Poly Bridge

Funds can be stolen if

1. a fake block header is relayed through the PolyNetwork chain that allows to prove a burn/mint transaction that never occurred on the source chain (CRITICAL),
2. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL),
3. the source code of unverified contracts contains malicious code (CRITICAL).

Funds can be frozen if

4. contract Owner pauses one of the bridge contracts,
5. chain Relayers don't relay messages,
6. the PolyNetwork Keepers don't sign messages.

Users can be censored if

7. chain Relayers decide to not pass certain transactions to the destination chain (CRITICAL).

Principle of operation

Poly Bridge operation is centered around PolyNetwork chain that acts as a type of a light client for all supported chains. Each supported chain has a set or Relayers that transmit successive block headers to the PolyNetwork chain, as well as lock or burn events. Those events, after passing verification on PolyNetwork chain, are relayed to the destination chain by Relayers that are responsible for the destination chain. Relayers on the destination chain pass messages to appropriate contracts that mint or release corresponding tokens to the user after verifying validity of the message.

• Funds can be frozen if contract Owner pauses one of the bridge contracts.

1. PolyNetwork docs from source code
2. Ethereum-related PolyNetwork docs from source code

Validation of cross-chain transactions

Each supported chain has a set of Relayers that are responsible for sending successive block headers since pre-specified origin to the PolyNetwork chain, which stores these blocks after validating their aspects, such as structure, difficulty, consistency with previous blocks, etc. When user locks or burns an asset for a cross-chain swap, an event is relayed by Relayer to the PolyNetwork chain with a Merkle proof of that transaction being included in a block. The PolyNetwork chain is able to verify Merkle proof using block headers that it keeps. PolyNetwork chain itself uses a set of Keepers to sign transactions after checking their validity. Once a cross-chain transaction is verified on PolyNetwork, an event is emitted that is picked by Relayers on the destination chain. The block header and Merkle proof for a transaction on a source chain is validated by a contract on the destination chain (if it supports such verification) and the asset is minted or released to the recipient.

• Users can be censored if chain Relayers decide to not pass certain transactions to the destination chain (CRITICAL).

• Funds can be stolen if a fake block header is relayed through the PolyNetwork chain that allows to prove a burn/mint transaction that never occurred on the source chain (CRITICAL).

• Funds can be frozen if chain Relayers don't relay messages.

• Funds can be frozen if the PolyNetwork Keepers don't sign messages.

1. Header verification source code