LayerZero has been exposed for using multisignature wallets to trade Meme coins, and its default library contract upgrade mechanism poses risks.

According to Mars Finance, market sources indicate that Bryan Pellegrino, co-founder and CEO of LayerZero Labs, engaged in a heated debate with security researchers in the ETHSecurity Community Telegram group today. The core controversy includes: LayerZero Labs can immediately upgrade a default library contract without time limits to forge messages (similar to the rsETH hack), putting over $3 billion worth of LZ OFT at risk of theft; researcher Banteg pointed out that mainstream projects like Ethena and EtherFi were still using this default library contract weeks ago, and $178 million worth of these funds remain exposed to risk, originating from projects still using this default library. On-chain data shows that LayerZero Labs multisignature signers participated in non-multisignature signing activities such as Meme coin transactions, DEX exchanges, and cross-chain bridging, meaning that multisignature keys in the official environment were connected to websites, increasing the risk of phishing attacks. Regarding the alleged use of production environment keys for transactions by LayerZero multisignature signers, Bryan confirmed that the transactions were completed by members of the multisignature team, but denied that they were "meme coin transactions," explaining that they were "testing PEPE on the LZ OFT token standard," and stated that the members involved have been removed. Bryan also advised projects to "directly use a fixed configuration" instead of using the default configuration to reduce risk. Banteg subsequently flagged a long list of LayerZero users still using the default library contracts, pointing out that these projects should migrate to a fixed configuration as soon as possible.