SecureOApp
A drop-in replacement for LayerZero's OApp/OFT templates. You can't ship a 1/1 bridge through this SDK.
Why
Kelp DAO lost $292M on April 18, 2026 because they ran a 1/1 DVN configuration — the LayerZero quickstart default. 40% of deployed OApps run the same config. Single-verifier bridges are a known, documented failure mode; developers keep shipping them because nothing refuses the deploy.
SecureOApp does.
Install
npx secure-oapp init my-oapp --profile standard
cd my-oapp && pnpm install
npx secure-oapp validate
npx secure-oapp deploy --network base-sepoliaProfiles
| Profile | Required | ZK DVNs | Operators | Use |
|---|---|---|---|---|
standard | 2/3 | 1 | 2 | Default for any OApp |
paranoid | 3/5 | 2 | 3 | LRTs, stablecoins, high-TVL |
lite | 2/2 | 0 | 2 | Low-value testnets, L2↔L2 |
1/1 | 1 | — | 1 | Not shipped |
What happens if you try to deploy an unsafe config
$ secure-oapp validate
✗ RequiredDVNCountTooLow: requiredDVNCount=1 < min=2.
See post-mortem: Kelp DAO $292M loss
Root cause: Single DVN compromised; 1/1 had no backstop.
✗ ZkDVNCountTooLow: zkDVNs=0 < min=1.
See post-mortem: Multichain / Anyswap $126M
✗ One or more lanes failed validation.Packages
secure-oapp— CLI: init, validate, deploy, quote.@secure-oapp/core— profiles, DVN registry, validator.@secure-oapp/hardhat— Hardhat plugin.@secure-oapp/contracts— Solidity: SecureConfigBase, DVNValidator, DVNRegistry.