Description
deBridge is an interoperability layer that enables messaging between various blockchains. For the typical token transfer, "deToken" is minted on the destination chain.
If you find something wrong on this page you can submit an issue or edit the information.
Risk summary
Funds can be stolen if
Users can be censored if
Technology
Principle of operation
deBridge leverages cross-chain messaging to transfer tokens from Ethereum to other chains and vice-versa. The validation of cross-chain transactions is performed by a network of oracles signing the transaction, which would be later evaluated by the smart contract.
Transfers are externally verified
External validators observe events on deBridge supported chains and transfer signed messages to other chains. Message is considered valid when it contains at least minimum amount of signature, currently set to 8.
Users can be censored if nodes decide not to transfer tokens after observing an event on the supported chain (CRITICAL).
Destination tokens
Tokens transferred end up a their wrapped representation (deTokens).
Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented (CRITICAL).
Permissioned Addresses
The system uses the following set of permissioned addresses:
Admin for all upgradable proxy smart contracts. It can change the implementations of all proxies. ProxyAdmin is controlled by governance multisig.
Accounts permitted to sign the message coming from other chain. Currently at least 8 of them are need to sign the message.
Smart Contracts
The system consists of the following smart contracts:
The main point of cross-chain interactions, this contract allows user to send message to other chain and claim funds when bridging back to Ethereum. This contract stores the following tokens: USDC, WETH, FRAX, ETH, USDT, WBTC, DAI, MATIC, RAI.
Contract responsible for checking off-chain signatures performed by the oracles, currently there are needed at least 8 confirmations.
The current deployment carries some associated risks:
Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).
Website | debridge.finance |
---|---|
Social media | @deBridgeFinancediscord.ggblog.debridge.financer/debridgedebridge-finance |
App | app.debridge.finance |
Documentation | docs.debridge.finance |
Explorer | explorer.debridge.finance |
Source code | github.com/debridge-finance |