LayerZero Multisig Keys Used for Memecoin Trading While Securing Billions

A security row has broken out inside the ETH security community over LayerZero Labs. Production multisig keys used to secure billions in user funds were also being used to trade memecoins and interact with third-party websites, according to onchain data surfaced by multiple researchers.

The disclosure came out of a heated debate in the ETHSecurity Community Telegram. Security researcher CatfishFishy flagged on X that LayerZero’s default library contract had no timelock and could be upgraded instantly by LayerZero Labs to forge messages, similar to the mechanism behind the rsETH hack.

$3 Billion at Risk From a Default Config

According to CatfishFishy on X, more than $3 billion in LayerZero OFT value was sitting with the vulnerable default library configuration at the time the Kelp exploit happened. Banteg, a known security researcher, confirmed that major protocols including Ethena and EtherFi were still running the risky default config just weeks before the debate surfaced publicly.

Banteg updated the full tally after the debate. Executable default routes dropped from 3,841 to 887. Exposure fell from $3.1 billion to $178 million after the Kelp exploit. Still, 554 receiver and token items retained executable default receive-library routes across 867 source routes, with $178,541,971.24 in market-priced surface still exposed, banteg confirmed in the Telegram thread.

James Prestwich, a security researcher, put it plainly in the same chat: “LZ Labs can forge messages. According to banteg there’s $175mm under their control. Brian does not want to admit he’s responsible for that, or for Kelp. Go check the chain.”

Memecoin Trades on the Same Keys

Then came the receipts. James, in the ETHSecurity Telegram, shared onchain evidence showing LayerZero multisig signers were using production keys for memecoin trading, DEX swaps, and bridging through platforms like Hop. That activity connected those keys to random websites, creating real phishing exposure.

ChainLinkGod noted on X that one of the multisig signer wallets was used to swap ETH for a token called “McPepes (PEPES)” on Uniswap. ChainLinkGod said on X: “An absolute failure of even the most basic opsec and key isolation best practices, putting any user who used LayerZero’s default config at risk of a supply chain attack.”

LayerZero Labs uses a 2-of-5 Gnosis Safe multisig with no timelock. Three of the five signer addresses were connected to memecoin activity, DEX usage, and bridging, James flagged. Only two keys are needed to compromise everything. The three wallets identified include addresses tied to PEPES memecoin trades and Hop usage, $12M held in Stargate staking, and LP provisioning across Curve, PancakeSwap, and SpookySwap.

Bryan from LayerZero Labs pushed back. He said the transactions were testing PEPE’s OFT integration during a migration. ChainLinkGod rejected that framing on X, noting that PEPE had not even been deployed yet when the multisig signer was trading “McPepes,” and that swapping ETH for a memecoin on Uniswap has nothing to do with testing an OFT integration.

James disputed Bryan’s explanation in the Telegram thread, calling it double talk and saying Bryan was lying about what the transactions were for.

LayerZero Bryan Admits Defaults Were Not Built for Security

Bryan’s own words complicated the defense. In the Telegram, Bryan acknowledged that LayerZero defaults are “made for teams who are not prioritizing security.” Prestwich responded that the default app configuration lets LZ Labs forge messages and that apps must update after deployment.

Primo, identified as a LayerZero team member, stepped in. He said both flagged signers had been rotated off. Primo also said the Stargate usage was internal operations and that the memecoin activity was testing PEPE’s OFT integration during a migration. He added that pinning config directly, rather than using defaults, removes any reliance on LayerZero Labs entirely.

“If you DO manually set them, you have absolutely 0 reliance on LayerZero Labs and there is absolutely nothing LZ can do to impact your application,” Primo said in the Telegram.

Banteg confirmed exposure had improved but said projects like Ethena and EtherFi only pinned their configs a couple of weeks ago. “I think this was just too obscure,” banteg said in the Telegram. Prestwich called that response incredible.

James Prestwich told Primo directly: “Saying your customers don’t care about security while you have a backdoor to their OApps is kinda incredible.”

Primo said LayerZero was going project by project to make sure everything pins directly.