A deep dive into building (and thinking like an auditor about) omnichain ERC-4626 vaults using LayerZero V2.
Introduction
Building omnichain applications introduces a new category of engineering challenges. Unlike traditional single-chain systems, omnichain protocols must coordinate state across multiple independent blockchains, each with its own consensus rules, transaction ordering, and failure conditions.
This makes omnichain development fundamentally a distributed systems problem.
To better understand these challenges, I built a research implementation called YieldZero, an omnichain vault architecture built using the messaging primitives provided by LayerZero.
The goal of this project was not simply to build a DeFi vault, but to explore protocol-level design patterns for omnichain applications, including:
- cross-chain message ordering
- distributed state synchronization
- failure isolation across chains
- horizontal composability
LayerZero Messaging Architecture
LayerZero enables cross-chain communication through a modular architecture composed of several components.
Endpoint
The Endpoint contract is the core interface between applications and the LayerZero protocol. It is responsible for:
- nonce tracking
- packet storage
- message verification coordination
- compose message storage
Each supported chain has its own endpoint.
SendLib / ReceiveLib
The messaging libraries handle packet encoding and decoding during transmission between chains.
DVNs (Decentralized Verifier Networks)
DVNs verify that cross-chain messages are valid.
LayerZero uses a configurable X-of-Y-of-N verification model, allowing applications to define their own trust assumptions for message verification.
Executor
Once a message is verified, an Executor delivers it to the destination application contract and triggers execution.
An important property of the system is:
Verification ≠ Execution
A message may be verified but still fail during execution due to gas limits or application-level logic.
YieldZero System Design
YieldZero implements a Hub–Spoke architecture, a common coordination pattern for omnichain systems.
The following diagram provides a high-level overview of the YieldZero omnichain architecture.
Figure 1-YieldZero Hub–Spoke Omnichain Architecture built on LayerZero V2.
Hub
The hub acts as the central coordination point responsible for:
- orchestrating cross-chain operations
- maintaining global vault accounting
- coordinating state synchronization between chains
Vault (ERC-4626)
YieldZero vaults follow the ERC-4626 standard, enabling standardized deposit, redeem, and share accounting logic.
Each chain maintains its own vault instance while synchronizing state across the network.
Composer
The Composer contract implements the horizontal composability pattern, enabling multi-step omnichain workflows using lzCompose.
Messager
The Messager module abstracts interactions with the LayerZero endpoint, handling:
- message sending
- packet construction
- endpoint communication
Strategy
Strategies deploy vault assets into yield-generating protocols.
Strategies may operate:
- locally on a chain
- or across chains depending on design requirements
Reader
The Reader module exposes read-only state queries so external systems can inspect:
- vault balances
- cross-chain state
- strategy performance
Cross-Chain Deposit Flow
The cross-chain deposit lifecycle works as follows:
-
Deposit initiation
A user deposits assets into the vault on their local chain. -
Share minting
The vault mints shares representing the user’s claim on vault assets. -
Message composition
A cross-chain message is constructed to coordinate with the hub. -
OFT transfer
Tokens are transferred cross-chain using the OFT standard. -
Strategy deployment
Assets are deployed into yield strategies. -
State synchronization
Vault accounting is synchronized across chains.
Cross-Chain Redeem Flow
Redeeming shares follows the reverse process.
- User initiates redeem on any chain
- Shares are burned
- A cross-chain message is composed
- Assets are retrieved from strategies
- Tokens are transferred back to the user’s chain
- Final vault accounting is updated
Horizontal Composability
LayerZero applications often rely on horizontal composability, a pattern where execution occurs in multiple transactions.
The following sequence diagram illustrates how cross-chain messages are verified and executed using LayerZero’s horizontal composability model.
Figure 2- Cross-chain message lifecycle using LayerZero horizontal composability.
Typical flow:
source chain sends message
↓
destination contract executes _lzReceive()
↓
contract schedules follow-up execution via sendCompose()
↓
executor later calls lzCompose()
This creates two independent transactions.
Transaction 1:
Executor → _lzReceive()
endpoint.sendCompose()
Transaction 2:
Executor → endpoint.lzCompose()
Composer.lzCompose()
This design provides failure isolation.
If the second step fails, the first transaction remains successful, preventing cross-chain deadlocks.
Example receive handler structure:
function _lzReceive( Origin calldata _origin, bytes32 _guid, bytes calldata _payload, address _executor, bytes calldata _extraData) internal override {
MessageType msgType = _getMessageType(_payload);
if (msgType == MessageType.STATE_SYNC) { (, uint256 tvl, uint256 totalSupply, uint256 yieldAccumulated) = abi.decode(_payload, (MessageType, uint256, uint256, uint256));
_handleStateSync(tvl, totalSupply, yieldAccumulated); }
endpoint.sendCompose( composerAddress, _guid, 0, abi.encode(msgType) );}Note: In production, this pattern should also include strict validation of the composer address and payload to prevent malicious composition attacks.
Message Ordering Strategy
By default, LayerZero does not enforce ordered execution.
- messages verified → may execute out of order
Ordered delivery requires:
- overriding
_acceptNonce - enabling ordered execution options
YieldZero uses unordered messaging for most operations but enforces ordering for state-sensitive vault accounting messages.
OFT Token Mechanics
The Omnichain Fungible Token (OFT) standard enables cross-chain token transfers.
Key mechanisms include:
sharedDecimals
Tokens on different chains may use different decimals.
OFT normalizes them using sharedDecimals.
Example:
- Ethereum token: 18 decimals
- Destination chain: 6 decimals
- sharedDecimals = 6
Any excess precision becomes dust and is refunded to the sender.
_debit and _credit
Token movement occurs through hooks:
- _debit → burn or lock tokens
- _credit → mint or unlock tokens
These functions ensure cross-chain supply consistency.
setPeer
OFT contracts must explicitly trust peers on other chains.
setPeer(chainId, peerAddress)Without this configuration, cross-chain transfers will fail.
Role Model: Owner vs Delegate
LayerZero introduces a separation of responsibilities.
Owner
- sets trusted peers
- configures enforced messaging options
- manages upgrades
Delegate
- configures messaging libraries
- configures DVN and executor settings
- manages endpoint channel configuration
Separating these roles improves operational security.
Security Considerations
Omnichain systems introduce unique risks that go far beyond single-chain DeFi. While building YieldZero I constantly asked: “How could this break in production?”
Key considerations include:
- Replay protection via nonces and GUIDs
- Rate limiting and message throttling to prevent griefing
- Pause mechanisms and emergency shutdown capabilities
- Asset custody and failure isolation across chains
- Secure delegate vs owner role separation
- Correct OFT peer configuration (
setPeer) - missing this is a common critical issue - DVN configuration — real-world incidents have shown that single-DVN (1-of-1) setups create single points of failure (see recent LayerZero-based bridge exploits)
These risks are exactly why I treat every omnichain design as an audit target from day one.
Testing Strategy
Testing omnichain systems requires more complexity than single-chain applications.
Unit Testing
Component-level testing with mocked dependencies.
Fuzz Testing
Property-based tests exploring unexpected inputs.
Stateful Invariants
Ensuring cross-chain accounting consistency across operations.
Cross-Chain Simulation
End-to-end tests simulating network delays and failures.
Engineering Lessons
Building YieldZero revealed several key insights.
- Omnichain development is fundamentally a distributed systems problem.
- Message ordering and nonce management are critical for consistency.
- Failure isolation is necessary for reliable cross-chain execution.
- Testing omnichain systems requires significantly more infrastructure.
- Cross-chain latency impacts application design.
- Horizontal composability is essential for complex omnichain workflows.
Conclusion
LayerZero provides powerful primitives for omnichain development, but building reliable systems requires careful architectural design.
YieldZero demonstrates how a Hub–Spoke coordination model, combined with horizontal composability and careful message ordering, can enable robust omnichain vault systems.
Understanding these patterns is essential — not just for building, but for auditing and securing the next generation of cross-chain infrastructure.