Linea
About
Linea is an Ethereum-equivalent zkEVM Layer 2 rollup built by Consensys, designed to scale Ethereum while reinforcing its economic model. It offers full EVM bytecode compatibility and seamless integration with existing Ethereum tooling, enabling developers to deploy contracts without modification. Linea is intended for dApp builders seeking low-cost, high-throughput settlement with Ethereum-level security, as well as institutions requiring enterprise-grade infrastructure for tokenization, payments, and onchain settlement.
Where Does Yield Come From?
Linea is a Layer 2 network (a system built on top of Ethereum to make it faster and cheaper), not an app that pays yields by itself. However, its design includes a few yield-related pieces at the protocol level.
How fees and token burning work
Users pay all gas fees in ETH. After covering the cost of posting transactions back to Ethereum, the leftover fees are split two ways:
- 20% is burned (permanently removed from circulation), shrinking the supply of ETH.
- 80% is used to buy and burn the LINEA token, creating a second deflationary (supply-shrinking) force tied to how busy the network is.
Together, this creates a dual burn mechanism that kicks in whenever the network is used.
Planned staking for bridged ETH
ETH that has been bridged onto Linea is expected to be staked (locked up to help secure the network) in the future — the exact mechanics haven't been announced yet. When that happens, the staking rewards would be passed on to liquidity providers, helping to kick-start and fuel DeFi (decentralized finance) activity on the network.
The LINEA token and the Ecosystem Fund
The LINEA token supply is set aside mostly for ecosystem growth:
- 75% of all LINEA tokens go into an Ecosystem Fund managed by the Linea Consortium (a group that includes ENS Labs, Eigen Labs, SharpLink, Status, and Consensys).
- That fund uses the tokens to pay for liquidity incentives (rewards for providing trading pools), builder grants, future airdrops, and other long-term ecosystem support.
- The releases follow a decaying schedule over 10 years — more tokens early on, fewer later.
There is no tokenholder voting. The Consortium decides how tokens are emitted and allocated.
No sales, no employee or investor allocations
No LINEA tokens have been sold to the public, and none have been given to employees or investors. Consensys holds 15% of the supply, locked up for five years.
Where yield comes from for users
Because Linea itself is not a yield app (like a lending market or a yield aggregator), there are no built-in APY or APR figures at the base layer. Any yields that end users earn come from third-party dApps (decentralized apps) built on top of Linea.
Persons
Declan Fox
Head of Linea, founding member (Consensys)
Toni Wahrstatter
Consortium Steward; Research Engineer at the Ethereum Foundation
Joseph Chalom
Consortium Steward; Co-Chief Executive Officer, SharpLink
Cyp
Consortium Steward; Status Network
Sreeram Kannan
Consortium Steward; Founder of EigenCloud and CEO of Eigen Labs
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Least Authority14-05-2025 - 01-08-2025 |
| The audit found no exploitable security vulnerabilities in the Limitless Prover implementation; all 5 suggestions were resolved and a soundness issue in the Fiat-Shamir heuristic was independently identified by the Linea team and remediated to the auditors' satisfaction. |
zkSecurity20-05-2024 |
| The audit found several high-severity soundness issues (multi-committer binding, partition decomposition, GLV decomposition, uint conversion) that were addressed in subsequent PRs before or shortly after the report; the medium-severity findings are primarily design/subtlety concerns that require careful downstream usage, and the overall gnark std library code and documentation quality was noted as high by the auditors. |
ZKSecurity (zkSecurity)17-06-2024 |
| The audit found no high or critical vulnerabilities, only six low-severity design/correctness issues and three informational notes, all of which are documented with clear remediation guidance; the crypto/math libraries are well-organized and tested, and the reported issues do not pose an immediate safety risk to the protocol. |
OpenZeppelin20-05-2024 - 14-06-2024 |
| The audit identified one critical-incentive high-severity issue (missing quotient polynomial blinding, since resolved) and several medium/low findings, with the main residual risk being an incomplete alignment with the latest Plonk specification that the Linea team chose to leave as-is for now, though the implementation remains internally consistent. |
Least Authority TFA GmbH20-09-2024 |
| The audit found the gnark cryptographic libraries to be well-designed with strong security emphasis and identified no critical or high-severity vulnerabilities; the single unresolved issue (missing FFT generator in the Fiat-Shamir transcript) represents a low residual risk, and all other code-level issues were resolved or determined non-issues. |
Least Authority26-11-2024 |
| All 17 identified issues—including 5 critical and 4 high-severity soundness vulnerabilities in the prover protocol, zkEVM modules, and gnark frontend—were resolved by the Linea team before the final verification review, meaning the audited code has been remediated against the reported findings. Residual risk lies in the out-of-scope components (e.g., the core arithmetization define.go, serialization, and Vortex core) and in the unresolved documentation/code-quality suggestions. |
Sigma Prime01-05-2023 |
| The audit found one critical consensus-level deserialisation bug that was resolved, while two high-severity panic vectors in the Rust and Go bindings and several informational issues remain open, indicating the core KZG logic was addressed but bindings need further hardening before production deployment. |
Consensys Diligence08-05-2023 - 23-06-2023 |
| This audit uncovered critical soundness flaws in the verifier — including a missing pairing-check result that could let invalid proofs pass (since fixed) — and systemic issues like an insecure toy trusted setup and unchecked staticcall statuses, meaning the verifier was not safe for mainnet deployment at the time of the audit. The team acknowledged several critical issues and fixed others, but the report explicitly warns that additional high- or critical-severity issues likely remain due to limited cryptographic review scope. |
LeastAuthority16-08-2023 - 18-08-2023 |
| This focused audit of gas-optimization changes to a Groth16 verifier found no security vulnerabilities, and all three improvement suggestions were implemented and verified before the final report. The audited code is considered safe for deployment. |
OpenZeppelin03-08-2023 - 18-08-2023 |
| The audit uncovered a critical proof-forgery vulnerability that would have allowed a malicious prover to steal all assets on the Linea rollup; this was fully resolved, along with the majority of medium and low findings. The remaining partially resolved issues (so-far-digest model compliance and EC point validation) represent residual design risks that should be monitored in future upgrades. |
Kudelski Security20-10-2022 |
| The audit found no critical or high-severity vulnerabilities; the two medium-severity cryptographic edge-case issues were acknowledged and fixed by the development team, and the remaining low/informational findings represent acceptable residual risks for a cryptographic library. |
Consensys Diligence19-01-2026 - 30-01-2026 |
| The audit identified one medium-severity proof malleability concern and two lower-severity issues, all of which were verified as fixed, and the implementation overall demonstrates high quality and correctly integrates Poseidon2 for trustless cross-chain ENS resolution and L2 state queries from Ethereum L1. |
Consensys Diligence13-10-2025 - 20-10-2025 |
| All findings were resolved prior to deployment, and deployed contracts were verified against the audited commit, making this a clean audit with no unresolved security concerns. |
OpenZeppelin13-10-2025 - 15-10-2025 |
| The two medium-severity issues were both resolved, and the core contracts have no outstanding critical or high-severity findings, indicating a reasonable security posture for the Linea burn mechanism. However, the system's security relies heavily on privileged roles and external dependencies (DEX, bridge), which should be managed with robust operational security. |
Cyfrin20-10-2025 - 24-10-2025 |
| The audit found one low-severity type mismatch and several informational improvements, all of which were either resolved or acknowledged by Linea, with deployed bytecode verified to match the post-fix source code — confirming remediation integrity before production deployment. |
Consensys Diligence21-07-2025 - 25-07-2025 |
| The audit found no critical or high-severity threats; the single medium issue and most minor issues were resolved prior to deployment, and the acknowledged items present acceptable residual risk given the operational controls in place. |
OpenZeppelin22-07-2025 - 24-07-2025 |
| The audit found no critical, high, or medium severity issues, with only three low-severity findings and minor informational notes, indicating the Linea TGE contracts were well-constructed with adequate security for their token generation event and cross-chain bridging use case. |
Cyfrin25-07-2025 - 29-07-2025 |
| The audit identified no vulnerabilities beyond five informational-level recommendations, two of which were resolved and three acknowledged, indicating a well-structured and security-conscious codebase with no material risk for deployment. |
| All eight findings were resolved by the Linea team, including the critical storage-corruption issue that could have allowed unauthorized re-initialization of the TokenBridge proxy, and three medium-severity pausing and reentrancy concerns were addressed through contract revisions and verified bytecode matches. | |
Cyfrin05-01-2026 - 09-01-2026 |
| The critical storage-layout vulnerability in the TokenBridge upgrade — which would have enabled a permissionless attacker to drain ~$29M — was responsibly disclosed and fixed before deployment, and the fix was verified by Cyfrin along with on-chain bytecode verification. The remaining low and informational issues were resolved or acknowledged, making the mixed upgrade safe for deployment. |
Consensys Diligence10-11-2025 - 12-12-2025 |
| The audit found 4 major and 7 medium issues concentrated in permissionless unstaking mechanics and cross-protocol liquidity dependencies, all of which were addressed before deployment with bytecode verification confirming alignment to the audited source; the system's strong role-based access controls and operational safeguards partially mitigate residual risks, but the protocol remains heavily reliant on privileged operator diligence and Lido's continued correct operation. |
OpenZeppelin03-11-2025 - 05-12-2025 |
| The one high-severity and all seven medium-severity findings were resolved during the engagement, and the remaining acknowledged items do not pose immediate fund-loss risks, making the protocol safe for deployment under the documented trust model and privileged role assumptions. |
Cyfrin03-11-2025 - 14-11-2025 |
| The Cyfrin audit identified critical accounting-corruption risks in Linea's new Yield Management system, all of which were resolved through refactoring; however, several design-level concerns (e.g., permissionless withdrawal functions remaining pausable, new deposits not automatically paying down LST liability) were acknowledged by the team rather than fixed, introducing residual operational risk. |
Diligence25-11-2024 - 06-12-2024 |
| The audit uncovered no critical or high-severity vulnerabilities; all four medium-severity and three minor issues were remediated, with one informational finding acknowledged, indicating that the rollup update introduces no significant security risks. |
OpenZeppelin04-11-2024 - 15-11-2024 |
| The audit identified no critical or high-severity issues; the single medium-severity DoS vulnerability and all lower-severity findings were resolved before final deployment, demonstrating a thorough review of the role-upgrade changes with no residual high-risk concerns. |
Cyfrin21-10-2024 - 04-11-2024 |
| The audit found only one medium and one low severity issue, both of which were resolved and verified, and the storage upgrade plans for all three live contracts were verified as safe, indicating that the changes in this version introduce no critical or high-risk security concerns for the Linea protocol. |
Consensys Diligence03-07-2024 - 17-07-2024 |
| The audit identified only two minor, acknowledged issues with no critical, high, or medium severity findings, indicating that the Linea Rollup Update code changes are generally sound. The protocol can proceed with confidence in the security of the updated contracts, with the minor improvements deferred to the next release. |
OpenZeppelin29-04-2024 - 08-05-2024 |
| The audit found one high-severity issue (inconsistent state root hash validation) and three low-severity issues, all of which were resolved by the Linea team, and no critical or medium issues were identified, indicating the gas optimization upgrade was implemented soundly with well-addressed risks. |
Cyfrin29-04-2024 - 17-05-2024 |
| The audit confirms that Linea addressed both critical High-risk issues (deprecated storage slot breaking bridging, and unintended ERC721 bridging) before publication, and resolved most Low-risk findings; however, the two acknowledged Medium-risk items—censorship via the centralized sequencer and inability to cancel failed destination transactions—represent residual design risks inherent in first-generation zkEVM L2s that remain unmitigated. |
OpenZeppelin04-03-2024 - 08-03-2024 |
| The audit found no critical, high, or medium severity issues, and the 4 low-severity findings plus 2 informational notes were largely addressed by the Linea team, indicating that the EIP-4844 blob submission integration is well-constructed and poses minimal security risk. |
Consensys Diligence11-12-2023 - 12-01-2024 |
| All critical and most major/medium issues were resolved, with one major partially addressed pending prover decentralization and one medium acknowledged for the EIP-4844 upgrade, indicating a sound interim security posture for Linea's compressed calldata contracts. |
OpenZeppelin11-12-2023 - 19-01-2024 |
| The audit identified significant structural risks in the submission/finalization flow and several medium-severity issues affecting message censorship and finalization safety, most of which have been addressed or acknowledged by the Linea team; overall the codebase was found to be well-written, but the recommended restructuring of core data flows should be prioritized before full decentralization. |
ConsenSys Diligence05-06-2023 - 23-06-2023 |
| The audit uncovered no critical-severity vulnerabilities, but several major risks including fund-stuck scenarios, single-coordinator/sequencer centralization dependencies, and missing events indicate that the protocol's safety currently relies heavily on trusted off-chain actors and would benefit from the recommended decentralization and refund mechanisms before broader adoption. |
ConsenSys Diligence26-06-2023 - 04-07-2023 |
| The audit uncovered one critical and five major-severity vulnerabilities, all but one (a design-trade-off around user withdrawal during bridge downtime) were fixed by the Linea team, making the canonical token bridge safe for its intended use case assuming the multi-sig owner behaves honestly and the coordinator/sequencer infrastructure remains reliable. |
OpenZeppelin10-07-2023 - 02-08-2023 |
| The audit identified one critical reentrancy vulnerability and three high-severity issues in the token bridge and rate limiter, all of which were either resolved or acknowledged with planned fixes. While the codebase was found to be clear and well-documented, the remaining acknowledged items (rate limiter DOS, ERC-721 lock, refund MEV) represent residual trust and design risks that users should monitor. |
Backers
Linea was incubated and built by Consensys, the leading Ethereum software company founded by Ethereum co-founder Joseph Lubin in 2014. According to Linea's official tokenomics announcement (July 29, 2025), no LINEA tokens have been allocated or sold to investors via traditional venture capital fundraising rounds. The token distribution allocates 85% to the ecosystem (10% to early users via airdrop, 75% to an Ecosystem Fund) and 15% to the Consensys treasury (subject to a five-year lockup). The Ecosystem Fund — described as Ethereum's largest ecosystem fund — is managed by the Linea Consortium, a non-profit council of Ethereum-native organizations acting as stewards, not investors. The Consortium's initial board members include Consensys, Eigen Labs, ENS Labs, SharpLink Gaming (Nasdaq: SBET), and Status. No traditional VC rounds, angel investors, or external fundraising amounts/dates were disclosed on any official Linea source.
Legal
Legal form
Association (Swiss non-profit); The operating entity offering the Terms of Service is the Linea Consortium (unincorporated association or similar entity with a registered address in Dover, Delaware).
Registration jurisdiction
Linea Association: Switzerland (explicitly stated as a Swiss non-profit organization on the official /association page). Linea Consortium: Delaware, USA (Terms of Service governed by Delaware law; registered address at 850 New Burton Road, Suite 201, Dover, Kent County, DE 19904).
Status and notes
Two legal entities disclosed: (1) The Linea Consortium — the entity that hosts the Site and provides the Offerings under the Terms of Service, with a registered address in Dover, Delaware, and disputes governed by Delaware law; contact: [email protected]. (2) The Linea Association — a Swiss non-profit organization that acts as the data controller under the Privacy Notice ([email protected]) and executes decisions made by the Linea Consortium. The Privacy Notice is titled "LINEA ASSOCIATION GLOBAL PRIVACY NOTICE" (last updated September 5, 2025). The Terms of Service reference the Linea Consortium as the contracting party. No commercial registry number was disclosed on the pages fetched.