Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
#LayerZeroCEOAdmitsProtocolFlaws
#LayerZeroSecurityCrisis 🚨 | $292M Hack Exposes a DeFi Weak Point
The cross-chain narrative just took a serious hit.
April–May 2026 revealed something deeper than a single exploit — it exposed a structural weakness in how DeFi handles security.
🔴 1. CEO Warning: “This Should Never Have Been Public”
LayerZero CEO Bryan Pellegrino flagged a critical issue in Across Protocol’s token contract:
A sensitive function was left public
Contract owner could drain any wallet
Unlimited minting rights existed in both Across & UMA contracts
This isn’t just a bug — it’s a design-level failure.
👉 Suggested fix:
Move ownership to immutable contracts
Remove mint/burn privileges permanently
Because once exploited, there’s no recovery path
---
💥 2. $292M KelpDAO Hack — Who’s Responsible?
Around April 20:
116,500 rsETH drained (~$292M)
Lazarus Group suspected
LayerZero response:
> “Not our protocol — KelpDAO used a 1-of-1 DVN.”
Translation:
They relied on a single validator system — a massive risk.
But the community pushed back hard: 👉 “If your infrastructure enables weak defaults, you share responsibility.”
---
⚠️ 3. The Real Problem: DVN Architecture
LayerZero promotes “modular security”
→ Apps choose their own validators (DVNs)
But here’s the issue:
Many projects don’t fully understand the risk
Default setups often lean toward centralization (1-of-1 DVN)
Attackers can poison RPCs & approve fake cross-chain messages
📊 Current Risk:
~47% of OApps still use 1-of-1 DVN
Over $4.5B in TVL exposed
---
📉 Market Reaction
ZRO token dropped ~20% post-hack
Short-term bounce ≠ trend reversal
Confidence in cross-chain security is shaken
---
🧠 Bigger Picture
This is not just LayerZero.
This is DeFi’s bridge security problem resurfacing.
From:
Ronin
Poly Network
Nomad
To now:
LayerZero ecosystem
Same pattern. Different cycle.
---
⚡ Final Take
LayerZero says:
👉 “Apps choose their own security”
But reality says:
👉 Bad defaults = systemic risk
Security in DeFi is no longer optional or modular.
It must be standardized, audited, and enforced at the protocol level.
Because in cross-chain…
One weak link doesn’t just break a project — it threatens the entire ecosystem.