Description
Allbridge Core enables the transfer of value between blockchains by offering cross-chain swaps of native stablecoins using liquidity pools. For its stableconin liquidity network it is using either own AMB or Wormhole to pass messages. Allbridge bridge is a token bridge implemented as a separate contract. Both bridges contains a number of core, unverified smart contracts and it is owned by an EOA account that can drain all funds.
If you find something wrong on this page you can submit an issue or edit the information.
Risk summary
Funds can be stolen if
Permissioned Addresses
The system uses the following set of permissioned addresses:
EOA privilidged to process allbridge AMB messages and moved funds from pools.
EOA privilidged to update messengers and other bridge parameters. As a result this account can drain all funds from the pools.
Smart Contracts
The system consists of the following smart contracts:
Main liquidity network Allbridge Core bridge contract.
Main token bridge contract. This contract stores the following tokens: ETH, USDC, USDT, DAI, MIM.
This contract is responsible for validating incoming messages to token bridge. The source code of this contract is not verified on Etherscan.
This contract is responsible for calculating bridge fees. The source code of this contract is not verified on Etherscan.
Contract used to receive messages via allbridge AMB. The source code of this contract is not verified on Etherscan.
Contract used to receive messages via Wormhole AMB. The source code of this contract is not verified on Etherscan.
Pool holding USDT tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: USDT.
Pool holding USDC tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: USDC.
Pool holding DAI tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: DAI.
The current deployment carries some associated risks:
the source code of unverified contracts contains malicious code (CRITICAL).
Website | app.allbridge.io |
---|---|
Social media | @Allbridge_ioallbridge.medium.com |
App | core.allbridge.io |