We are hiring!Join L2BEAT

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!

Allbridge logoAllbridge


...


Tokens:

Description

This project includes unverified contracts (CRITICAL).

Allbridge Core enables the transfer of value between blockchains by offering cross-chain swaps of native stablecoins using liquidity pools. For its stableconin liquidity network it is using either own AMB or Wormhole to pass messages. Allbridge bridge is a token bridge implemented as a separate contract. Both bridges contains a number of core, unverified smart contracts and it is owned by an EOA account that can drain all funds.

If you find something wrong on this page you can submit an issue or edit the information.

Risk summary

Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Permissioned Addresses

The system uses the following set of permissioned addresses:

Allbridge EOA. 0x7234…35BA

EOA privilidged to process allbridge AMB messages and moved funds from pools.

Allbridge Owner EOA. 0x01a4…A4D0

EOA privilidged to update messengers and other bridge parameters. As a result this account can drain all funds from the pools.

Smart Contracts

The system consists of the following smart contracts:

Main liquidity network Allbridge Core bridge contract.

Main token bridge contract. This contract stores the following tokens: ETH, USDC, USDT, DAI, MIM.

Validator 0x9374…d74b

This contract is responsible for validating incoming messages to token bridge. The source code of this contract is not verified on Etherscan.

Fee Oracle 0xba6d…E1f6

This contract is responsible for calculating bridge fees. The source code of this contract is not verified on Etherscan.

Allbridge Messenger 0x366a…EE50

Contract used to receive messages via allbridge AMB. The source code of this contract is not verified on Etherscan.

Wormhole Messenger 0xF483…a83F

Contract used to receive messages via Wormhole AMB. The source code of this contract is not verified on Etherscan.

USDT Pool 0xB827…1B0e

Pool holding USDT tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: USDT.

USDC Pool 0x1D3d…403C

Pool holding USDC tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: USDC.

DAI Pool 0xCe01…9172

Pool holding DAI tokens. The source code of this contract is not verified on Etherscan. This contract stores the following tokens: DAI.

The current deployment carries some associated risks:

  • the source code of unverified contracts contains malicious code (CRITICAL).