Canary DVN and EigenLayer Redistribution How It Works

Canary DVN serves as our custom Go implementation of the LayerZero DVN. It powers the LayerZero security stack by signing every message that travels between blockchains. This ensures cross-chain communication stays correct, verifiable, and secure.

We designed Canary DVN from the ground up for peak performance and safety. It operates within trusted execution environments, specifically AWS Nitro. This setup allows us to prove precisely what code is running and confirm it has not been altered in any way.

Trusted execution environments offer robust execution integrity. But we go a step further by weaving in EigenLayer cryptoeconomic security. This integration guarantees the DVN operates honestly. If dishonesty is proven, the DVN faces slashing. The affected user then receives compensation through EigenLayer redistribution. This mechanism redistributes slashed funds back to users and restakers rather than burning them. Canary DVN stands out as one of the first to implement this redistribution feature in a live setting.

Millions of cross-chain messages flow daily. Verifying them all on-chain would rack up enormous costs. That's why Canary DVN handles processing off-chain inside TEEs. It relies on cryptographic attestation reports to demonstrate execution integrity. These reports include a code hash, known as a measurement, which gets checked on-chain against an allowlist. This step confirms the DVN executed only approved code.

Imagine a user transfers funds through an application that uses Canary DVN, like ether.fi, and ends up with less than anticipated. They can initiate an optimistic dispute by staking a bond. An independent TEE then replays and verifies the disputed event. During the initial rollout, a security council veto window adds an extra layer of protection. If misbehavior is verified and no veto occurs, the DVN's stake gets slashed. The user recovers their proven loss, and any remaining slashed funds return to EigenLayer restakers.

This method limits risk to just the actual loss amount, not the full collateral. With TEE execution, SSL pinning, and independent verification in place, the likelihood of slashing remains extremely low. Yet if it does occur, users can rely on full compensation.