- The price of the ZRO token surged materially over the last few days.
- Security concerns around the Layer Zero protocol raised concerns.
Layer Zero [ZRO] token has witnessed a significant surge in price over the past week, as the token’s price surged by 52%.
ZRO to the moon?
Regardless of ZRO’s price rise, AMBCrypto’s analysis of Santiment’s data indicated that its Network Growth had declined, indicating that new users were losing interest in the token at the time of writing.
Coupled with that, the Velocity had fallen, which was indicative of the fact that the frequency at which ZRO was trading at, had slowed down.
Source: Santiment
Some challenges for LayerZero
Along with these factors, conversations around security vulnerabilities of the Layer Zero protocol could cast a pall over the ZRO token.
0x52’s inspection of the UXDProtocol under the SherlockDefi program uncovered potential issues with LayerZero.
Specifically, the user claimed that the Layer Zero endpoint contract, responsible for message flow between protocols, lacked restrictions on message size and destination addresses.
This vulnerability creates a potential exploit. A malicious actor could send a message with an excessively large destination address, intentionally causing errors within the contract.
These errors could disrupt communication between different blockchain networks, potentially leading to significant financial losses for affected protocols relying on LayerZero’s functionality.
According to 0x52, this vulnerability could affect many protocols using LayerZero, especially those involving both EVM (Ethereum [ETH] Virtual Machine) chains and non-EVM chains like Solana [SOL], which use different address sizes.
A rebuttal
However, LayerZero Labs wasn’t taking these accusations lying down. Bryan Pellegrino, the co-founder and CEO, stepped forward to address 0x52’s concerns.
He argued that the ability for applications to configure payload limits was a deliberate design choice made with a specific purpose in mind.
Pellegrino explained that imposing a fixed limit on message size could introduce the possibility of censorship, which directly contradicts LayerZero’s core goal of fostering a censorship-resistant system.
Source: X
Pellegrino further clarified the situation by highlighting the vintage of the code referenced by 0x52. He emphasized that it belonged to 2022 and was related to application configuration, not the core protocol itself.
This distinction is crucial, as it implies the vulnerability doesn’t lie within the fundamental workings of LayerZero.
Pellegrino went on to explain that the payload size limit functions as part of an application’s security settings, granting individual applications the power to adjust it according to their specific needs.
After hearing about this response, 0x52 deleted all their previous tweets and agreed with Pellegrino.
Source: X
The Weighted Sentiment around ZRO was negative at press time, however, there was a significant improvement in the overall outlook around the protocol, compared to the last few weeks.
If sentiment continues to improve, it could be reflected in ZRO’s price movement as well. At press time, ZR was trading at $3.89.
Source: Santiment
