Bringing our LayerZero DVN back up

A short follow-up to Containing our LayerZero DVN in response to the KelpDAO incident.

When we pulled our DVN on Sunday night, we said we'd bring it back up when we were satisfied it belonged in production. We're satisfied. It's back up, and we'll keep enhancing it.

• Mainnet: mainnet.layerzero.brale.dev
• Testnet: testnet.layerzero.brale.dev

The week in between was not glamorous. We ran a real assessment of the service and worked through a threat model for it: security boundaries, data flows, external entities, the RPC dependency chain, the whole chain. We spoke directly with the team at LayerZero, and drew on the work of outside security researchers to sharpen our read on the specific vulnerability class behind the KelpDAO incident. Where we found loose assumptions, we tightened them. Where we found blind spots, we added monitoring. We iterated more than once, and we'd rather report that than pretend the first pass was right.

A note on what "done" means here: it doesn't. Threat models are living documents. The multi-node configuration, the RPC posture, the deploy pipeline, the detection stack. All of it will keep moving, and we'll keep moving with it. We'll monitor, iterate, improve, and learn. When there's something worth sharing, we'll share it.

Thanks to LayerZero for the time they gave us, to the security community whose work let us pressure-test our assumptions against theirs, and to the Brale team who spent the week turning a hard weekend into a sharper piece of infrastructure.

Questions, corrections, or tips: security@brale.xyz.