1. Home
  2. connext

connext

9 protocols criticize LayerZero’s ‘wstETH’ token, claiming it’s ‘proprietary’

Connext, Chainsafe, Sygma, LiFi, Socket, Hashi, Across, Celer, and Router issued a joint statement criticizing the new token.

A new bridged token from cross-chain protocol LayerZero is drawing criticism from nine protocols throughout the Ethereum ecosystem. A joint statement from Connext, Chainsafe, Sygma, LiFi, Socket, Hashi, Across, Celer, and Router on October 27 called the token’s standard “a vendor-locked proprietary standard,” claiming that it limits the freedom of token issuers.

The protocols claimed in their joint statement that LayerZero’s new token is “a proprietary representation of wstETH to Avalanche, BNB Chain, and Scroll without support from the Lido DAO [decentralized autonomous organization],” which is created by “provider-specific systems […] fundamentally owned by the bridges that implement them.” As a result, it creates “systemic risks for projects that can be tough to quantify,” they stated. The protocols advocated for the use of the xERC-20 token standard for bridging stETH instead of using LayerZero’s new token.

Lido Staked Ether (stETH) is a liquid staking derivative produced when a user deposits Ether (ETH) into the Lido protocol for staking. On October 25, LayerZero launched a bridged version of stETH, called "Wrapped Staked Ether (wstETH)" on BNB Chain, Avalanche, and Scroll. Prior to this launch, stETH was not available on these three networks.

Since any protocol can create a bridged version of a token, LayerZero was able to launch wstETH without needing the approval of Lido’s governing body, LidoDAO. In addition, both BNB Chain and LayerZero announced the token’s launch on X (formerly Twitter), and BNB Chain tagged the Lido development team in its announcement. Members of LidoDAO later claimed that these actions were an attempt to mislead users into believing that the new token had support from the DAO.

On the same day that LayerZero launched wstETH, they proposed that LidoDAO should approve the new token as the official version of stETH on the three new networks. They offered to transfer control of the token’s protocol to LidoDAO, relinquishing LayerZero’s administration of it. In response, some LidoDAO members complained that this move was intended to create a fait accompli to pressure the DAO into passing the proposal when they otherwise wouldn’t have.

Related: LayerZero partners with Immunefi to launch $15M bug bounty

“There appears to have been a coordinated marketing effort between Avalanche, BNB, and LayerZero with a series of twitter posts and slick videos implying that LidoDAO has already officially accepted the OFT standard,” LidoDAO member Hart Lambur posted to the forum, adding “How is this possible when this is just a proposal?”

Some members also argued that the new token could pose security issues. “Layer Zero is a super centralized option that exposes Ethereum’s main protocol to an unprecedented catastrophe,” LidoDAO member Scaloneta claimed, arguing that a hack in the protocol’s verification layer “would imply that infinite wsteth will be minted.”

Cointelegraph reached out to the LayerZero team for comment through Telegram and email, but did not receive a response by the time of publication. In April, LayerZero raised over $120 million to help build more cross-chain functionality into the Web3 ecosystem and partnered with Radix to bring cross-chain functionality to the Radix Babylon network.

Binance Founder CZ Warns: Receiving Crypto This Way Could Instantly Empty Your Wallet

Connext, Alchemix launch cross-chain token standard to reduce bridge exploit losses

The two protocols will implement a standard for issuers to control the "canonical" minting of tokens, helping to reduce losses from unofficial bridges.

Connext cross-chain bridging protocol has announced a new token standard to reduce losses from bridge hacks. According to a July 24 announcement, the new “xERC-20” standard allows token-issuers to maintain a list of official bridges and control how many tokens can be minted by each.

In addition to Connext, DeFi platform Alchemix Finance will implement xERC-20 tokens, the announcement stated.

The new token standard was originally put forth on July 7 as Ethereum Improvement Proposal (EIP) 7281. It was co-authored by Connext’s founder, Arjun Bhuptani. At the time, Bhuptani said it would help to minimize losses from bridge hacks by acting on the principle that “Token issuers are the ones who get rekt when bridges get hacked.”

Instead of each bridge issuing its own version of a token on every network, the new standard would allow bridges to mint “official” or “canonical” versions of each token. However, they can only do this with the permission of the token issuer, and this permission would be enforced through smart contracts. Token-issuers would also be able to limit the number of coins that a particular bridge could mint, the proposal stated.

Under EIP-7281, bridges could still mint their own versions of tokens, but such derivative coins would not be considered “canonical” versions. As a result, consumers would eventually come to reject unofficial versions of coins. In Bhuptani’s view, this would lead to a safer DeFi space because it would put the responsibility of avoiding bridge hacks squarely on the shoulders of each token-issuer, which would help to prevent end-users from suffering losses.

To become an official part of the Ethereum ecosystem, an EIP has to be approved by EIP Editors, a process that can take months. The July 24 announcement said the standard will now be implemented in Connext and Alchemix ahead of its official approval, allowing end-users to rely on it immediately.

Related: Multichain bridge hack was a “big blow” to Fantom ecosystem, says Cronje

In the announcement, Connext stated that the token standard will be “forward compatible” with the official version should it eventually be approved by the EIP Editors. Bhuptani argued that the new implementation will prevent bridges with bad security or excessive centralization from being taken seriously, stating:

“This approach [...] encourages open competition and innovation as token issuers now have the flexibility [to] granularly update their preferences for supported bridges over time. Instead of prioritizing building a monopoly on liquidity, or trying to corner market share by locking-in token issuers (or in some cases entire chains), bridges are now forced to have an ongoing focus on their security and quality of service, lest they be delisted."

The issue of bridge security has become a hot topic in the crypto community. These concerns were amplified on July 7, when over $100 million was mysteriously withdrawn from the Multichain bridging protocol. The Multichain team at first only referred to the withdrawals as “abnormal,” but later clarified that an unknown individual had accessed their CEO’s cloud storage system to withdraw the funds without users’ consent.

Binance Founder CZ Warns: Receiving Crypto This Way Could Instantly Empty Your Wallet

Connext founder proposes ‘Sovereign Bridged Token’ standard after Multichain incident

EIP-7281 will allow token issuers to list official bridges and limit the rate at which they can mint tokens, potentially limiting losses from bridge hacks.

An Ethereum Improvement Proposal (EIP) made on July 7 seeks to standardize how tokens are bridged between networks. The “Sovereign Bridged Token” standard, or EIP-7281, allows token issuers to create canonical bridges across multiple networks. 

The proposal was co-authored by Arjun Bhuptani, founder of the Connext bridging protocol. In a July 7 social media post, Bhuptani claimed the protocol would help prevent issues like the July 6 Multichain incident, which some experts have described as a “hack.

According to the proposal’s discussion page, it allows token issuers to designate a list of canonical bridges. Only bridges added to this list could mint an official version of the issuer’s token. Issuers can also limit the number of tokens a bridge is allowed to mint. These parameters can be changed at virtually any time by the issuer.

In Bhuptani’s view, this proposal will ensure that “ownership of tokens is shifted away from bridges (canonical or 3rd party) into the hands of token issuers themselves” and will limit losses if a bridge’s security comes into question:

“In the event of a hack or vulnerability for a given bridge (e.g. today’s Multichain hack), issuer risk is capped to the rate limit of that bridge and issuers can seamlessly delist a bridge without needing to go through a painful and time-intensive migration process with users.”

Related: $30B stolen from crypto ecosystem since 2012: Report

Bhuptani said the proposal would also help prevent user experience problems in decentralized finance, as all bridges will issue the same official token. Over time, this will eliminate the need for multiple versions of the same token, he claimed.

Stablecoin issuer Circle has already created the Cross-Chain Transfer Protocol (CCTP) to list official bridges for its token, US Dollar Coin (USDC). EIP-7281 intends to implement the basic concept behind CCTP but also tries to make this solution apply “more broadly to all tokens,” according to the proposal’s notes.

Both Circle and Tether have blacklisted some of the addresses used in the Multichain incident, preventing $65 million worth of USDC and Tether (USDT) from being moved out of these addresses.

Binance Founder CZ Warns: Receiving Crypto This Way Could Instantly Empty Your Wallet