We are hiring!Join L2BEAT

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!

deBridge logodeBridge

...

Tokens:

Description

deBridge is an interoperability layer that enables messaging between various blockchains. For the typical token transfer, "deToken" is minted on the destination chain.

If you find something wrong on this page you can submit an issue or edit the information.

Risk summary

Funds can be stolen if

  1. destination token contract is maliciously upgraded or not securely implemented (CRITICAL),
  2. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

Users can be censored if

  1. nodes decide not to transfer tokens after observing an event on the supported chain (CRITICAL).
Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Technology

Principle of operation

deBridge leverages cross-chain messaging to transfer tokens from Ethereum to other chains and vice-versa. The validation of cross-chain transactions is performed by a network of oracles signing the transaction, which would be later evaluated by the smart contract.

Transfers are externally verified

External validators observe events on deBridge supported chains and transfer signed messages to other chains. Message is considered valid when it contains at least minimum amount of signature, currently set to 8.

  • Users can be censored if nodes decide not to transfer tokens after observing an event on the supported chain (CRITICAL).

Destination tokens

Tokens transferred end up a their wrapped representation (deTokens).

  • Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented (CRITICAL).

Permissioned Addresses

The system uses the following set of permissioned addresses:

ProxyAdmin 0xE442…94Fe

Admin for all upgradable proxy smart contracts. It can change the implementations of all proxies. ProxyAdmin is controlled by governance multisig.

Oracles 0x4bC1…75260x1c07…f2050x573F…9ff50x59CE…42140xbCF5…D4DC0xf27A…3fe80x6436…A4260x874f…240E0xDD52…23e00x83f8…42bF0x4CA2…677D0xebec…3c54

Accounts permitted to sign the message coming from other chain. Currently at least 8 of them are need to sign the message.

Smart Contracts

The system consists of the following smart contracts:

DeBridgeGate 0x43dE…98aAImplementation (Upgradable)Admin

The main point of cross-chain interactions, this contract allows user to send message to other chain and claim funds when bridging back to Ethereum. This contract stores the following tokens: USDC, WETH, FRAX, ETH, USDT, WBTC, DAI, MATIC, RAI.

SignatureVerifier 0x949b…8A8cImplementation (Upgradable)Admin

Contract responsible for checking off-chain signatures performed by the oracles, currently there are needed at least 8 confirmations.

The current deployment carries some associated risks:

  • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

Websitedebridge.finance
Social media@deBridgeFinancediscord.ggblog.debridge.financer/debridgedebridge-finance
Appapp.debridge.finance
Documentationdocs.debridge.finance
Explorerexplorer.debridge.finance
Source codegithub.com/debridge-finance