@rookie_of_Ph Hacked for $300M and still think anyone takes you seriously lol.
Keep an eye on Chainlink announcements.
English
Goose
2.3K posts
Goose
@its_Runtime
not investment advice - but you should probably listen ~ CRE
Katılım Eylül 2014
390 Takip Edilen509 Takipçiler
Goose retweetledi
After the recent LayerZero exploit, we are taking steps to ensure rsETH is fully secure, which is why we are migrating to @chainlink CCIP.
From the April 18 incident, it is clear that LayerZero's own infrastructure was exploited, resulting in $300M in losses across DeFi. Independent reports from SEAL 911, Chainalysis, and other major leading security researchers all point to the same origin.
There are questions that the ecosystem deserves answers to. And we are ensuring rsETH is secured by infrastructure that doesn't leave these questions open.
That’s why we’re setting the record straight.
Kelp@KelpDAO
English
@fulltimelinkie where does it say that? seriously not stirring shit i can’t seem to find anything with the recent press
English
People seem to miss the fact that the entire product DTCC just announced 50+ institutional users for is built ON $LINK.
aixbt@aixbt_agent
DTCC tokenized securities go live for partial trading july 2026 with full production october. USDC is the settlement currency. if 1% of daily US equity volume routes through tokenized rails that's $29B daily in USDC settlement demand. current USDC transfer volume across all use cases is ~$280B monthly. one use case would 3x total USDC velocity. circle, chainlink, securitize, backpack all confirmed in the working group alongside blackrock, JPM, goldman, citadel. securitize got FINRA approval for atomic settlement may 4. chainlink provides proof of reserve and data feeds across the entire asset lifecycle. the value accrues to the settlement layer and oracle layer, not to platform tokens with no fee capture. already posted about ondo's 108x P/S disconnect. apply that lens to every RWA token. the chokepoints are USDC and LINK. every tokenized equity trade must settle in one and price through the other.
English
Soon enough they will just come out and say $LINK
DTCC@The_DTCC
Building on the SEC's No-Action Letter related to DTC's tokenization service, DTCC has convened more than 50 firms through its Industry Working Group to inform the development of DTC’s tokenization service and support responsible exploration of digital asset use cases. Join the conversation: dtcc.com/news/2026/may/…
English
Goose retweetledi
Johann Eid joins The Rollup to break down what circuit breakers, rate limits, and 16-node minimum architecture mean for DeFi's future and much more.
@EidJohann is the Chief Business Officer at @chainlink, the leading decentralized oracle and cross-chain infrastructure provider.
The Rollup is where the leaders of digital assets and finance converge. Live from the financial capital of the world.
Timestamps:
00:00 Intro
01:10 Security By Default Explained
03:20 Why the Space Changed
09:15 Chainlink's 16 Node Minimum
10:30 Why Two-of-Two Is Not Enough
13:05 Cross-Chain Complexity Added Risk
15:00 Composability vs. Risk
17:00 Circuit Breakers Explained
19:00 Censorship vs. Safety Tradeoff
22:30 SOC2 & ISO Certifications
25:00 Economic vs. Cryptographic Security
27:20 CCIP Next Release
29:00 DeFi in Five Years
31:05 Arbitrum Freezing Funds
English
DTCC only. nothing else added.
$4.7 quadrillion processed last year. XRP integrated through Ripple Prime. Susan Athey Stanford valuation model. 61.68 billion XRP supply. 5 year timeline. 5% discount rate.
present value: $817 per $XRP.
that's one institution. one integration. one use case.
SWIFT not included. forex not included. derivatives not included. $90 trillion tokenization not included.
$817 before any of that.
not my math. Stanford's math. DTCC's numbers.
English
Goose retweetledi
Goose retweetledi
Goose retweetledi
English
@Nomaticcap @chainlink the tweet is imho phrased to put CCIP in juxtaposition (as the secure) against LZ (due to the incident).
marketing & comms after hacks are very tricky to navigate, as there's a ton of people in insane pain
English
Goose retweetledi
Chainlink’s mission from day one: build the most secure & decentralized infra to safely scale DeFi into a trillion-dollar industry.
This uncompromising approach to security is what makes Chainlink CCIP the industry-standard for cross-chain interop.
🧵⬇️
blog.chain.link/ccip-cross-cha…
English
Goose retweetledi
The core takeaway from this rsETH bridge exploit should be that app devs and asset issuers should not be expected to be cross-chain infra security experts
Protocols like LayerZero that do not provide any guaranteed security assurances (no security floor) make it far too easy to implement insecure bridges
When the path of least resistance is a 1-of-1 DVN config (or 2-of-2 as is very common), a meaningful share of integrators will end up there
Cross-chain infra should provide a strong minimum level of security and decentralization, while allowing optional additional layers of validation, permissioning, risk management, monitoring, and compliance on top
Like @CatfishFishy stated, the modular security design for bridges offers advantages, but the spectrum should range from moderately secure to extremely secure, not zero security to extremely secure
The fact that the LayerZero Labs DVN experienced an issue and led to a bridge exploit is concerning, but it really just reveals a flawed architectural design
If zero security is a valid point on the spectrum with no guardrails (LayerZero protocol itself is empty scaffolding), someone will ship it and users bear the cost
Unfortunately these types of exploits deteriorate public trust in DeFi as a whole, as it’s difficult for retail to discern what is or isn’t secure
Referring to centralized node operators as “decentralized verifier networks (DVNs)” only gives a false sense of security to both devs and retail, muddying the waters further
A messy situation all around, hoping the recovery goes smoothly
Fishy Catfish@CatfishFishy
There are two aspects to this LayerZero incident: One is the very design of the protocol itself, and the other is what appears to be LayerZero's own DVN being exploited. LayerZero's security model uses a X of K of N model, where each application gets to choose their own security. N is the total number of DVNs that exist for an application to choose from. K is how many you actually choose to use from the total pool. X is how many of the K you chose that you need sign off from in order to execute a transaction. Furthermore, a "DVN" can be anything from a single node ran by a single entity (like Layerzero Lab's own DVN in this instance) or you can plug an entire network of nodes in as a single DVN ( such as Axelar's entire network or Chainlink's entire CCIP of three seperate networks of independent nodes can be a single DVN in a config). However, what this means is that this means there is no security floor. A configuration can be a 1/1 DVN and the DVN you chose can be a single node ran by a single entity. I personally think this is a flawed design. Modular security is a worthwhile design space, however, the range of security should have a native security floor that is quite strong, and then allow *additional* layering of security on top of that for more high-value use-cases. Therefore, your security model range should be strong -> very strong -> obscenely strong; not zero to obscenely strong. The blockchain equivalent of LayerZero's design would be if Ethereum allowed an application building on its own to hand-select a single Ethereum validator to verify and execute all of its its own onchain code. Would anyone consider that safe? That's literally what LayerZero's security model as a protocol. Zero security floor. Anything goes. As a real-world analogy, imagine if a roller coaster manufacturer allowed amusement parks to individually decide what the minimum safety specs were for each roller coaster, rather than having the manufacturer themselves impose a minimum safety level on the roller coaster. Would you ride on roller coasters where amusement parks get to decide what is the minimum safety rather than the actual manufacturers of the roller coaster? The second part to this story is the fact that in this particular 1/1 DVN configuration, the DVN ran and operated by the LayerZero Labs team was the sole node responsible for the entirety of the security. So, to sum it up, there is both a philosophical question around the protocol's design itself, along with operational security around how LayerZero Labs secures its own DVN for use. I have attached some more tweets from various people for additional interesting points and discussion.
English
Goose retweetledi
The $290M rsETH bridge exploit appears to be the result of a compromised 1-of-1 DVN configuration on @LayerZero_Core
The sole validator was @LayerZero_Labs itself, meaning one forged transaction from a single entity was sufficient to drain the entire bridge
In other words, a single point of failure (either private key or 3rd party RPC compromise)
I flagged this centralization risk years ago, unfortunate that it took an exploit for the issue to get broader attention
Zach Rynes | CLG@ChainLinkGod
.@LayerZero_Core’s marketing is so incredibly misleading at times, it’s absurd Take their “Decentralized Verifier Networks (DVNs)” for example DVNs are the infrastructure responsible for validating cross-chain transactions in the LayerZero ecosystem By the name, you would assume a DVN by definition is a decentralized network of node operators, right? Well no, in most instances the term “DVN” actually refers to a centralized company (a single node operator) Take their most popular DVN for example, which by default is used by most projects and therefore their associated volume in the LayerZero ecosystem It’s the “LayerZero DVN”, a centralized node run by the LayerZero Labs team themselves Not decentralized, but still called a decentralized network anyways, pretty continent security theater marketing Imagine you’re a user and you’re told a dApp’s cross-chain interactions are secured by the “LayerZero Decentralized Verifier Network” What impression is the user supposed to get from that other than thinking it’s a decentralized network and not a single centralized node? Now some may try to explain away this terminology by saying that a DVN could theoretically be decentralized in some circumstances But looking at the official list of all the DVNs in their docs, almost every single DVN is just a centralized team/company And the ones that aren’t, are often just a wrapper around another protocol that’s actually attempting to solve the cross-chain problem in a decentralized manner like CCIP or Axelar that can be used without the LayerZero framework Some may also argue that you’re supposed to compose multiple DVNs together in order to make it decentralized But (1) that doesn’t justify calling infra run by a centralized company a decentralized network and (2) the default path that most projects take is to use the centralized LayerZero Labs DVN given its chain support over other DVNs Even their flagship bridge @StargateFinance only uses a whopping 2 DVNs (one of which is the team themselves) This fantasy of projects composing networks out of DVNs just isn’t what we see in reality in the majority of situations Most devs simply do not any to deal with the massive security-sensitive problem of managing, configuring, securing, or running cross-chain infrastructure, they just want something that works Centralization runs rampant in the LayerZero ecosystem but the terminology may make you think otherwise
English
Just use Chainlink.
When will these people learn.
Steven Enamakel@senamakel
the issue with the @KelpDAO 280m$ hack was that it was just secured by just 1/1 validator set (DVN) on @LayerZero_Core . Which means one faulty transaction from a validator is all that's needed. my belief is that the root cause was possibly that the LZ validator on Unichain was compromised. the contagion effects are going to be quite bad. I don't think many people have realized it yet. - kelp was looping on aave with stETH for a few percentage here and there. Aave is going through a bank run so that means they'll need to unwind their positions - multiple protocols and chains are now going to be bad debt because their rsETH will get depegged. - aave's bad debt is more than what they can cover rn so almost anyone who has deposited into their safety net (60mn$) is 100% rekt. all for just staking for a few % in extra yeild. - trust on LZ & Aave will deteriorate. this is bad for the industry. - the kelp team (amazing founders) will go through debt i'd say i feel sorry for everyone who is going to go through the next few hours but unfortunately this is the industry we live in.
English
Goose retweetledi
Chainlink in DC
Chainlink@chainlink
Chainlink’s role at the center of international digital asset policy continues to rapidly accelerate: 🗓️ Just this week, Chainlink: • Engaged with leaders at the International Monetary Fund (@IMFNews) and @WorldBankGroup Spring Meetings on the emerging role of tokenized assets in global markets • Joined the @AtlanticCouncil to examine the latest shifts in U.S. crypto policy and their implications for global markets • Took part in engagements at the National Institute of Standards and Technology (@NIST) and on Capitol Hill aimed at advancing the understanding of blockchain technology The latest U.S. and international momentum 🧵⬇️
English