L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!

Polygon PoS logoPolygon PoS


...


Tokens:

Description

Polygon PoS it the official bridge provided by the Polygon team to bridge assets from Ethereum to Polygon chain. The bridge is validated by Polygon validators and allows for asset as well as data movement between Polygon and Ethereum.

If you find something wrong on this page you can submit an issue or edit the information.

Risk summary

Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Technology

Principle of operation

This is a very typical Token Bridge that locks tokens in the escrow contracts on Ethereum and mints tokens on the Polygon network. When bridging back to Ethereum tokens are burned on Polygon and then released from the escrow on Ethereum.

Outbound transfers are externally verified, inbound require merkle proof

Note: This section requires more research and might not present accurate information.

Validators on the Polygon network watch for events on Ethereum and when they see that tokens have been locked they mint new tokens on Polygon. Every 30 minutes validators submit new Polygon state checkpoints to the Ethereum smart contracts. To withdraw tokens users need to present a merkle proof of a burn event that is verified against the checkpoints.

  • Users can be censored if validators on Polygon decide to not mint tokens after observing an event on Ethereum (CRITICAL).

  • Funds can be stolen if validators decide to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL).

  • Funds can be stolen if validators submit a fraudulent checkpoint allowing themselves to withdraw all locked funds (CRITICAL).

Destination tokens are upgradeable

Note: This section requires more research and might not present accurate information.

Tokens transferred end up as wrapped ERC20 proxies, some of them are upgradable. The contract is named UChildERC20Proxy.

  • Funds can be stolen if destination token contract is maliciously upgraded (CRITICAL).

Permissioned Addresses

The system uses the following set of permissioned addresses:

Polygon MultiSig 0xFa7D…b74c

Can propose and execute code upgrades on escrows via Timelock contract.

Smart Contracts

Note: This section requires more research and might not present accurate information.

The system consists of the following smart contracts:

Escrow contract for ERC20 tokens. This contract stores the following tokens: USDC, USDT, WBTC, SAND, DAI, AAVE, LINK, CRV, MANA, CEL.

Escrow contract for ETH. This contract stores the following tokens: ETH.

Contract storing Polygon sidechain checkpoints. Note that validatity of these checkpoints is not verfied, it is assumed they are valid if signed by 2/3 of the Polygon Validators.

Main contract to manage bridge tokens, deposits and withdrawals.

Timelock 0xCaf0…8cEf

Contract enforcing delay on code upgrades.

The current deployment carries some associated risks:

  • Funds can be stolen if a contract receives a malicious code upgrade. There is a 48 hours delay on code upgrades.