1. Summary
With Morpho now deployed on Arbitrum, we need to make the Morpho token available on this chain. To achieve this, we propose the following:
- Use LayerZero as the cross-chain messaging infrastructure;
- Use a lock/release pattern on Ethereum (L1) and a mint/burn pattern on Arbitrum;
- Use an upgradable ERC20 Morpho token;
- Assign management roles (admin for ERC20 upgrades, ability to grant mint & burn permissions, adapter configuration) to the Morpho DAO. Note: Mint & burn permissions will be granted to the MintAndBurnAdapter
This proposal represents the first operational step in a broader multichain vision for Morpho token bridging, one that may eventually standardize LayerZero as Morpho’s cross-chain bridge infrastructure.
As this proposal is focused exclusively on Arbitrum, it avoids any changes to the current Morpho token deployments on Ethereum, Katana, or Base.
2. Motivation
With the Morpho token needing to be bridged to Arbitrum in the short term (objective of this proposal), and with plans to expand to other EVM chains in the mid term, and ultimately enable seamless circulation across all EVMs in the long term, we identified the need for a sustainable and extensible bridging architecture.
2.1 Risks
To guide our long-term bridging strategy, we evaluated the following key risks:
- Security: Reducing the probability of failures and isolating them when they occur, so that a compromised chain or bridge does not impact others.
- Liquidity Chaos: Preventing shortages of escrowed liquidity when too many Lock & Mint bridges co-exist on a chain.
- Bridging User Experience: Providing a unified and intuitive DApp and underlying technology, for users bridging tokens. When users utilize this standardized path, they avoid creating additional instances of the Morpho token through other platforms, which would fragment liquidity and create a confusing user experience.
- Ease of Deployment: Streamlining the process for deploying Morpho on future chains.
2.2 Considered Long-Term Strategies
We explored four bridging strategies, each evaluated against the above risks:
- Strategy 1: Use L2s’ canonical bridges from L1 and Burn & Mint across L2s
- Security: Strong; canonical bridges are audited and broadly trusted.
- Liquidity Chaos: Poor; each canonical bridge holds its own escrow.
- Bridging User Experience: Poor; no unified UX or routing.
- Deployment Ease: Low; high operational cost as each L2 integration is bespoke.
- Strategy 2: Mint & Burn everywhere using a single bridge technology/provider
- Security: Moderate; central reliance on single bridge technology/provider
- Liquidity Chaos: Excellent; no escrows required.
- Bridging User Experience: Excellent; single bridge interface.
- Deployment Ease: High; repeatable deployment pattern.
- Strategy 3: Lock on L1, Mint & Burn elsewhere
- Security: Moderate; central reliance on single bridge technology/provider.
- Liquidity Chaos: Good; single L1 escrow minimizes risk.
- Bridging User Experience: Good; clearly defined path.
- Deployment Ease: High; the single bridge technology/provider adapters standardize integration.
- Strategy 4: Use canonical bridges per L2 + intent-based bridging between them.
- Security: Moderate; many moving parts with different guarantees.
- Liquidity Chaos: Poor; fragmented escrows cause liquidity uncertainty.
- Bridging User Experience: Complex; requires router logic and coordination.
- Deployment Ease: Low; high operational cost as each L2 integration is bespoke.
2.3 Short-Term Strategy
As said in the Summary, we propose as a Short-Term Strategy:
- Use LayerZero as the cross-chain messaging infrastructure;
- Use a lock/release pattern on Ethereum (L1) and a mint/burn pattern on Arbitrum;
- Use
- an upgradable ERC20 Morpho token on Arbitrum
- along with a MintAndBurnAdapter on L2, for mint & burn, with a rate limiting feature, compatible with LayerZero;
- A standard Adapter on L1 for lock & release, with a rate limiting feature, compatible with LayerZero;
- Assign all roles (admin for ERC20 upgrades, ability to grant mint & burn permissions, adapter config) to the Morpho DAO.
Why LayerZero?
LayerZero offers a robust, modular, production-ready bridging framework with fast finality and is one of the most widely adopted cross-chain token solutions. Since launching in 2022:
- It has been implemented in over 120 projects (including USDT, BTC.b, USDe, weETH, MIM, CAKE, and more).
- It has secured $44 billion in token value across major DeFi protocols.
- It has processed millions of cross-chain messages without any known exploits.
LayerZero allows anyone to run DVNs, the key off-chain actors who participate in message multisig.
We identified these off-chain actors as a potential risk since they could collude to misbehave. Nevertheless, we accept this risk and can mitigate it by:
- using only well-known DVN actors (see 3.3 DVNs Configuration section) having a 2 out of 3 threshold.
- adding a rate limit on token transfers (see 3.4 Rate Limiting Configuration section).
Why Lock & Mint?
This pattern avoids decisions that would compromise the preferred long-term paths. It aligns well with Strategy 3 and could potentially evolve into this strategy more fully in the future.
Additionally, the Lock & Mint pattern is the most straightforward approach in the short term, as it eliminates the need to upgrade the Morpho token on L1.
Roles of the Adapters
Adapters are intermediary smart contracts that sit between the Morpho token and the LayerZero smart contracts. We’ll be using an Adapter on each side of the bridge. Their role is to:
- Abstract away the LayerZero interfaces wiring
- Hold the configuration (DVN, rate limiting, …)
- On Ethereum, the standard Adapter is responsible for receiving or releasing the tokens locked and escrowing them
- On Arbitrum, the MintAndBurnAdapter (aka MABA) is responsible for minting or burning the tokens
Overall key benefits
- Maintains Security: Leverages a well-audited and trusted protocol with optional DVN diversification.
- Prevents Liquidity Chaos: Avoids introducing a third Lock & Mint escrow (e.g., Arbitrum’s canonical bridge).
- Improves UX: Directs users toward an endorsed, canonical route using LayerZero. Enables clear messaging and centralized routing through a LayerZero-integrated UI.
- Simplifies Deployment: Uses LayerZero’s off-the-shelf adapters, minimizing implementation friction.
3. Specification
We’ve already engaged with LayerZero to design the bridging setup. The deployment architecture includes:
3.1. Arbitrum Components
- Upgradable ERC20 Morpho token: Deployed with proxy pattern.
- MintAndBurnAdapter: Non-upgradable; handles minting, burning, and rate limits.
- DAO Role Management: Morpho DAO holds admin and role management rights. These roles allow the DAO to change the messaging system on the chains with a burn & mint mechanism, which serves as a mitigation measure to prevent vendor lock-in.
3.2. Ethereum (L1) Components
- LockAdapter: Non-upgradable LayerZero adapter to escrow tokens and route messages.
- DAO Control: Morpho DAO retains ownership and configuration authority.
3.3. DVN Configuration
The following requirements/constraints led to the following configuration proposal.
Requirements/constraints
Avoid extensive bridging fees: We aim to minimize bridging fees that are paid in the source chain’s native currency. Each DVN (required or optional) costs 0.05 USD equivalent in fees on each bridging. Therefore, we cannot propose a huge list of DVNs and have determined that using 4 DVNs (resulting in about 0.20 USD equivalent per transfer) is reasonable for end users.
Avoid long bridging times: Making all DVNs required could lead to increased bridging latency and a higher chance of delays if any DVN is offline. Instead, we use two required DVNs to ensure reasonable performance and redundancy, while reducing timeout risks, even if the risk still exists with the two required, but mitigated as these are major ones.
Use only trusted, production-grade DVNs: We selected only widely recognized and operationally proven actors to ensure security and user trust. It is unlikely that these actors would collude.
Promote infrastructure and client diversity: Like Ethereum’s client diversity, using different DVN implementations and hosting environments reduces systemic risk. Notably, Canary uses a Go client distinct from LayerZero’s own, and our optional DVNs are distributed across AWS, GCP, and European cloud infrastructure.
Proposed configuration
- Required DVNs:
- LayerZero Labs (Standard Gasolina on AWS)
- Canary (TEE based + custom client in Go)
- Optional DVNs:
- Deutsche Telekom (Standard Gasolina but running in Telekom cloud on EU soil, no GCP or AWS)
- P2P (large institutional staking provider, running standard Gasolina in GCP)
- Threshold: 2 required + 1 optional
3.4. Rate Limiting Configuration
- Ethereum → Arbitrum: 250,000 MORPHO/month to support reward distribution.
- Arbitrum → Ethereum: 100,000 MORPHO/month to contain downstream risk.
4. Implementation Workstreams
All implementation details have already been reviewed and agreed by LayerZero
Implementation is structured into two parallelized tracks:
4.1 LayerZero Deployment & Setup
- Deploy ERC20 + proxy on Arbitrum with placeholder roles
- Deploy MintAndBurnAdapter and LockAdapter
- Configure DVNs and routing
- Transfer roles to Morpho DAO
4.2 Morpho DAO Finalization
- Execute
setPeer(...)on Ethereum and Arbitrum - Optionally whitelist with Stargate for added interoperability
These governance-controlled steps ensure full DAO oversight and prevent premature bridge activation.
5. Implementation Timeline
- July 28th (Morpho Association): Vote opening
- July 30th (LayerZero)
- Deploy ERC20 token with proxy and placeholder roles
- Deploy adapters and configure DVNs
- Transfer operational roles to Morpho DAO
- July 30–31 (Morpho DAO): Execute
setPeer(...)after DAO vote - Early August (Morpho Association): Stargate whitelisting
6. Voting
This proposal will be submitted to a DAO vote after community discussion. The vote will determine:
- Approval of LayerZero as the bridging provider for Arbitrum;
- Authorization to proceed with the deployment and activation as specified.
