deBridge is an interoperability layer that enables messaging between various blockchains. For the typical token transfer, "deToken" is minted on the destination chain.
Funds can be stolen if
Users can be censored if
deBridge leverages cross-chain messaging to transfer tokens from Ethereum to other chains and vice-versa. The validation of cross-chain transactions is performed by a network of oracles signing the transaction, which would be later evaluated by the smart contract.
External validators observe events on deBridge supported chains and transfer signed messages to other chains. Message is considered valid when it contains at least minimum amount of signature, currently set to 8.
Users can be censored if nodes decide not to transfer tokens after observing an event on the supported chain (CRITICAL).
Tokens transferred end up a their wrapped representation (deTokens).
Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented (CRITICAL).
The system uses the following set of permissioned addresses:
Admin for all upgradable proxy smart contracts. It can change the implementations of all proxies. ProxyAdmin is controlled by governance multisig.
The system consists of the following smart contracts:
The current deployment carries some associated risks:
Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).