BlocksInform
Sam Kessler
Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. It possesses eth, btc and matic.
A co-founder of "Because they publicly denied that ability, we think they can deliberately hide the extent of their control over apps," Prestwich initially tweeted.Zero, which provides services to help blockchains bridge digital assets between each other, is denying accusations from a competitor that it covered up the existence of a critical Prestwich suggested that there could be a conflict of interest because the auditors are paid for through the project.backdoor” vulnerability in its code.
James Prestwich, founder of the cross-chain bridging service Nomad, alleged in a blog post on Monday that LayerZero can bypass security controls in order to pass data between blockchains without anyone’s permission.
"A vulnerability of a part of trust (also known as a 'back door') is an undisclosed ability of a part of trust, which may compromise the system's function," Prestwich said in a tweet describing his conclusions. Under prestwich, layerzero has the ability to unilaterally fly or move locked funds with platforms that use its connection services with default settings.
Bryan Pellegrino, co-founder of layerzero, stated that the project has backdoor capabilities but denied that the platform has ever tried to hide them. Bryan Pellegrino, co-founder of LayerZero, said the project has back door capabilities, but denied that the platform has ever attempted to hide them.
Pellegrino said LayerZero was open to its security practices and gave developers the opportunity to define settings prohibiting LayerZero from special access privileges. "All you have to do is define your setup and there is nothing that anyone can ever do," he went on. "All you have to do is set up your setup and there's nothing anyone can ever do," he added.
"James understands that it makes no sense to describe anything as a critical security vulnerability."
Pellegrino said that competing bridge suppliers such as nomad and vortex have the same "backdoor" capabilities as prestwich's layerzero attributes. "In the worst case scenario, layerzero is equal to how the vortex or any other layer of messaging works," he told Coindesk.
Other bridges – including Nomad, which suffered from a nine-figure hack over the summer – have similar access capabilities to LayerZero’s, he added.
Other bridges, including Nomad, which suffered a nine-digit hack this summer, have access capabilities similar to those of LayerZero, he said. According to the Nomad founder, LayerZero publicly denied in a Uniswap forum discussion that it had any sort of special capabilities.
"because they publicly denied this ability, we think they can deliberately hide the extent of their control over apps," prestwich initially tweeted.
LayerZero’s code auditor, Zellic, tweeted on Monday that the team “has been very upfront about the security properties of the system, and this is all widely known and well documented.”
Zero's code listener, Zellic, tweeted Monday that the team "has been very forthright about the system's security properties, and all this is widely known and well documented."
“If you ask any person on Twitter, ‘Can LayerZero steal all Stargate funds?’ If you ask someone on Twitter, can LayerZero steal all the funds from the Gateway of Stars? ' Auditors and laymen say that everyone knew that money could be stolen. This is neither a defence nor is it true,' he told Coindesk.
It is not a defence and it is also false," he said to CoinDesk.
As to the reason for his decision to disclose the "back door" in LayerZero's code, Prestwich blogged about it, We chose to release all the information because we believe LayerZero is aware of these matters, and public disclosure is the best way to engage application developers in configuring the configuration." Pellegrino suggested that Prestwich's motives were more objectionable and related to a forthcoming Uniswap governance vote, which will see the community behind the largest decentralized exchange choose an official bridge supplier.
The main candidates for the vote are LayerZero and Wormhole, another great bridge department.
Prestwich denies being motivated to denigrate the layman as a competitor. "I think it's hard to describe nomad as a contender to anyone considering the situation we're in," he told Coindesk. "I think it's hard to describe Nomad as a competitor to anybody because of the situation we're in," he told CoinDesk.
Following the hack last summer, "We haven't run a bridge or an inter-channel email protocol in about six months." Prestwich stated that the individual who requested the audit did not work for uniswap.
He refused to comment on whether the person was involved in a vortex.
He declined to comment on whether the individual was associated with the vortex.
