raz

Zero is the first multi-core decentralized world computer. Each core is capable of 2 million TPS and the blockchain scales horizontally to near infinity. It lives up to everything we stand for: - Decentralized - Permissionless - Censorship-resistant 🧵

"As of today, Frax assets worth over $500M span 20+ blockchains with LayerZero, having securely moved hundreds of millions across tens of thousands of messages and growing." Incredible article. @samkazemian and @fraxfinance continue to set an amazing example as builders.

Guy and the @ethena team are some of the most impactful builders of internet-native/better money. Proud to have them building on @LayerZero_Core and see them setting an example for what a continuously improving security setup can look like. USDe and sUSDe continue to be some of the most used assets in the space, moving $4B of their lifetime $33B in the last 30 days alone. Extremely fortunate to get to work with people like @gdog97_ @n2ckchong & team. It's a long and fruitful road ahead, much more to come.

USDT0 launched nearly a year before the Tether investment into LZ. We chose LZ because it’s the solution the allows the highest amount of customization and vertical integration of the security building blocks of cross chain interoperability. We believe no interoperability solution can match what LZ gives us in terms of security and usability. We have absolutely no plan to move away from LZ as our interop provider.

Also ZeroKOLs Unlike other alternatives

💪 Fully focused on what comes next Unstoppable Together

Zerolore Zeronoise Zeropolitics Zerogames Unstoppable Together

@PrimordialAA @rookie_of_Ph @USDT0_to @LayerZero_Core I’m a firm believer that LayerZero’s tech stack gave us the right tools to hit $90B in 15 months.

Been sitting with this Marcus Aurelius line tonight: “The impediment to action advances action. What stands in the way becomes the way.” @PrimordialAA, @ryanzarick and the rest of the team have been pushing our industry forward. They’ve been great innovators and incredible partners. Every team building on @LayerZero_Core is hardening in the same fire. We at @USDT0_to know what no single point of failure actually looks like, in production: -Proprietary DVN with veto over every message, since launch -Pinned libraries: no external party can modify the code we run -Custom invariant checks built for our infra -Independent risk assessment per chain -Internal + external review on every multisig tx before a signer sees it -2-of-2 → 3-of-3 post-Kelp. 4-of-4, then 5-of-5 next. -$4B processed since the incident. Zero impact on integrity. The fire tests gold. @LayerZero_Core hands you the tools. The configuration is the product.

.@USDT0_to has been a leader in how they utilize @LayerZero_Core from the moment they launched. They continue to set an incredible standard for how to build and operate and are closing in on 1M transfers & $100B transferred. Incredibly grateful to have them as partners

LayerZero is the golden standard for cross chain interoperability BECAUSE of its high level of customizability. Unfortunately, this means application owners need to invest serious resources to match the security standard that the capital moving through our rails demands. At @USDT0_to this has been our main priority from day 1. Security IS the product. From our very first conversation, the @LayerZero_Core team made extremely clear to us what it would take to hit the security bar our infrastructure required. We did not launch into production until each of those steps was achieved. Our system pins libraries, runs our proprietary veto-powered DVN with invariance checks developed specifically for our threat vectors, and owns multiple other invaluable parts of the security stack to make sure we are ALWAYS owning our security stack from A to Z. My Co-Founder and CTO @0xKeno put together an overview of how we approach security at USDT0. You can find it below. We are the largest asset on the LayerZero network. We were fully unaffected by this incident because we built on top of the protocol responsibly. We did our homework well before this attack was on everyone’s mouth. Since then, USDT0 moved $4B across chains. We have been, and will keep on, safeguarding our user's funds to the highest security standards available in this industry. We are standing strong next to @PrimordialAA, @ryanzarick and the rest of the LayerZero team. Interoperability is hard. It is dangerous. It is constantly under attack by nation-state actors, with virtually unlimited resources. It’s like open heart surgery, every time something is changed. It is also absolutely needed in the future-economy we are all trying to build. The only way to avoid the next exploit is to understand the system deeply, invest resources in understanding the technology and build on a platform that lets applications own the vast majority of their building blocks. For us, this platform is LayerZero. We’ll keep building on top of LayerZero.

At @USDT0_to, we build with the specific intention of ensuring there is no single point of failure. Security is at the core of every single architectural and procedural decision we make along the way. For example: Since launching last year, we’ve run a proprietary DVN with veto capability over every message, custom invariant checks built specifically for our infra, and pinned code libraries so that no external party can ever modify the code the system runs on. Every chain deployment gets its own independent risk assessment. Every multisig transaction passes through internal and external review before a signer even sees it. We turn down chains, delay launches, and trade user experience for stronger security when instances require a trade-off. During the KelpDAO incident, USDT0 remained secure with no impact on system integrity and has processed over $4 billion in volume since. Our proprietary DVN performed exactly as it was built to. We used the moment to raise the bar further, adding Canary as a third independent verifier, moving our DVN setup from 2-of-2 to 3-of-3. Exit confirmation times were also extended to guarantee finality before cross-network settlement. In the coming months we are moving to 4-of-4 and then 5-of-5 as additional qualified candidates clear our validation process. More details in our recent overview of USDT0's security architecture: blog.usdt0.to/security-is-th…

We believe developers should choose their own security configurations, but we made a mistake by allowing our DVN to act as a 1/1 DVN for high-value transactions. We didn't police what our DVN was securing, which created a risk we simply didn't see. We own that. Moving forward, LayerZero Labs will be more active in educating developers and monitoring how applications should build on the protocol to ensure they are configured safely.

A ton of this is just completely untrue. 1) Kelp originally used the defaults which were MultiDVN or DeadDVN and manually migrated to a 1/1 config later 2) Almost 100% of the volume on a 1/1 config was rsETH 3) Not using a 1/1 for production applications is mentioned many times in the documentation. The defaults Kelp is referencing in their screenshot were multiDVN or DeadDVN, which force-rejects an application using the defaults at all and requires them to manually set configuration. rsETH was originally configured to use the default LayerZero configuration of a multiDVN setup of LayerZero Labs + Google: Here are the exact transactions where that happens Ethereum → Arbitrum: etherscan.io/tx/0xd7c864adb… at 2024-02-06 03:09:47 UTC Ethereum → Optimism: etherscan.io/tx/0x7075bfe9a… at 2024-02-06 03:09:59 UTC KelpDAO then manually changed these to 1/1 configs: For the original Feb 6 Ethereum routes to Arbitrum/Optimism, KelpDAO’s Ethereum contract switched from defaults to manual OApp-scoped config on 2024-04-01: Send-side manual config: etherscan.io/tx/0x7485c16c9… 2024-04-01 07:12:11 UTC Receive-side manual config: etherscan.io/tx/0x21e967c99… 2024-04-01 07:12:23 UTC From this point on, Kelp began deploying all of their configurations as 1/1 configs. Here is Kelp’s deployment on Unichain: Unichain → Ethereum was opened on 2025-04-01 18:55:41 UTC. Pathway-open / setPeer tx: uniscan.xyz/tx/0x31ea2b10a… The manual ULN config followed 6 seconds later in uniscan.xyz/tx/0xd8ef5416a…. During this time the Unichain -> Ethereum and Ethereum -> Unichain defaults were set to DeadDVN which is a contract which makes it impossible for any application to transact without manually configuring their DVNs, this was not possible on the defaults of this pathway. Here is the code in the DeadDVN (#code" target="_blank" rel="nofollow noopener">etherscan.io/address/0x747C…) that specifically prohibits this. (Screenshot 1) This is called out many many times in the docs: 1. Integration Checklist — "Do" list - Last edited: 2025-11-26 (Nazreen) - Content: "Do: … Use more than one DVN for each production pathway instead of relying on a single DVN." - File: v2/tools/integration-checklist.mdx:244 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 2. Integration Checklist — "Don't" list - Last edited: 2025-11-26 (Nazreen) - Content: "Don't: … Configure only one DVN for a pathway and treat it as production‑ready." - File: v2/tools/integration-checklist.mdx:251 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 3. Integration Checklist — Defaults are not safe - Last edited: 2025-09-25 (Tino Martínez Molina) - Content: "Do not assume defaults are safe for production. Always check explicitly: getSendLibrary, getReceiveLibrary, and getConfig. If these resolve to defaults, confirm whether the defaults are valid for the intended pathway. Unintentional fallbacks to defaults are a common cause of blocked or failing pathways." - File: v2/tools/integration-checklist.mdx:126-128 - URL: #explicitly-set-message-libraries" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 4. Integration Checklist — Default fallback warning - Last edited: 2026-02-26 (migration; same wording predates it) - Content: "Warning: If no configuration is set, the OApp will fallback to the default settings set by LayerZero Labs." - File: v2/tools/integration-checklist.mdx:222-238 - URL: #set-security-and-executor-configurations-on-every-pathway" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/tools/integ… 5. ONFT Quickstart — Production guidance - Last edited: 2025-02-20 (Radek Sienkiewicz) - Content: "DVN Settings: Use multiple DVNs in production to ensure message verification is robust." - File: v2/developers/evm/onft/quickstart.mdx:700 - URL: #security-considerations" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 6. ONFT Quickstart — Strong recommendation to configure - Last edited: 2025-03-10 (Radek Sienkiewicz) - Content: "We strongly recommend reviewing these settings carefully and configuring your security stack according to your needs and preferences." - File: v2/developers/evm/onft/quickstart.mdx:366 - URL: #configure-the-onft" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… 7. Starknet FAQ — "Should I use multiple DVNs?" - Last edited: 2026-01-21 (Nazreen) - Content: ▎ Should I use multiple DVNs? ▎ Recommended for production. Multiple DVNs provide: ▎ - Increased security (multiple independent verifiers) ▎ - Resilience (no single point of failure) ▎ - Trust minimization - File: v2/developers/starknet/troubleshooting/faq.mdx:290-296 - URL: #should-i-use-multiple-dvns" target="_blank" rel="nofollow noopener">docs.layerzero.network/v2/developers/… Here are the exact recommendations we gave KelpDAO when asked about DVNs (typically 2/3) (Screenshot 2) Other LayerZero applications speaking on exactly what is advised by the team x.com/mitchellftracy… x.com/jasperflux/sta… For how much volume was actually configured on 1/1 here is the exact data. (Screenshot 3) We will publish a complete post-mortem as soon as the external security firms have completed it.

There is so much )!@($ happening in the background at the moment. @arbitrum very likely just widely expanded the aperture of positive outcomes

What’s happening right now on our side - Working with industry recovery group - Working with external security groups - Working with all relevant external law enforcement agencies - DVN is live, Stargate just went through additional hardening pass - Spending 100% of cycles hardening security across every possible vector for applications. We will be able to say a lot more on here but right now security is the #1 priority across the board - Expect more updates on all fronts, will start streaming more steady state of information now that initial investigations are largely resolved

LayerZero is live on @tempo. Stripe processes $1.4T a year and accounts for 1.3% of global GDP, even with the constraints of banking hours and borders. Tempo is their bet that the backend for money should feel like the internet: fast, cheap, and everywhere.

At all-hands yesterday we brought up some of the coolest things people have made just in the past week alone and I was totally blown away by them (+ 2 more I can't show yet doxxing new product). AI massively accelerating technical & non-technical people alike Interactive slides

Jolt Pro is a 100x improvement over existing zkVMs. After months of researching all existing zkVMs, we realized none of them could scale to what we needed with Zero. Then we came across @succinctJT's work and Jolt, a research project from @a16zcrypto. We saw massive potential in the math and, finally, a viable way to scale to our needs. So we secretly assembled a team of some of the brightest minds across cryptography, GPU programming, and ASIC design to build an internal Jolt Pro team. Jolt Pro has no precompiles; it runs only RISC-V instructions, without introducing new ad hoc, error-prone constraints. It's impossible to compare against other zkVMs because they are not proving straight RISC-V, most of their work and speed gains exist in dangerous pre-compiles. Jolt Pro scales to infinity. The number of cells you can use in parallel is only limited by the size of the datacenter. Jolt Pro has a path to 4GHz cells using the same configuration we use for our 1.61 GHz cell today. By early 2027, it will be post-quantum and set the standard for all zkVMs. We will eventually make "zero-proofs", and others can try to beat our RISC-V proving in the open. For now, we stay heads down, building Zero to be everything the industry ever wanted. And then just a little more.