Solana Co-founder: Currently, all Layer 2 solutions rely on the "upgradable multisig" mechanism, making security guarantees virtually meaningless

BlockBeats News, October 27th, Solana co-founder Toly participated in a discussion on social media and wrote, "L2's promise ≠ L2's reality. To achieve a full L2, its code complexity and potential attack surface are extremely large, making it impossible to achieve both vulnerability-free, high performance, and feature completeness.

For this reason, all current L2 solutions rely on an 'upgrade multisig' mechanism, which renders the security guarantees they originally claimed illusory.

Worst-case scenario, they all face the same risk as Wormhole.

L2's multisig can spend all the funds in a cross-chain bridge. Wormhole's multisig can also spend all the funds in a cross-chain bridge. It's that simple.

Sui's validators cannot unilaterally do anything. Even if they secretly push a patch to their nodes overnight—even if they control 100% of the stake—Binance, Coinbase, Tether, and all uncoordinated RPC nodes would reject that state, and the entire network would stop.

But in the case of L2 and Wormhole, no one will stop. Therefore, users through a cross-chain bridge bear additional risks compared to native users."