Announcements

Ongoing Security Updates 7/10

By LayerZeroJul 10, 20262 min read

Ongoing Security Updates, 7/10/26

This blog is a follow-up to the information we shared last month about our ongoing security hardening: 

  • Updating pathway defaults on Endpoint v1 and v2
  • Relayer deprecation

Updating Pathway Defaults on Endpoint v2

We have successfully completed the scheduled update to default DVN configurations for Endpoint v2 pathways that required updating to a minimum 3-of-3 configuration. This shift to more DVNs reflects a further hardened security posture; we recommend that all teams refer to the integration checklist to configure their DVNs beyond these defaults. Following this update, a remaining ~0.5% of pathways still require a similar update and are being actively addressed as part of our ongoing hardening efforts.

Updating Pathway Defaults on Endpoint v1

To ensure that both Endpoint v2 and Endpoint v1 meet the same security standards, we are also updating the Endpoint v1 default library to ULNv301 from ULNv2 (which only supports a 2-of-2 configuration).

This update was scheduled to take place at the same time as the updates to Endpoint v2. However, to ensure that applications using Endpoint v1 have ample time to prepare, we have rescheduled this update to take place on August 4th. This migration only affects applications using Endpoint v1 with default settings. Teams with pinned libraries will not be affected.

Relayer Deprecation

We are similarly rescheduling the deprecation of the Relayer that services LayerZero v1 (ULNv2) that was originally scheduled to take place Monday, August 3rd. We’ll communicate a revised date for this deprecation once pathway defaults on Endpoint v1 have been updated.

Connect to our team

Start building