UA Configuration Lock
UA's can lock their LayerZero App configurations for full control of config changes.
For UAs that want to fully control their config changes & security settings, the below sections describe how to do so.
Locking UA configuration guarantees that only UA owners can change their LZ app configs; UAs that opt-in to LayerZero defaults accept LayerZero's future changes to default configurations (i.e. best practice changes to block confirmations & proof libraries etc.)
There are 8 settings to fully lock your UA configuration
- 2 settings on the Endpoint
- Send Version
- Receive Version
- 6 settings on each pathway
- Inbound Proof Library
- Inbound Block Confirmations
- Relayer
- Outbound Proof Type
- Outbound Block Confirmations
- Oracle
Steps for locking UA Configuration
- Set the send version and receive version of your UA on the LayerZero Endpoint. This locks you to a core library version, currently UltraLigntNodeV2. In the event new libraries are implemented, only UA owners can upgrade their core library version.
- Per pathway, UAs can configure up to all 6 settings and can lock each of these settings individually. For example, if a UA wants a specific Oracle but prefers the defaults for the other 5 settings, the UA only needs to set its configuration for the Oracle. UAs preferring to lock all 6 settings can easily do so. Once locked, only UA owners can make future configuration changes.
We provide an interface for UA contracts to set their ILayerZeroUserApplicationConfig. We also provide code snippets here.
Note: To lock any of the 6 settings for each pathway, you MUST first lock send & receive versions to a core library.
A quick actionable guide here to help you lock your UA configuration.