{
"self": {
"stateValidation": {
"value": "Validity proofs (SN)",
"description": "SNARKs are succinct zero knowledge proofs that ensure state correctness, but require trusted setup.",
"sentiment": "good",
"orderHint": null
},
"dataAvailability": {
"value": "Onchain (SD)",
"description": "All of the data (SD = state diffs) needed for proof construction is published onchain.",
"sentiment": "good",
"orderHint": null
},
"exitWindow": {
"value": "None",
"description": "There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.",
"sentiment": "bad",
"orderHint": -1555200
"orderHint": -1209600
},
"sequencerFailure": {
"value": "Force via L1",
"description": "Users can force the sequencer to include a transaction by submitting a request through L1. If the sequencer censors or is down for for more than 18d, users can use the exit hatch to withdraw their funds.",
"description": "Users can force the sequencer to include a transaction by submitting a request through L1. If the sequencer censors or is down for for more than 14d, users can use the exit hatch to withdraw their funds.",
"sentiment": "good",
"orderHint": 1555200
"orderHint": 1209600
},
"proposerFailure": {
"value": "Use escape hatch",
"description": "Users are able to trustlessly exit by submitting a zero knowledge proof of funds.",
"sentiment": "good",
"orderHint": null
}
}
}
scalingTechnology+1-1
{
"dataAvailability": [
{
"name": "All data required for forced exits is published onchain",
"description": "All the data needed to recover the latest accounts state (represented by the Account Tree) and construct the zk proof necessary for forced exits is published onchain in the form of blobs. Only data that leads to state changes is posted.",
"risks": [],
"references": []
}
],
"exitMechanisms": [
{
"name": "Regular exit",
"description": "The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is settled the funds become available for withdrawal on L1. ZK proofs are required to settle blocks. Finally the user submits an L1 transaction to claim the funds.",
"risks": [],
"references": []
},
{
"name": "Escape hatch through ZK proofs",
"description": "If the centralized operators fail to process forced transactions after the deadline, the system can be frozen (desert mode) and users can exit by reconstructing the latest settled state using the data available on L1 and providing a ZK proof of balance.",
"risks": [],
"references": []
}
],
"forceTransactions": {
"name": "Users can force their transactions on L1",
"description": "If the centralized operators fail to include user transactions, users can force them themselves through L1. The possible transaction types that users can force are: deposits, withdrawals, order creation, order cancellation, and burning of pool shares. If the operators do not process forced transactions within 18d, the system can be frozen (desert mode) and users can exit using the latest settled state. All open positions are settled using the latest index price.",
"description": "If the centralized operators fail to include user transactions, users can force them themselves through L1. The possible transaction types that users can force are: deposits, withdrawals, order creation, order cancellation, and burning of pool shares. If the operators do not process forced transactions within 14d, the system can be frozen (desert mode) and users can exit using the latest settled state. All open positions are settled using the latest index price.",
"risks": [],
"references": []
},
"operator": {
"name": "Centralized operators",
"description": "Only the centralized operators can submit batches and verify them with a ZK proof, i.e. advance the state of the protocol.",
"risks": [
{
"category": "MEV can be extracted if",
"text": "the operator exploits their centralized position and frontruns user transactions."
}
],
"references": []
},
"otherConsiderations": [
{
"name": "External oracles used for index prices",
"description": "Lighter uses a combination of oracles to determine index prices, with Stork as the primary source. External signatures are currently not verified and the sequencer must be trusted to truthfully report data.",
"risks": [
{
"category": "Funds can be lost if",
"text": "the oracle prices are manipulated."
}
],
"references": [
{
"title": "Lighter docs - Fair Price Marking",
"url": "https://docs.lighter.xyz/perpetual-futures/fair-price-marking"
}
]
}
],
"upgradesAndGovernance": "Regular upgrades are initiated by the \"network governor\" and executed with a 21d delay. The \"security council\" is allowed to reduce the upgrade delay to zero in case of an emergency. The security council does not currently satify the Stage 1 requirements. The network governor also retains the ability to add or remove validators.",
"warning": "Oct 8 2025: at the moment of writing, the circuits source code is not publicly available and therefore it is not possible to fully verify the business logic of the protocol. The team communicated to us that they plan to release them in the next 1-2 weeks."
}
contracts+13-18
{
"addresses": {
"ethereum": [
{
"name": "Lighter",
"isVerified": true,
"address": "eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"upgradeability": {
"proxyType": "zkLighter proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x1D2624A65F8aaD1c4Bc406b4D2418ba577D218cb",
"eth:0x4194D3847a0239d59a87bC82C1870CBE1FA99db1"
"eth:0x4FF23C6cA650166A95D854935a8b012B53ac59Bc",
"eth:0xf255FC8738a5c6Ee6E869A5b182a9Cd4F99a2ED6"
]
},
"chain": "ethereum",
"description": "The main rollup contract. It processes L2 batches, manages USDC deposits and withdrawals, allows users to submit censorship-resistant L2 transactions and controls desert mode (escape hatch). Logic is split between two contracts because of code-size limits, many operations are delegated to AdditionalZKLighter.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately EOA 4",
"upgradableBy": [
{
"id": "EOA-4",
"name": "EOA 4",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7#code"
},
{
"name": "DesertVerifier",
"isVerified": false,
"address": "eth:0x59406a5DcE71a4f631F9cd5D41996a19D6fDF184",
"name": "UpgradeGatekeeper",
"isVerified": true,
"address": "eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "",
"description": "Governance contract functioning like an upgrade timelock for downstream contracts. The current delay is 21d and can be entirely skipped by Lighter Multisig.\n* Roles:\n * **getMaster**: EOA 4\n * **securityCouncilAddress**: Lighter Multisig",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x59406a5DcE71a4f631F9cd5D41996a19D6fDF184#code"
"url": "https://etherscan.io/address/eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67#code"
},
{
"name": "UpgradeGatekeeper",
"name": "DesertVerifier",
"isVerified": true,
"address": "eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67",
"address": "eth:0x9BC70c62823BabFed57698d458833da55D0c88A4",
"upgradeability": {
"proxyType": "immutable",
"admins": [],
"implementations": [],
"immutable": true
},
"chain": "ethereum",
"description": "Governance contract functioning like an upgrade timelock for downstream contracts. The current delay is 21d and can be entirely skipped by Lighter Multisig.\n* Roles:\n * **getMaster**: EOA 4\n * **securityCouncilAddress**: Lighter Multisig",
"description": "ZK verifier used to verify forced exits during desert mode.\n",
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67#code"
"url": "https://etherscan.io/address/eth:0x9BC70c62823BabFed57698d458833da55D0c88A4#code"
},
{
"name": "Governance",
"isVerified": true,
"address": "eth:0xa464DA0B43f80EE3FfC4795cbbFC78472b5c81A1",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x46D3C0c01D5DAae4FE8e3f54f32901d9Fbde1f08"
]
},
"chain": "ethereum",
"pastUpgrades": [],
"description": "Manages the list of validators and the network governor.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately EOA 4\n * **networkGovernor**: EOA 4\n * **validators**: EOA 1, EOA 2, EOA 3, EOA 4",
"upgradableBy": [
{
"id": "EOA-4",
"name": "EOA 4",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xa464DA0B43f80EE3FfC4795cbbFC78472b5c81A1#code"
},
{
"name": "ZkLighterVerifier",
"isVerified": true,
"address": "eth:0xac3Ce44B6ff4E402858C99D5699ff63131572BaA",
"upgradeability": {
"proxyType": "EIP1967 proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x9a3Cc15b31Aec100d0C49B16cC401eaEf5A0A500"
]
},
"chain": "ethereum",
"pastUpgrades": [],
"description": "The main ZK verifier of Lighter, settles the proofs of correct L2 state transition in the case of normal rollup operation.\n* Roles:\n * **admin**: UpgradeGatekeeper; ultimately EOA 4",
"upgradableBy": [
{
"id": "EOA-4",
"name": "EOA 4",
"delay": "21d"
}
],
"discoveryDrivenData": true,
"url": "https://etherscan.io/address/eth:0xac3Ce44B6ff4E402858C99D5699ff63131572BaA#code"
}
]
},
"escrows": [
{
"address": "0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"sinceTimestamp": 1737090335,
"tokens": [
"USDC"
],
"contract": {
"isVerified": true,
"address": "eth:0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7",
"upgradeability": {
"proxyType": "zkLighter proxy",
"admins": [
"eth:0x94da8A995D0D82Ef0fE7E509C6D76c22603B6f67"
],
"implementations": [
"eth:0x1D2624A65F8aaD1c4Bc406b4D2418ba577D218cb",
"eth:0x4194D3847a0239d59a87bC82C1870CBE1FA99db1"
"eth:0x4FF23C6cA650166A95D854935a8b012B53ac59Bc",
"eth:0xf255FC8738a5c6Ee6E869A5b182a9Cd4F99a2ED6"
]
},
"chain": "ethereum",
"url": "https://etherscan.io/address/0x3B4D794a66304F130a4Db8F2551B0070dfCf5ca7#code"
},
"chain": "ethereum",
"includeInTotal": true,
"chainId": 1
}
],
"risks": [
{
"category": "Funds can be stolen if",
"text": "a contract receives a malicious code upgrade. There is no delay on code upgrades.",
"isCritical": true
},
{
"category": "Funds can be stolen if",
"text": "the source code of unverified contracts contains malicious code.",
"isCritical": true
}
]
}