Search

Search for projects by name

SummaryValue SecuredRisk summaryTechnologyPermissionsSmart contracts

deBridge logodeBridge

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

There are impactful changes and part of the information might be outdated.

About

deBridge is an interoperability layer that enables messaging between various blockchains. For the typical token transfer, "deToken" is minted on the destination chain.

  • Total Value Secured
  • Destination
  • Validated by
    Third Party
  • Type
    Token Bridge
    • Explore more in Discovery UI

    About

    deBridge is an interoperability layer that enables messaging between various blockchains. For the typical token transfer, "deToken" is minted on the destination chain.

    Value Secured

    2024 Jul 18 — 2025 Jul 18

    Risk summary

    Funds can be stolen if

    1. destination token contract is maliciously upgraded or not securely implemented,
    2. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Users can be censored if

    1. nodes decide not to transfer tokens after observing an event on the supported chain.
    Technology

    Principle of operation

    deBridge leverages cross-chain messaging to transfer tokens from Ethereum to other chains and vice-versa. The validation of cross-chain transactions is performed by a network of oracles signing the transaction, which would be later evaluated by the smart contract.

    Transfers are externally verified

    External validators observe events on deBridge supported chains and transfer signed messages to other chains. Message is considered valid when it contains at least minimum amount of signature, currently set to 8.

    • Users can be censored if nodes decide not to transfer tokens after observing an event on the supported chain.

    Destination tokens

    Tokens transferred end up a their wrapped representation (deTokens).

    • Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented.

    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Actors:

    Admin Multisig 0x6bec…92D5

    A Multisig with 5/8 threshold. Admin for all upgradable proxy smart contracts. It can change the implementations of all proxies through the ProxyAdmin contract.

    Participants (8):

    0xbA7c…09B50xC351…8c2D0xD4Aa…dA2C0x874B…c6E10xE966…56B70x6f57…2FBD0xd725…e5440x24C0…7c96
    Oracles (12) 0x4bC1…75260x1c07…f2050x573F…9ff50x59CE…42140xbCF5…D4DC0xf27A…3fe80x6436…A4260x874f…240E0xDD52…23e00x83f8…42bF0x4CA2…677D0xebec…3c54

    Accounts permitted to sign the message coming from other chain. Currently at least 8 of them are need to sign the message.

    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    DeBridgeGate 0x43dE…98aAImplementation (Upgradable)Admin

    The main point of cross-chain interactions, this contract allows user to send message to other chain and claim funds when bridging back to Ethereum.

    • This contract stores the following tokens: USDC, WETH, FRAX.legacy, ETH, USDT, WBTC, DAI, MATIC, RAI.
    SignatureVerifier 0x949b…8A8cImplementation (Upgradable)Admin

    Contract responsible for checking off-chain signatures performed by the oracles, currently there are needed at least 8 confirmations.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).