Search
Search for projects by name
pNetwork
L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!
About
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
About
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
pGALA token on BSC exploit
2022 Nov 5th
Due to the misconfiguration of BSC the exploiter took over the control of pGALA tokens.
Mainnet Launch of pNetwork v2
2022 Oct 18th
Whitelist got removed, there are no restrictions on who can transact with the network.
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
It is built as a simple Token Bridge that uses a single EOA address to move assets across. For a typical token transfer, “pToken” is minted on the destination chain.
Funds can be stolen if
- validators allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum,
- validators sign a fraudulent message allowing themselves to withdraw all locked funds,
- destination token contract is maliciously upgraded,
- a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).
Users can be censored if
Principle of operation
This is a Token Bridge that locks tokens in the escrow contracts on Ethereum and mints “pTokens” on the destination network. The validation of cross-chain transactions is performed by a group of Validators running MPC protocol that control one EOA address on Ethereum.
Transfers are externally verified
External Validators observe events on pNetwork bridge and sign transfer requests on destination chain. On Ethereum a single EOA address controls such transfers.
Users can be censored if validators decide to stop processing certain transactions.
Funds can be stolen if validators allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum.
Funds can be stolen if validators sign a fraudulent message allowing themselves to withdraw all locked funds.
Destination tokens
Tokens transferred end up as their wrapped representation (pTokens). Note: on November 2022, due to misconfiguration, control over pGALA token on BSC was taken over by an unknown attacker that could have resulted in minting unlimited amount of unbacked pGALA tokens.
Funds can be stolen if destination token contract is maliciously upgraded.
Ethereum
Actors:
A voting contract that controls the inflation withdrawal logic of PNT token.
A Multisig with 2/4 threshold. Can upgrade ERC20 Vault V2.
Ethereum
Has special logic for handling inflation of PNT token.
- This contract stores the following tokens: GALA, PNT, USDT, USDC.
This contract stores the following tokens: WETH, LRC, BAT, DAI, ZRX, PNT.
This contract stores the following tokens: UOS.
Proxy owner of ERC20 Vault v2.
The current deployment carries some associated risks:
Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).