Golden Finance reported that the cross-chain communication protocol LayerZero was exposed to a critical vulnerability. The vulnerability was discovered by Blockian. User applications can manipulate Oracle and Relayer fees, enabling them to send messages without incurring any costs. The vulnerability mainly revolves around the fee calculation process in the send function of the default LayerZero node UltraLightNodeV2.sol. UA can configure its Oracle and Relaye to return a customized malicious version with zero fees, thereby completely bypassing the fee calculation process. It is reported that after the UA starts the message sending process, it can set its Oracle and Relayer configuration to a customized free version, so the fee calculation of the message is zero. The result of this manipulation is that the user agent is able to send messages without incurring any fees. It is reported that the Layer Zero team has now quickly fixed the error by having the relay check which UA in the transaction called setConfig before blocking the message.
