L2Beat Governance forum is live!

Polygon Hermez logoPolygon Hermez

TVL: $346 K

+3.81% / 7 days






Hermez and Polygon have recently merged. Hermez and Polygon Hermez are two names for the same rollup.

Hermez is an open-source ZK-Rollup that aims to be optimized for secure, low-cost and usable token transfers on the wings of Ethereum.

Risk summary


Validity proofs ensure state correctness[Edit][Issue]

Each update to the system state must be accompanied by a ZK Proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. Once the proof is processed on the Ethereum blockchain the L2 block is instantly finalized.[1]

    Zero knowledge SNARK cryptography is used[Edit][Issue]

    Despite their production use ZK-SNARKs are still new and experimental cryptography. Cryptography has made a lot of advancements in the recent years but all cryptographic solutions rely on time to prove their security. In addition ZK-SNARKs require a trusted setup to operate.[1][2]

    • Funds can be stolen if the cryptography is broken or implemented incorrectly.

    All data required for proofs is published on chain[Edit][Issue]

    All the data that is used to construct the system state is published on chain in the form of cheap calldata. This ensures that it will always be available when needed.[3]


      There is no central operator[Edit][Issue]

      The system runs an auction in which anyone can bid to become the operator for a set number of blocks. The operator will be able to propose blocks and collect fees during this window. Hermez will also run a operator known as boot coordinator that will propose blocks in case no one bids in the auction. This operator can be removed by the governance.[4][5]

        Users can force any transaction[Edit][Issue]

        Because the block production is open to anyone if users experience censorship from the operator they can propose their own blocks which would include their transactions.[6]

        • Users can be censored if the operator refuses to include their transactions and users lack resources to propose blocks themselves.


        Regular exit[Edit][Issue]

        The user initiates the withdrawal by submitting a transaction on L2. When the block containing that transaction is proven the funds become available for withdrawal on L1. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof. This operation cannot be performed if the withdrawal exceeds certain threshold.[7]

          Forced withdraw[Edit][Issue]

          The user submits the withdrawal request on L1. This forces the operators to pick up the request before other L2 transactions. A block still needs to be proved, the user still submits a merkle proof, and the funds threshold still cannot be exceeded.[8]

            Delayed withdraw[Edit][Issue]

            When the user does a regular or forced withdraw and their funds exceed a certain threshold a timer activates. After a specified time has passed and the emergency mode has not been activated the funds can be withdrawn.[9]

              Emergency mode[Edit][Issue]

              When the user does a regular or forced withdraw and their funds exceed a certain threshold a timer activates. The operators can now trigger emergency mode and transfer the user's funds to the governance.[9]

              • Funds can be stolen if the operators trigger a false alarm during withdrawal (CRITICAL).

              Smart Contracts[Edit][Issue]

              The system consists of the following smart contracts:

              The current deployment carries some associated risks:

              • Funds can be stolen if a contract receives a malicious code upgrade. There is a 7 days delay on code upgrades.
              • Funds can be stolen if the source code of unverified contracts contains malicious code (CRITICAL).


              1. ZK-Proofs - Hermez documentation
              2. Multi-party Computation for the Trusted Setup - Hermez documentation
              3. Data Availability - Hermez documentation
              4. Forging Consensus Protocol - Hermez documentation
              5. Boot Coordinator - Hermez documentation
              6. Can coordinators censor transactions? - Hermez documentation
              7. Withdrawing Funds from Hermez - Hermez documentation
              8. Force Exit - Hermez documentation
              9. Withdrawal Delayer Mechanism - Hermez documentation