• LayerZero, a cross-chain bridging service, was accused of having a “backdoor” vulnerability in its code.
• The co-founder of LayerZero denied the allegations, claiming that all applications have the ability to set their own security parameters.
• Uniswap is voting on whether to partner with LayerZero, which could be the motivation behind the allegations.
Allegations Against LayerZero
James Prestwich, founder of the cross-chain bridging service Nomad, alleged in a blog post on Monday that LayerZero can bypass security controls in order to pass data between blockchains without anyone’s permission. He claimed that LayerZero has an undisclosed capability of a trusted party, which can compromise the function of the system.
Bryan Pellegrino, a co-founder of LayerZero, said the project does have backdoor-like capabilities but denied the platform has ever tried to hide them. He said all applications have the ability to set their own security parameters and there is nothing anybody can do unless they configure it themselves.
Pellegrino suggested Prestwich’s motives may be tied to an upcoming Uniswap governance vote to pick a bridge provider. Uniswap is considering partnering with LayerZero which could be behind these allegations from its competitor Nomad.
Motives Behind Allegations
Pellegrino suggested Prestwich’s motives may be tied to an upcoming Uniswap governance vote to pick a bridge provider. By making these accusations he may be hoping it will influence people’s opinion when voting for who should become Uniswap’s bridge provider.
It remains unclear why Prestwich chose now as his time for making these accusations against LayzerZero or if they are true or false. Until further evidence arises it appears that this is yet another battle between two competing companies trying to win over Uniswap as its bridge provider partner.