L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!
Contracts hacked for $130M
2023 Jul 7th
fastMPC was introduced
2022 Sep 21st
It is an upgrade of the network that is used to check cross chain messages.
anyCall was introduced
2022 Apr 11th
This is the generic cross-chain mechanism that Multichain uses.
Contracts hacked for $3M
2022 Jan 18th
Multiple critical vulnerabilities were found in the contracts.
Anyswap rebrands to Multichain
2021 Dec 16th
Multichain is an externally validated bridge. It uses a network of nodes running SMPC (Secure Multi Party Computation) protocol. It supports dozens of blockchains and thousands of tokens with both Token Bridge and Liquidity Network.
Multichain (formerly AnySwap) is a Hybrid Bridge that, depending on a token, can act as a Token Bridge or as a Liquidity Network. It uses multiple escrows on a source chain (one per each destination) in addition to tokenized Liquidity Pools (anyToken contracts) - one anyToken contract per token. It uses an on-chain Router that, depending on the token/destination will choose either TokenBridge or Liquidity Network to bridge assets.
Outgoing transfers are being watched by external entities that - utilizing MPC (MultiParty Computation) - sign off token minting (for Token Bride) or token swap (for Liquidity Network). Incoming transfers work similarly - tokens burned on a source chain release tokens from escrow on a destination chain.
Funds can be stolen if MPC nodes decide to maliciously takeover them or there is an external exploit which will result in signing malicious transaction (CRITICAL).
Users can be censored if MPC nodes decide to censor certain transactions (CRITICAL).
Funds can be lost if MPC nodes lose the private key (CRITICAL).
Funds can be frozen if MPC nodes decide to stop processing transfers (CRITICAL).
Type of the token received on the destination chain depends on the token. Users may receive wrapped Token, canonical Token or anyToken that can be considered to be an IOU for the canonical Token.
Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented (CRITICAL).
Privileged account that received funds from Ethereum source escrow without corresponding burn on the destination chain. These funds were bridged to different chains and used to supply liquidity for various anyTokens. Users have to trust this account that it never tries to redeem held anyTokens for the underlying canonical token.
Account controlled by the MPC nodes. Can set minters for anyTokens. Can access liquidity in anyTokens.