A new ecosystem requires the launch of apps, assets, and infrastructure. Along with the launch of LayerZero– the protocol– going live on Aptos, we’re also introducing The Aptos Bridge by LayerZero. With this deployment, users will be able to move USDC, USDT, and ETH into Aptos from Etheruem, Arbitrum, Optimism, Avalanche, Polygon, and BNB Chain.
How to use
The Aptos Bridge is live now and can be found at www.theaptosbridge.com. The easy to use interface will get you into the Aptos ecosystem in only a few clicks, and the bridge will airdrop you APT once you arrive!
Heading into the Aptos ecosystem, you may experience a slightly different flow than you’re used to from most other ecosystems. For example, if you’re interacting with an asset for the very first time on Aptos, the chain requires you to register the asset. Users will then receive prompts to register or claim the asset based on whether or not they’ve interacted with the asset before and if they already have APT in their wallet or not. If you’ve already interacted with the asset before and have APT, then the bridge will work exactly how you’re used to with a seamless, single-click experience.
Risks
Aptos launching as an entirely new ecosystem means that many features users are accustomed to using on other chains are not immediately available; this includes common tooling, libraries, and things like native assets issued by groups like Circle (USDC) and Tether (USDT).
In order to import assets into an ecosystem, new chains rely on wrapped assets to mirror existing assets from other chains. An example of a wrapped asset is WETH or Wrapped Ether; WETH is created when ETH is locked on its home chain (Ethereum) and a synthetic (wrapped) version is created on the new chain.
Wrapped assets have different properties than native assets, primarily in that the asset itself carries some of the risk of the underlying bridge. As native assets are introduced into the ecosystem, LayerZero will hand over control or facilitate the migration of our assets to the native version of the assets. In order to mitigate the potential risks of a newer ecosystem, the bridge will start with some early guardrails that will slowly be lifted as the environment proves to be stable. In addition to enabling Pre-crime for all bridge transactions, we will be enabling an outbound rate-limit ($1m outbound per 24 hours per pathway) and a 3-day transfer period on outbound transactions. Transfers inbound to Aptos will have no rate-limit and no delay on transfers.
Once native assets have entered the ecosystem, the Aptos Bridge will hand over or facilitate migration of the contracts to the native asset issuers at which point native asset bridges such as Stargate will be able to facilitate the seamless transfer of these assets between Aptos and external ecosystems, alleviating the risk of wrapped asset bridges.
New chain, new bug bounty!
On top of our existing $15,000,000 bug bounty for both LayerZero and Stargate on existing chains, today we’re announcing a $2m bug bounty based on our deployments into the Aptos ecosystem. In time this bounty will increase to be in scope for the full $15M of the existing deployments and signal our commitment to the broader security community. LayerZero has paid $4m+ formal audits this year and has additionally awarded almost a million dollars to bug-finding white hats!
The scope of this bounty includes files from both the LayerZero endpoint and the Aptos Bridge. All in-production smart contracts related to the LayerZero endpoint on Aptos or the Aptos Bridge are considered in-scope.
Critical — up to $2m USD
- $2m for ETH side of bridge
- $2m for Aptos side of endpoint
- $500k for Aptos side of bridge
High — up to $100k
Medium — up to $10k
Low — up to $3k
Examples of severity designation:
Critical:
Attacker ability to demonstrate stealing funds from EVM smart contract
Attacker ability to demonstrate arbitrary minting of tokens on Aptos
Attacker ability to forge message to UA from LayerZero Endpoint
High:
Attacker ability to set or modify LayerZero default settings
Medium:
Attacker ability to demonstrate Denial of Service attack on Aptos Bridge
Low:
Everything else
Out of scope:
Attacks that have already been exploited
Attacks that have already been disclosed
Report a bug directly to bounty@layerzerolabs.org.
Build on Aptos with LayerZero
LayerZero is currently launching native Aptos integrations with dozens of teams with many more to come. Select launch partners include Econia, Martian Wallet, Pontem Network, Notifi, Aries Market, and Blocto!
The LayerZero omnichain messaging protocol is already enabling countless use cases for teams connecting their applications to Aptos. Users can bridge assets directly to Aptos and securely transfer USDC, USDT, and ETH (with more to come).
Teams looking to integrate LayerZero to seamlessly connect with Aptos can do so with only a few lines of code and interact directly with our widget or the complete docs. 🛠
