Difference between revisions of "Layer2.finance"
m (1 revision imported) |
m (→Basics) |
||
Line 5: | Line 5: | ||
*[[Testnet]] release: | *[[Testnet]] release: | ||
*[[Mainnet]] release: [https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ 22-4-2021] | *[[Mainnet]] release: [https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ 22-4-2021] | ||
*[https://ethhub.substack.com/p/ethhub-weekly-163?token=eyJ1c2VyX2lkIjoxMzk3OTAwLCJwb3N0X2lkIjozNTYyMTExMCwiXyI6InRxYSs5IiwiaWF0IjoxNjIwMDM0MDc3LCJleHAiOjE2MjAwMzc2NzcsImlzcyI6InB1Yi0zOTEwIiwic3ViIjoicG9zdC1yZWFjdGlvbiJ9.jRI7RA7MobjVCZyDnhUt-X0mpAKyguG3xZ53 From] [[EthHub]] (27-4-2021): | |||
* [https://ethhub.substack.com/p/ethhub-weekly-163?token=eyJ1c2VyX2lkIjoxMzk3OTAwLCJwb3N0X2lkIjozNTYyMTExMCwiXyI6InRxYSs5IiwiaWF0IjoxNjIwMDM0MDc3LCJleHAiOjE2MjAwMzc2NzcsImlzcyI6InB1Yi0zOTEwIiwic3ViIjoicG9zdC1yZWFjdGlvbiJ9.jRI7RA7MobjVCZyDnhUt-X0mpAKyguG3xZ53 From] [[EthHub]] (27-4-2021): | |||
''"Layer2.finance is a novel solution that allows people to access all existing [[DeFi]] protocols at a fraction of the cost by acting like a “DeFi Public Transportation System”."'' | ''"Layer2.finance is a novel solution that allows people to access all existing [[DeFi]] protocols at a fraction of the cost by acting like a “DeFi Public Transportation System”."'' | ||
==History== | ==History== | ||
==Audits & Exploits== | |||
*[[Bug bounty]] program can be found [insert here]. | |||
*[https://l2beat.com/scaling/projects/layer2finance/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance deployment: | |||
''"Funds can be stolen if'' | |||
# ''there is no one that checks the published state. Fraud proofs assume at least one honest and able [[validator]],'' | |||
# ''the operator does not include user's [[Layer Two|L2]] withdrawal transactions (CRITICAL),'' | |||
# ''the owner calls owner-only functions that pause the [[Smart Contract (SC)|contract]] and drain funds (CRITICAL).'' | |||
''Funds can be frozen if'' | |||
# ''the problematic fraud proof mechanism is exploited (CRITICAL),'' | |||
# ''the sequencer halts its operations (CRITICAL).'' | |||
''Users can be censored if'' | |||
# ''the sequencer refuses to include their [[Transaction (Tx)|transactions]] (CRITICAL).'' | |||
''[[Maximal Extractable Value (MEV)|MEV]] can be extracted if'' | |||
# ''the operator exploits their [[centralized]] position and [[Frontrunners|frontruns]] user transactions."'' | |||
*[https://l2beat.com/scaling/projects/layer2financezk/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance-zk deployment: | |||
''"Funds can be stolen if'' | |||
# ''a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).'' | |||
''Funds can be lost if'' | |||
# ''the external data becomes unavailable (CRITICAL),'' | |||
# ''the proof system is implemented incorrectly.'' | |||
''Users can be censored if'' | |||
# ''the committee restricts their access to the external data,'' | |||
# ''the operator refuses to include their transactions. They can still exit the system.'' | |||
''MEV can be extracted if'' | |||
# ''the operator exploits their [[centralized]] position and frontruns user transactions."'' | |||
===Bugs/Exploits=== | |||
==Governance== | |||
===Admin Keys=== | |||
*[https://l2beat.com/scaling/projects/layer2finance/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance deployment: | |||
''"The system [https://github.com/celer-network/layer2-finance-contracts/blob/61ed0f17a15e8ba06778776ade1a82956a9de842/contracts/RollupChain.sol#L191 has] a [[centralized]] operator. The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system. If the users find themselves censored they can do nothing to force the inclusion of their transactions."'' | |||
*[https://l2beat.com/scaling/projects/layer2financezk/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance-zk deployment: | |||
''"The system has a [[centralized]] operator. The operator is the only entity that can propose [[Block|blocks]]. A live and trustworthy operator is vital to the health of the system. Typically, the Operator is the [[Hot Wallet|hot wallet]] of the [[StarkWare (StarkNet - STARK)|StarkEx]] service submitting state updates for which proofs have been already submitted and verified. Force exit allows the users to escape censorship by withdrawing their funds. The system allows users to force the withdrawal of funds by submitting a request directly to the [[Smart Contract (SC)|contract]] on-chain. The request must be served within a defined time period. If this does not happen, the system will halt regular operation and permit [[trustless]] withdrawal of funds. If enough time passes and the forced exit is still ignored the user can put the system into a frozen state, disallowing further state updates. In that case everybody can withdraw by submitting a merkle proof of their funds with their [[Layer One|L1]] [[Transaction (Tx)|transaction]].'' | |||
''The system uses the following set of [[permissioned]] [[Address|addresses]]:'' | |||
# ''Governor 0x1E15…735e (EOA)'' ''Can upgrade implementation of the system, potentially gaining access to all funds stored in the [[bridge]]. Currently there is no delay before the upgrade, so the users will not have time to migrate.'' | |||
# ''Data Availability Committee'' ''There exists a Data Availability Committee with unknown members and an unverified smart contract.'' | |||
# ''SHARP Verifier Governor 0x3DE5…F5C6 (EOA)'' ''Can upgrade implementation of SHARP Verifier, potentially with code approving fraudulent state. Currently there is no delay before the upgrade, so the users will not have time to migrate.'' | |||
# ''Broker Owner 0xe0b7…5988 (EOA)'' ''Most Broker functionality is restricted only for the owner, it includes managing rides, setting prices or slippages, burning shares.'' | |||
# ''Operator 0x85A7…1EA5 (EOA)'' ''Allowed to update state of the system. When Operator is down the state cannot be updated."'' | |||
===DAO=== | |||
===Treasury=== | |||
==Token== | ==Token== | ||
===Launch=== | ===Launch=== | ||
Line 26: | Line 87: | ||
*Built on: [[Ethereum (ETH)|Ethereum]], [[Celer (CELR)|Celer]] ([https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ 22-4-2021]) | *Built on: [[Ethereum (ETH)|Ethereum]], [[Celer (CELR)|Celer]] ([https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ 22-4-2021]) | ||
*Has the regular Layer2.finance deployment and Celer’s Layer2.finance in ZK Proofs Mode Built with StarkEx from [[StarkWare (StarkNet - STARK)|StarkWare]]. | |||
===How it works=== | ===How it works=== | ||
* From the Celer [https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ blog] (22-4-2021): | *[https://l2beat.com/scaling/projects/layer2finance/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance deployment: | ||
''"Fraud proofs ensure state correctness. After some period of time, the published [[state]] root is assumed to be correct. For a certain time period, usually one week anyone can submit a fraud proof that shows that the state was incorrect. Unfortunately in case of Layer2.Finance only some fraud proofs revert [[Block|blocks]] and every successful fraud proof pauses the contract requiring the owner to unpause. All the data that is used to construct the system state is published [[On Chain|on chain]] in the form of cheap calldata. This ensures that it will always be available when needed."'' | |||
*[https://l2beat.com/scaling/projects/layer2financezk/ From] [[L2beat]] (31-10-2022) regarding the Layer2.Finance-zk deployment: | |||
''"Each update to the system state must be accompanied by a ZK Proof that ensures that the new state was derived by correctly applying a series of valid user [[Transaction (Tx)|transactions]] to the previous state. Once the proof is processed on the [[Ethereum (ETH)|Ethereum]] blockchain the [[Layer Two|L2]] block is instantly [[Finality|finalized]]. The system state is represented using [[Merkle Root|Merkle]] roots. The balances of the users are not published on-chain, but rather sent to several well known and trusted parties, also known as committee members. A state update is valid and accepted on-chain only if at least a quorum of the committee members sign a state update."'' | |||
*From the Celer [https://blog.celer.network/2021/04/22/the-layer2-finance-v0-1-mainnet-launches-democratize-defi-simple-and-zero-fees/ blog] (22-4-2021): | |||
''"With Celer’s advanced layer-2 [[Rollups|rollup]] technology, multiple people split the cost of individual layer1DeFi transactions in a completely trust-free and [[non-custodial]] way. Enabled by a unified strategy abstraction, Layer2.finance’s community-built and community-hosted “turn-key” UI provides a simple one-stop-shop experience for users to navigate the increasingly complex DeFi landscape."'' | ''"With Celer’s advanced layer-2 [[Rollups|rollup]] technology, multiple people split the cost of individual layer1DeFi transactions in a completely trust-free and [[non-custodial]] way. Enabled by a unified strategy abstraction, Layer2.finance’s community-built and community-hosted “turn-key” UI provides a simple one-stop-shop experience for users to navigate the increasingly complex DeFi landscape."'' | ||
=== | ===Fees=== | ||
===Upgrades=== | |||
===Staking=== | ===Staking=== | ||
====Validator Stats==== | ====Validator Stats==== | ||
Line 40: | Line 111: | ||
===Interoperability=== | ===Interoperability=== | ||
===Other Details=== | ===Other Details=== | ||
==Oracle Method== | ==Oracle Method== | ||
==Their Other Projects== | ==Their Other Projects== | ||
==Roadmap== | ==Roadmap== | ||
*Can be found [Insert link here]. | *Can be found [Insert link here]. | ||
==Usage== | ==Usage== | ||
===Projects that use or built on it=== | ===Projects that use or built on it=== | ||
Line 64: | Line 122: | ||
===Pros=== | ===Pros=== | ||
===Cons=== | ===Cons=== | ||
==Team, Funding, | |||
* The system [https://github.com/celer-network/layer2-finance-contracts/blob/61ed0f17a15e8ba06778776ade1a82956a9de842/contracts/RollupChain.sol#L191 has] a [[centralized]] operator (31-10-2022). | |||
==Team, Funding, Partners== | |||
===Team=== | ===Team=== | ||
Line 79: | Line 140: | ||
[[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31 | [[ETH]] tip [[address]]: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31 | ||
[[Category:Companies/Organisations]] | [[Category:Companies/Organisations]] |
Revision as of 13:23, 31 October 2022
Basics
- Based in:
- Started in / Announced on:
- Testnet release:
- Mainnet release: 22-4-2021
- From EthHub (27-4-2021):
"Layer2.finance is a novel solution that allows people to access all existing DeFi protocols at a fraction of the cost by acting like a “DeFi Public Transportation System”."
History
Audits & Exploits
- Bug bounty program can be found [insert here].
- From L2beat (31-10-2022) regarding the Layer2.Finance deployment:
"Funds can be stolen if
- there is no one that checks the published state. Fraud proofs assume at least one honest and able validator,
- the operator does not include user's L2 withdrawal transactions (CRITICAL),
- the owner calls owner-only functions that pause the contract and drain funds (CRITICAL).
Funds can be frozen if
- the problematic fraud proof mechanism is exploited (CRITICAL),
- the sequencer halts its operations (CRITICAL).
Users can be censored if
- the sequencer refuses to include their transactions (CRITICAL).
MEV can be extracted if
- the operator exploits their centralized position and frontruns user transactions."
"Funds can be stolen if
- a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).
Funds can be lost if
- the external data becomes unavailable (CRITICAL),
- the proof system is implemented incorrectly.
Users can be censored if
- the committee restricts their access to the external data,
- the operator refuses to include their transactions. They can still exit the system.
MEV can be extracted if
- the operator exploits their centralized position and frontruns user transactions."
Bugs/Exploits
Governance
Admin Keys
"The system has a centralized operator. The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system. If the users find themselves censored they can do nothing to force the inclusion of their transactions."
"The system has a centralized operator. The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system. Typically, the Operator is the hot wallet of the StarkEx service submitting state updates for which proofs have been already submitted and verified. Force exit allows the users to escape censorship by withdrawing their funds. The system allows users to force the withdrawal of funds by submitting a request directly to the contract on-chain. The request must be served within a defined time period. If this does not happen, the system will halt regular operation and permit trustless withdrawal of funds. If enough time passes and the forced exit is still ignored the user can put the system into a frozen state, disallowing further state updates. In that case everybody can withdraw by submitting a merkle proof of their funds with their L1 transaction.
The system uses the following set of permissioned addresses:
- Governor 0x1E15…735e (EOA) Can upgrade implementation of the system, potentially gaining access to all funds stored in the bridge. Currently there is no delay before the upgrade, so the users will not have time to migrate.
- Data Availability Committee There exists a Data Availability Committee with unknown members and an unverified smart contract.
- SHARP Verifier Governor 0x3DE5…F5C6 (EOA) Can upgrade implementation of SHARP Verifier, potentially with code approving fraudulent state. Currently there is no delay before the upgrade, so the users will not have time to migrate.
- Broker Owner 0xe0b7…5988 (EOA) Most Broker functionality is restricted only for the owner, it includes managing rides, setting prices or slippages, burning shares.
- Operator 0x85A7…1EA5 (EOA) Allowed to update state of the system. When Operator is down the state cannot be updated."
DAO
Treasury
Token
Launch
Token Allocation
Utility
Other Details
Stablecoin
Coin Distribution
Technology
- Whitepaper can be found [insert here].
- Code can be viewed [insert here].
Implementations
- Built on: Ethereum, Celer (22-4-2021)
- Has the regular Layer2.finance deployment and Celer’s Layer2.finance in ZK Proofs Mode Built with StarkEx from StarkWare.
How it works
"Fraud proofs ensure state correctness. After some period of time, the published state root is assumed to be correct. For a certain time period, usually one week anyone can submit a fraud proof that shows that the state was incorrect. Unfortunately in case of Layer2.Finance only some fraud proofs revert blocks and every successful fraud proof pauses the contract requiring the owner to unpause. All the data that is used to construct the system state is published on chain in the form of cheap calldata. This ensures that it will always be available when needed."
"Each update to the system state must be accompanied by a ZK Proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. Once the proof is processed on the Ethereum blockchain the L2 block is instantly finalized. The system state is represented using Merkle roots. The balances of the users are not published on-chain, but rather sent to several well known and trusted parties, also known as committee members. A state update is valid and accepted on-chain only if at least a quorum of the committee members sign a state update."
- From the Celer blog (22-4-2021):
"With Celer’s advanced layer-2 rollup technology, multiple people split the cost of individual layer1DeFi transactions in a completely trust-free and non-custodial way. Enabled by a unified strategy abstraction, Layer2.finance’s community-built and community-hosted “turn-key” UI provides a simple one-stop-shop experience for users to navigate the increasingly complex DeFi landscape."
Fees
Upgrades
Staking
Validator Stats
Liquidity Mining
Scaling
Interoperability
Other Details
Oracle Method
Their Other Projects
Roadmap
- Can be found [Insert link here].
Usage
Projects that use or built on it
Competition
Pros and Cons
Pros
Cons
- The system has a centralized operator (31-10-2022).
Team, Funding, Partners
Team
- Full team can be found [here].
Funding
Partners
(:
Knowledge empowers all and will help us get closer to the decentralised world we all want to live in!
Making these free wiki pages is fun but takes a lot of effort and time.
If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.