pNetwork
About
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
About
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
2024 May 09 — 2025 May 09
pGALA token on BSC exploit
2022 Nov 5th
Due to the misconfiguration of BSC the exploiter took over the control of pGALA tokens.
Mainnet Launch of pNetwork v2
2022 Oct 18th
Whitelist got removed, there are no restrictions on who can transact with the network.
pNetwork aims to be a decentralized system facilitating cross-chain movement of assets.
It is built as a simple Token Bridge that uses a single EOA address to move assets across. For a typical token transfer, “pToken” is minted on the destination chain.
Funds can be stolen if
- validators allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum,
- validators sign a fraudulent message allowing themselves to withdraw all locked funds,
- destination token contract is maliciously upgraded,
- a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).
Users can be censored if
Principle of operation
This is a Token Bridge that locks tokens in the escrow contracts on Ethereum and mints “pTokens” on the destination network. The validation of cross-chain transactions is performed by a group of Validators running MPC protocol that control one EOA address on Ethereum.
Transfers are externally verified
External Validators observe events on pNetwork bridge and sign transfer requests on destination chain. On Ethereum a single EOA address controls such transfers.
Users can be censored if validators decide to stop processing certain transactions.
Funds can be stolen if validators allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum.
Funds can be stolen if validators sign a fraudulent message allowing themselves to withdraw all locked funds.
Destination tokens
Tokens transferred end up as their wrapped representation (pTokens). Note: on November 2022, due to misconfiguration, control over pGALA token on BSC was taken over by an unknown attacker that could have resulted in minting unlimited amount of unbacked pGALA tokens.
Funds can be stolen if destination token contract is maliciously upgraded.
Ethereum
Actors:
A voting contract that controls the inflation withdrawal logic of PNT token.
A Multisig with 2/4 threshold. Can upgrade ERC20 Vault V2.
Ethereum
Has special logic for handling inflation of PNT token. This contract stores the following tokens: GALA, PNT, USDT, USDC.
This contract stores the following tokens: WETH, LRC, BAT, DAI, ZRX, PNT.
This contract stores the following tokens: UOS.
Proxy owner of ERC20 Vault v2.
The current deployment carries some associated risks:
Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).