Why LayerZero Might Be a Contender for Enterprises In Need of Cross-Chain Bridges
Apart from the many instances where cryptocurrency holders get socially engineered (hoodwinked) into turning over their crypto or their account credentials to extremely clever and tenacious hackers (essentially, “user error”), the leading cause of cryptocurrency theft is a vulnerable cross-chain bridge. In fact, on the same day of this interview with LayerZero co-founder and CEO Bryan Pellegrino was recorded at the Harvard Blockchain Conference, the AllBridge cross-chain bridge was exploited for approximately $574,000. Most of it was returned one week later. Nevertheless, cross-chain bridges continue to be the soft-white underbelly of the blockchain industry.
According to Pellegrino, approximately $4 billion has been stolen via cross-chain bridge exploits since late 2021. Pellegrino was at Harvard University’s annual blockchain conference to talk about what it takes to secure communications between chains — an area of particular interest to enterprises because, as enterprises are already learning, in the same way, that many businesses have to work with multiple fiat currencies, there’s a high likelihood that they’ll also have to deal with multiple cryptocurrencies which in turn means they’ll have to simultaneously deal with multiple public distributed ledgers. Secure inter-chain communication will be an absolute must.
As opposed to relying on smart contracts to handle cross-chain bridge management at the so-called application layer of blockchain, Pellegrino’s company has been focused on handling cross-chain bridging at the protocol layer; a layer that, like the Internet’s TCP/IP protocol, lives below the blockchain layer itself. Thus, the company’s name, “LayerZero” (an implication that the lowest layer in the software stack where a blockchain exists is at layer 1, an idea that aligns with the way many different public distributed ledgers are described as “L1s”).
While he was at Harvard’s Blockchain Conference, Pellegrino told BlockchainJournal.com editor-in-chief David Berlind that LayerZero has successfully secured over $7 billion, has over 35,000 applications running on its test net, with 3,500 apps now in production on the LayerZero main net. Said Pellegrino of LayerZero’s industrial strength, “You take a look at [which venture capitalists’] confidence have we [have] won; Sequoia, Andreessen, all these groups have made single bets in the space, and that bet has been on us.”
Aside from operating at the protocol level, what’s LayerZero’s secret to success? Well for starters, all of the code behind LayerZero has been purpose-built from scratch. Beyond that, are three convictions that are sacrosanct to everything LayerZero does; immutability, permissionlessness, and resistance to censorship.
By David BerlindPublished:April 11, 2023
David Berlind: Today is Saturday, April 1st, 2023. I'm David Berlind and I'm coming to you for the Blockchain Journal podcast. We're in Cambridge, Massachusetts where right now the Harvard Blockchain Conference is taking place. Sitting with me is Bryan Pellegrino. He's the co-founder and CEO of LayerZero, and let's just start there. What is LayerZero?
Bryan Pellegrino: LayerZero is a messaging protocol that allows blockchains to communicate. Ultimately, it allows you to send any form of data between any two chains.
Berlind: So, I was watching you speak earlier, talking a little bit about this challenge of getting two chains to talk to each other. This has been in the news a lot over the last year or so because a lot of the infiltrations, exfiltrations of money exploits, the majority of them seem to happen when there was some sort of interoperability taking place between chains.
Pellegrino: Yep. I think there's been $4-ish billion of bridge hacks over the last 18 months. So, it has historically been a very large, very tough problem to solve.
Berlind: Now, Blockchain Journal generally is focused on an enterprise audience, and I find it probably implausible that any single enterprise is going to focus on a single chain. They're going to be dealing with multiple partners, multiple suppliers, multiple constituencies. More than likely they're going to end up working on multiple chains. So, how is it that you solve a problem that isn't being solved by other solution providers? You talk about how you're working at the really lowest level, the protocol layer. Why is that special and why should enterprises pay attention?
Pellegrino: Ultimately, the way that we think about it is each chain is effectively an execution environment. Some of them are good at storage, some of them are good at throughput, some of them are good at security. In the same way that when we used to build computer applications, we build it monolithically. I'd have a single server that sat in my house or in a data center and ran everything. Today, everything is microservices. You have stuff to hyper-optimized for compute, for storage, for throughput, for all of these different things. And so any application, when you're talking about building true applications that are orders of magnitude more complex than what exist today, you are going to need to interact with those different execution environments that are specialized for certain use cases. And so this can be anything, you see it between banks themselves, where they each have their own sort of execution environments and structures for doing things, you see it from public blockchains. I think ultimately any real application that gets built is going to span that, and that has very much proven the case, given how adoption has been.
Berlind: But, why is it what you're doing any different from some of the other bridges and stuff that's going on out there? The idea here is that you've got enterprises and they're seeing the headlines, and those headlines are going to be an obstacle to their adoption of blockchain. So, what is it that you guys do that could potentially assuage those fears?
Pellegrino: My tongue-in-cheek answer is [to], "What is the difference?" is that we actually work. So, we've secured $7 billion in TVL now, done seven to $8 billion in transactional volume, 35,000 applications on Testnet, 3,500 on Mainnet. Really at scale, in production. Every major protocol at this point, take every largest DEX in the world. Uniswap, all of these all built on top of LayerZero are using LayerZero. I think part of that... You take a look at whose confidence have we won. Sequoia, Andreessen, all these groups have made single bets in the space, and that bet has been on us.
So, I think all of this is external validation that what we've built is interesting and special. We can go down a rabbit hole of what makes it that way, and most of that is a very technical conversation, but really what people are looking for is security and just sort of speed of delivery and expanse. You need to be able to go every chain, you need to be able to do it in secure manner, in a way that scales to tens of billions of dollars, and you need to be able to do it fast enough that latency's not going to be an issue, and right now we do all of that.
Berlind: So, for the last decade, we've been hearing about this idea of composability and a lot of that integration's taking place between different parties fundamentally based on APIs you know a lot, and that's happening, I think, at a higher layer than where you're connecting change.
Pellegrino: So, the applications themselves now basically become that service. So, one of the beautiful things about the space, in general, was this composability. So, now with this bridge on top of us called Stargate, it allows you to move money from chain A to chain B. And, what you do is you can think of that as an API. You have in the background a composable LEGO, you can put in $100 here and consider it fungible to $100 there, abstract that away. Now, on top of that, you can build systems where you are unstacking from some farm here, moving over, and staking there in a single transaction. You don't know what's happening in the background. You're utilizing that DEXes. Swap here, move, swap there, all of these systems are now being built using these underlying smaller pieces of primitives and the way that APIs get used constantly. And so now when you're constructing a caller, an application, you can now embed that with 10 other DeFi applications to do these really complex or interesting interactions overall. That can be a bunch of different things, and eventually, that's going to be much more than just DeFi. You see it now, primitives are being built in the NFT and gaming space. Primitives are being built in the... Consumer FinTech is starting to use these primitives in some of their applications. So, I think this changes massively, but you need to be able to make that abstraction extend across chains. If it's in one single environment only, the user experience now gets extremely fragmented when you're trying to go to a different chain and it's do something here, wait for some action, get gas of another chain over there, like change your MetaMask or your RPC to this different construct and execute there. And so, that is something that we've solved really well and you see it in all of the experience of applications built on top of us.
Berlind: Speaking of those primitives, you mentioned three properties that you guys stay very true to in everything you do, immutability, censorship resistance, and permissionless. You also talked about how if you guys got hit by a bus tomorrow, the protocol would still be working, and it reminded me a little bit of a protocol like TCP/IP. It's permissionless. We just heard in this other session over here that the largest most successful permissionless network is TCP/IP. So, those three things that you're focusing on, those three properties, why are they the only three?
Pellegrino: I think you cannot build the system that you want at scale without those three. Ultimately, more and more we've just seen — losing any of those, basically compromises the entire system. Immutability is just all of the bridge hacks you're talking about, 50 to 60% of those happened because the devs were upgrading contracts in a benign way, in a way that they thought they were pushing a new feature, doing something, introducing bad code to a system that has no room basically for error at all. And so, if somebody can make a mistake, if you have an upgradeable contract, eventually somebody is just going to push code that's not bad. Somebody's going to get control of keys and do something malicious. Permissionless nature, when you talk whether it's TCP/IP or whether it's Ethereum or whatever it is, without that, you will never get the scale of adoption in diversity of validator set ever.
You need to have anybody be able to build on it. You need to have anybody be able to run it because as soon as you make that permission, you're delegating trust and that trust can be abused. And, I think all of these systems have shown us that, again, if that can happen, it will happen in basically any industry. And then when you're talking censorship resistance, I again think and Ethereum validators are suffering through this now. If there is a room for it to be done, it will be done.
And for us, it's just built into the protocol. It's not something we endorse one way or another. It's fundamentally every message because you don't want... It can be exploits of a governance message going through to push new code and somebody blocking that message because they don't want it. Imagine if you had the ability to brick individual votes that you don't want in any government election. You just can't have it fundamentally out of the protocol. It needs to be a technology layer. It's not something that should be politicized or even able to be used for that. If you have it where every message sent is delivered, then you can create an application that deals with the messages that it wants.
Berlind: You talked about order and how important that is and why I think performance and order go together. Do you want to wax on that a little bit?
Pellegrino: Sure, every message in LayerZero is non-sorter enforced, and if you don't have that, what you have is... In the way that we see HFT now. So, if you look at how HFT exists in traditional finance, it's like almost a pure tax on the industry where you sit in the middle and you basically monitor transactions ahead of time and then mutate the state of the world around that to extract value. If you don't have everything be non-sorter enforced, whoever owns that layer that sits in the middle has the ability to... And, this is some form of censorship, but to reorder or reconstruct the messages in their flow in order to extract value, and that just becomes a massive tax in the overall industry, and that was something that early on, again, baked into that technology is not possible and needed to not be possible because if it is, it will be done in very near term. And so, it's something we care deeply about.
Berlind: So, what are your views on maximum extractable value and how that can affect the order?
Pellegrino: MEV is a... You have a mempool of a chain. So you submit transaction, a mempool, and basically, MEV is large-scale collusion between validators to extract that value from the underlying transaction. Now, if any chain could get rid of MEV, they gladly would. It is a tax on the underlying consumer who's submitting transactions. What you don't want to do... Now, all transactions from LayerZero still get submitted to the mempool. You still have the same surface MEV at the validator level of the destination chain that you would normally, but what you don't have is an additional tax of, "Hey, I'm sitting in the middle. I'm going to reorder all these transactions that should be submitted, and then when I submit them, I'm going to bundle them and I'm going to extract everything on them." There's no additional tax, and I think when you're talking [about] building technology that does this in between, you need to avoid any extra tax that's added. It just is — death.
Berlind: Going back to the property of immutability, one of the things that enterprises have a tough time with is the idea that something can't be upgraded. They've seen this movie before, they've been doing enterprise IT for 30 years. How do you convince them that immutability is actually worthwhile to them?
Pellegrino: Two ways. So one, all three of us founders, our early work was all in IEEE testing and conformance. We were there as standards were being written. We were there as hardware operators were figuring out how to actually conform to standards and in ship product that, again, develop over time. We have taken a very similar model. The core primitive is going to remain the base primitive in the way that it does in TCP/IP in the internet in general, but the validation layer, everything that progresses that is around that, and you can think about this as almost the hardware layer, the stacks that exist on top of the internet. Every library themselves is immutable, but there's a penned-only versions to add more. So, you can always add a new library. Anybody can always upgrade to the new version, but I can never force somebody to change. I can never publish a malicious library and move everybody over. I can never change an existing library, and think about that world where you can change the way that these things operate — all backwards compatibility is broken. You need immutability because on an ongoing basis, if I have the ability to change your application, your enterprise and make it so everything you've built no longer works unless you buy my new product, conform my new thing, whatever, that is an existential risk that you will not bear an enterprise. So, you actually desperately need immutability for the underlying technology. Now, you want a way for your new things to interact with the newest version of the library, but you don't want the old ones to break because I have done something to trash backwards compatibility. And so, that's how we think about it.
Berlind: Sure, but you also mentioned that there are challenges. If you move to a new thing at scale, you have to move... If SushiSwap moved at scale, that's a big challenge.
Pellegrino: So, when you're talking about on-chain Uniswap, et cetera, Uniswap had billions of dollars in V1, they published V2, you have to move everything over. You have tens of billions when V3 launched that they had to move everything over and they have no way to move it. They need to compel people or ask people to move over as you migrate to a new product, and this is the same way with any hardware developers' ever done. You push out a new product, you don't break all of your old ones. You say, "This is better, here's why. Everybody should switch over to this as it makes sense for you." And so, I think it is somewhat painful. Everybody wants everyone to be on the newest thing to be better, but there's too much risk to the users, to the underlying LPs, to the operators and businesses who are building on top that you can't build like that. So I think immutability is very, very, very much a feature, not a bug.
Berlind: One of the things that impressed me about your talk is that all of your code was built from scratch and you pointed something out, which is a very good observation, that a lot of the code in this industry is based on other code. It's all been inherited over and over and over again. A lot of it's open-source code. But, you guys decided, "No, we're not going to take any code from anywhere. We're just going to build it from scratch." Why'd you do that?
Pellegrino: I think it was because what we wanted to build didn't exist. I'm a big believer in open source code in general, if you're building a system and you have a piece of code that's open source, has been hardened and used over time, by all means, you should use some of that code. That's going to make your systems safer and more secure in general. But what we were building didn't exist, and if we were taking pieces of what other people had done, it was going to end up being this amalgamation that didn't do it. We had to build from the ground up. We had to think about the primitives from the ground up, and ultimately our code is laying the path for everybody else who comes after us, and sometimes we were building a new primitive. It's just required to do that, and so for us, everything was from scratch.
Berlind: All right. Well, Bryan Pellegrino, co-founder and CEO of LayerZero, thanks very much for joining us.
Pellegrino: Thanks so much.