Thrilled to see the community support for expanding Uniswap v3 to BNB Chain. BNB has long been a thriving part of the LayerZero ecosystem as BNB Chain was one of our initial launch chains and Binance was our first investor leading our seed round.
The BNB Chain team and the Uniswap Foundation recently reached out to LayerZero Labs about this opportunity and connected us to Ilia at Plasma to submit a proposal. Backed by a16z, Sequoia, Uniswap Labs, and Binance to name a few, LayerZero is supported by thousands of cross-chain builders with over 2,000 contracts deployed on mainnet, ~700 unique applications, ~2M total messages, ~$5B transactional volume, and billions of dollars in TVL. Builders include SushiSwap, PancakeSwap, BTC.b, Pudgy Penguins, Radiant, Stargate, Kanpai Pandas and many more unannounced integrations. Notable bridges built with LayerZero include the rebooted Harmony Bridge, CoreDAO bridge, and the Aptos Bridge.
Since our last proposal, we have built a fully functional governance implementation for Uniswap based on specs provided by the community and feedback from delegates and university groups, which is currently under audit with Zellic and Ottersec. These audits will be complete with fully tested code ready to be deployed within the next 2 weeks.
Uniswap v3 was approved by the community for deployment on both Moonbeam and Gnosis Chain last year. With this implementation, Uniswap can swiftly deploy Uniswap v3 to BNB Chain, Moonbeam and Gnosis maintaining a unified multi-audited governance model for interacting with all cross-chain deployments of Uniswap v3. With the community’s support, Uniswap v3 can expand to all three ecosystems in as soon as 2 weeks!
The complete omnichain governance module for Uniswap can be found here.
How It Works
LayerZero is a lightweight universal messaging interface that allows developers to seamlessly interact with contracts across dozens of blockchains. LayerZero Endpoints rely on an innovative architecture leveraging Ultra Light Nodes and independent Oracles and Relayers to securely relay messages between chains.
Communication flow in a single LayerZero crosschain transaction.
In a single call, paying only source gas, users and protocols can send a message (or a bundle of messages) to contracts on any supported chain. Thus, users are able to create a single contract that is capable of interacting simultaneously across multiple chains via our arbitrary messaging primitive.
LayerZero is currently live on 25+ chains including BNB Chain, Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Metis, Aptos, Celo, Moonbeam and Fantom, and on testnet and undergoing audit on 6+ chains including Solana among other non-EVM chains. With a fully functional governance implementation, Uniswap can quickly deploy Uniswap v3 to all chains that LayerZero supports without compromising on security or introducing the complexity of multiple cross chain messaging protocols and services.
Security FAQ
Does the bridge support arbitrary message passing?
LayerZero enables smart contracts in disparate blockchains to communicate via arbitrary message passing of bytes payloads.
Is the bridge secured by a trusted entity, by a multi sig, or a protocol/set of incentivized nodes?
The current recommended configuration is secured by Chainlink as an oracle entity (currently securing tens of billions of dollars) and the LayerZero Labs (currently securing billions in TVL) operated relayer entity. All applications building on LayerZero have the choice to opt-in to default security or select a set of oracles and relayers. The architecture is entirely modular to allow Uniswap to run any portion of this validation layer if they so choose i.e. additional relayers and/or oracles.
LayerZero is a true protocol comprised entirely of immutable smart contracts and is not dependent on LayerZero Labs to be leveraged by applications in perpetuity.
Does the bridge leverage the security of the source chain (e.g. Ethereum L1) or destination chain, or is security provided by another third party entity?
LayerZero leverages direct MPT validation construction of the source transaction and verifies the merkle inclusion proof directly on the destination chain via the protocol’s novel Ultra Light Node (ULN).
Is it possible for a fraudulent message to be passed to the destination chain? If so, are there any recall mechanisms?
LayerZero provides the most secure solution for communication and puts control directly into the applications hands. It is worth noting that it is technically impossible to enable communication between blockchains in a fully trustless manner. Via the LayerZero protocol, the only way a fraudulent message may be passed to the destination chain is if both the Oracle entities and Relayer entities – selected by Uniswap - actively collude together and against the application to approve a fraudulent message.
Additionally, LayerZero is secured by a Pre-Crime, the proprietary security layer which has successfully secured the protocol and applications like Stargate since May 2022. Pre-Crime takes an outbound transaction and makes sure that it’s legitimate by running it against a set of application-defined invariants before the delivery of each message. Pre-Crime first forks every chain locally then it runs the state transaction locally to make sure the resulting state meets the list of defined invariants the application sets. Once this is confirmed Pre-Crime then provides an attestation that this is a legitimate transfer and the message is delivered.
What are the ramifications of fraud to the malicious actor?
Applications own all their smart contracts and maintain the ability to swap out Oracles and Relayers and/or expand their sets at their community’s discretion. Participating entities, including Chainlink, in the LayerZero network are thoroughly tested and vetted against rigorous standards in order to be supported in LayerZero documentation and are subject to re-evaluation at any time. Refer to an overview of Pre-Crime above for the additional security layer designed to prevent malicious actors from successful message delivery.
We designed LayerZero to be censorship resistant. Oracles and Relayers cannot censor messages without censoring all messages due to the sequential nonce ordered enforcement on the receiving chain. As a result, if an attacker obtained control of the Uniswap-selected Oracles or Relayers, and succeeded in censoring a message, every subsequent message would also be censored and the vote would stop. Uniswap could then expediently resolve the issue by updating configurations and messaging would resume.
Has the bridge code been audited? By a third party? What attack vectors and vulnerabilities were identified, if any? Have the identified vulnerabilities been remedied?
LayerZero Labs has commissioned 35+ audits with the most recent audits on Github here. Nearly all code written by LayerZero Labs since inception have been immutable smart contracts audited externally and rigorously reviewed internally at least 3+ times each. LayerZero is the only major cross-chain messaging protocol to have secured significant transaction volume (~$5B) over time without any exploit, compromise of key infrastructure, or loss of user funds. Additionally, LayerZero has the largest live bug bounty across the industry at up to $15m.
Our sole focus at LayerZero Labs is building best-in-class cross-chain infrastructure. We have infinite runway and are building for the developer community. Learn more at Developers | LayerZero.