Ryan Zarick is the CTO and co-founder of LayerZero, a cross-chain interoperability platform that enables developers to create decentralized applications (dApps) that work seamlessly across multiple blockchains. ^[1]

Education

Zarick graduated from the University of New Hampshire with a BS in Computer Science in 2009 and an MS in Computer Science in 2011. As a student, he worked in the UNH InterOperability Lab as a tester and a graduate research assistant alongside Bryan Pellegrino and Caleb Banister. ^[1]

Career

At UNH, Zarick co-founded Coder Den, a software consulting firm, with Pellegrino and Banister. After graduation, he served as CTO of Buzzdraft, an online fantasy sports website, until March 2013. In January 2018, he co-founded 80Trill, a smart contract writing, testing, and auditing company, where he worked until March 2020. He also co-founded Minimal AI with Pellegrino, and in February 2021, they co-founded LayerZero Labs. ^[1]

Interviews

LayerZero & Stargate

In an interview with White Crypto at TOKEN2049 2023, Zarick discussed his crypto background and LayerZero’s Stargate bridge. The interview opened with Zarick’s background: ^[2]

“My three co-founders, Bryan, Caleb, and I, were college roommates, and we started our first company out of school together. We built and sold that company, and then have been building products and companies together for the past 16 years. Before LayerZero, we were doing AI research with Nome Brown and Facebook AI Research that we had published. It was cutting-edge AI research with performance 5000x over the industry best, done by Google DeepMind and Facebook at the time. We then moved into crypto and wanted to build products there. We played around with early arbitrage opportunities on-chain. When BNB, or BSC (now BNB Chain), came out, it was a viable option to compete with Ethereum. There was a lot of traction, and we thought it would be awesome to make a multi-chain application, so that's what we aimed to do.”

“So I started evaluating all the bridges and messaging layers, but there weren't any messaging layers at the time, just bridges, and realized they were all deeply flawed. They all relied on having a middle chain with some consensus that was staked in some way. If it was staking, you could stake a couple hundred million, but as it gets more popular, you need more money staked, which becomes very capital inefficient. If you're securing billions, you also need billions staked, and if you don't have that, it's just a honeypot. In the same way, you would expect Ethereum to be attacked if a 51% attack was cost-effective, but it's not. It will become very cost-effective for middle chains over time as they gain popularity to be attacked because they will be securing way more than their bonding.”

He then explained how LayerZero and Stargate worked: ^[2]

“One of the other concepts we liked but was really expensive was the Cosmos IBC style, where you're running full node light clients and then validating with transaction proofs. The problem with that is it would cost 50 to 100 million dollars per day per pairwise chain attached to Ethereum, so it really only worked with the Tendermint chain and the Tendermint ecosystem due to cost constraints. That's when we came up with LayerZero, which takes an approach of running what we call an ultra-light node or an ultra-light client, moving block headers on demand, and then validating them on the destination chain. This is how we got to LayerZero, creating that messaging layer, and then we built Stargate on top of that, which is a native asset bridge that is fully composable. Things like Sushi X Swap by SushiSwap, where you can go from any asset to any asset on any chain with a single click, are enabled by Stargate and this composable native asset bridge.”

When asked about LayerZero’s security, Zarick responded: ^[2]

“Security is our number one concern. We spend more money than anybody in the space on audits, with three and a half million dollars this year alone on 25 audits and counting. We continuously get audits on things that are out there, even after release, and we engage as many white-hat auditors as possible to try to attack and break our systems. We have the largest bug bounty in all of crypto, with both LayerZero and Stargate each offering 15 million dollars, totaling 30 million dollars in bug bounties. Additionally, we're getting LayerZero and Stargate formally verified. Security is our highest priority.”

“The base design of LayerZero ensures it is a true protocol, independent of me or LayerZero Labs for its security. I coded and designed it so that even if I wanted to attack LayerZero, I couldn't. There's nothing I or LayerZero Labs can do to affect applications building on top of it because it is a decentralized and permissionless protocol. It is not upgradable, meaning we can't push updates that could potentially break or risk applications building on top of us. This contrasts with many bridge hacks, like the recent Nomad one, where an upgrade failure allowed forged messages, and Wormhole's bug bounty incident, where an upgrade oversight was caught by a white hat. This highlights the fundamental flaw of not prioritizing security and having upgradable systems.”

Panels

Cross-Chain Security

Zarick's presentation on LayerZero's cross-chain security emphasized the necessity of robust cross-chain messaging protocols for blockchain applications. He highlighted the importance of composability among applications across different blockchains, noting that no single chain can meet all application needs. Zarick detailed the risks associated with cross-chain messaging, such as client diversity, smart contract upgradeability, and user application vulnerabilities, and explained how LayerZero mitigates these through immutable contracts and optional library upgrades. He also introduced a security feature called "pre-crime," which allows applications to define invariants that prevent potential hacks during the asynchronous messaging process. ^[3]

Omnichain Security

Zarick presented “Pre-Crime: The Future of Omnichain Security” at the DeFi Security Summit 2022. He focused on two primary risks: protocol upgrade risk and user application risk. He highlighted how smart contract upgrades can reset their security, making systems vulnerable, and emphasized the dangers of bugs in user applications built on messaging infrastructures. To mitigate these risks, LayerZero Labs introduced "Library upgrades," allowing applications to opt-in to new updates at their discretion, and "Pre-Crime," a technology that preemptively simulates and validates transactions on forked chains to prevent exploits. These approaches aim to enhance security and reliability in cross-chain communication. ^[4]

The Multichain Future

“The Multichain Future” panel at TOKEN2049 Singapore 2022 discussed the future of a multi-chain ecosystem, highlighting the importance and challenges of interoperability between different blockchain networks. Key speakers included Zarick from LayerZero Labs, who explained LayerZero's protocol for cross-chain communication, and Hart Lambur from UMA, who introduced their optimistic oracle system. The conversation covered the trade-offs between different chains regarding speed, security, and use cases and the potential evolution toward applications operating across multiple chains. Richard Muirhead from Fabric Ventures emphasized the need for clear use cases and the ongoing uncertainty in predicting which multi-chain configurations will dominate. The panel underscored the early stage of this technology and the importance of developing flexible, user-friendly solutions that can adapt to the emerging blockchain landscape. ^[5]