Integration Checklist — "Don't" list - Last edited: 2025-11-26 (Nazreen) - Content: "Don't: … Configure only one DVN for a pathway and treat it as production‑ready." - File: v2/tools/integration-checklist.mdx:251 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 3. Integration Checklist — Defaults are not safe - Last edited: 2025-09-25 (Tino Martínez Molina) - Content: "Do not assume defaults are safe for production. Always check explicitly: getSendLibrary, getReceiveLibrary, and getConfig. If these resolve to defaults, confirm whether the defaults are valid for the intended pathway. Unintentional fallbacks to defaults are a common cause of blocked or failing pathways." - File: v2/tools/integration-checklist.mdx:126-128 - URL: #explicitly-set-message-libraries" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 4. Integration Checklist — Default fallback warning - Last edited: 2026-02-26 (migration; same wording predates it) - Content: "Warning: If no configuration is set, the OApp will fallback to the default settings set by LayerZero Labs." - File: v2/tools/integration-checklist.mdx:222-238 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 5. ONFT Quickstart — Production guidance - Last edited: 2025-02-20 (Radek Sienkiewicz) - Content: "DVN Settings: Use multiple DVNs in production to ensure message verification is robust." - File: v2/developers/evm/onft/quickstart.mdx:700 - URL: #security-considerations" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 6. ONFT Quickstart — Strong recommendation to configure - Last edited: 2025-03-10 (Radek Sienkiewicz) - Content: "We strongly recommend reviewing these settings carefully and configuring your security stack according to your needs and preferences." - File: v2/developers/evm/onft/quickstart.mdx:366 - URL: #configure-the-onft" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 7. Starknet FAQ — "Should I use multiple DVNs?" - Last edited: 2026-01-21 (Nazreen) - Content: ▎ Should I use multiple DVNs? ▎ Recommended for production. Multiple DVNs provide: ▎ - Increased security (multiple independent verifiers) ▎ - Resilience (no single point of failure) ▎ - Trust minimization - File: v2/developers/starknet/troubleshooting/faq.mdx:290-296 - URL: #should-i-use-multiple-dvns" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… Here are the exact recommendations we gave KelpDAO when asked about DVNs (typically 2/3) (Screenshot 2) Other LayerZero applications speaking on exactly what is advised by the team x.com/mitchellftracy… x.com/jasperflux/sta… For how much volume was actually configured on 1/1 here is the exact data. (Screenshot 3) We will publish a complete post-mortem as soon as the external security firms have completed it.
A ton of this is just completely untrue. 1) Kelp originally used the defaults which were MultiDVN or DeadDVN and manually migrated to a 1/1 config later 2) Almost 100% of the volume on a 1/1 config was rsETH 3) Not using a 1/1 for production applications is mentioned many times in the documentation. The defaults Kelp is referencing in their screenshot were multiDVN or DeadDVN, which force-rejects an application using the defaults at all and requires them to manually set configuration. rsETH was originally configured to use the default LayerZero configuration of a multiDVN setup of LayerZero Labs + Google: Here are the exact transactions where that happens Ethereum → Arbitrum: etherscan.io/tx/0xd7c864adb… at 2024-02-06 03:09:47 UTC Ethereum → Optimism: etherscan.io/tx/0x7075bfe9a… at 2024-02-06 03:09:59 UTC KelpDAO then manually changed these to 1/1 configs: For the original Feb 6 Ethereum routes to Arbitrum/Optimism, KelpDAO’s Ethereum contract switched from defaults to manual OApp-scoped config on 2024-04-01: Send-side manual config: etherscan.io/tx/0x7485c16c9… 2024-04-01 07:12:11 UTC Receive-side manual config: etherscan.io/tx/0x21e967c99… 2024-04-01 07:12:23 UTC From this point on, Kelp began deploying all of their configurations as 1/1 configs. Here is Kelp’s deployment on Unichain: Unichain → Ethereum was opened on 2025-04-01 18:55:41 UTC. Pathway-open / setPeer tx: uniscan.xyz/tx/0x31ea2b10a… The manual ULN config followed 6 seconds later in uniscan.xyz/tx/0xd8ef5416a…. During this time the Unichain -> Ethereum and Ethereum -> Unichain defaults were set to DeadDVN which is a contract which makes it impossible for any application to transact without manually configuring their DVNs, this was not possible on the defaults of this pathway. Here is the code in the DeadDVN (#code" target="_blank" rel="nofollow noopener">etherscan.io/address/0x747C…
) that specifically prohibits this. (Screenshot 1) This is called out many many times in the docs: 1. Integration Checklist — "Do" list - Last edited: 2025-11-26 (Nazreen) - Content: "Do: … Use more than one DVN for each production pathway instead of relying on a single DVN." - File: v2/tools/integration-checklist.mdx:244 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 2. Integration Checklist — "Don't" list - Last edited: 2025-11-26 (Nazreen) - Content: "Don't: … Configure only one DVN for a pathway and treat it as production‑ready." - File: v2/tools/integration-checklist.mdx:251 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 3. Integration Checklist — Defaults are not safe - Last edited: 2025-09-25 (Tino Martínez Molina) - Content: "Do not assume defaults are safe for production. Always check explicitly: getSendLibrary, getReceiveLibrary, and getConfig. If these resolve to defaults, confirm whether the defaults are valid for the intended pathway. Unintentional fallbacks to defaults are a common cause of blocked or failing pathways." - File: v2/tools/integration-checklist.mdx:126-128 - URL: #explicitly-set-message-libraries" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 4. Integration Checklist — Default fallback warning - Last edited: 2026-02-26 (migration; same wording predates it) - Content: "Warning: If no configuration is set, the OApp will fallback to the default settings set by LayerZero Labs." - File: v2/tools/integration-checklist.mdx:222-238 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 5. ONFT Quickstart — Production guidance - Last edited: 2025-02-20 (Radek Sienkiewicz) - Content: "DVN Settings: Use multiple DVNs in production to ensure message verification is robust." - File: v2/developers/evm/onft/quickstart.mdx:700 - URL: #security-considerations" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 6. ONFT Quickstart — Strong recommendation to configure - Last edited: 2025-03-10 (Radek Sienkiewicz) - Content: "We strongly recommend reviewing these settings carefully and configuring your security stack according to your needs and preferences." - File: v2/developers/evm/onft/quickstart.mdx:366 - URL: #configure-the-onft" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 7. Starknet FAQ — "Should I use multiple DVNs?" - Last edited: 2026-01-21 (Nazreen) - Content: ▎ Should I use multiple DVNs? ▎ Recommended for production. Multiple DVNs provide: ▎ - Increased security (multiple independent verifiers) ▎ - Resilience (no single point of failure) ▎ - Trust minimization - File: v2/developers/starknet/troubleshooting/faq.mdx:290-296 - URL: #should-i-use-multiple-dvns" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… Here are the exact recommendations we gave KelpDAO when asked about DVNs (typically 2/3) (Screenshot 2) Other LayerZero applications speaking on exactly what is advised by the team x.com/mitchellftracy… x.com/jasperflux/sta… For how much volume was actually configured on 1/1 here is the exact data. (Screenshot 3) We will publish a complete post-mortem as soon as the external security firms have completed it.


Wow. KelpDAO completely comes out and disproves all claims from LZ team about their liability. This is now confirmed an internal exploit of LayerZero's tech.




All I can share after launching an OFT is: - @LayerZero_Core told us to always to use multiple DVNs never just 1 - interop would look very different without a permissionless stack that allows for configurable security






