L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!

Portal (Wormhole) logoPortal (Wormhole)

...

Tokens:
Websitewormhole.comlinktr.ee/wormholecrypto
Social mediadiscord.ggwormholecrypto@wormholecrypto
Appwww.portalbridge.com
Documentationdocs.wormhole.com/wormholebook.wormhole.com
Explorerwormhole.com/explorer
Source codegithub.com/wormhole-foundation/wormhole

Description

Portal Token Bridge is built on top of Wormhole, which is a message passing protocol that leverages specialized network of nodes to perform cross-chain communication.

If you find something wrong on this page you can submit an issue or edit the information.

Risk summary

Funds can be stolen if

  1. guardians allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL),
  2. guardians sign a fraudulent message allowing themselves to withdraw all locked funds (CRITICAL),
  3. destination token contract is maliciously upgraded (CRITICAL),
  4. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

Users can be censored if

  1. guardians decide to stop processing certain transactions (CRITICAL).
Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Technology

Principle of operation

This is a Token Bridge that locks tokens in the escrow contracts on Ethereum and mints tokens on the destination network. What differentiates this solution is the cross-chain message passing via the Wormhole protocol, in which emitted messages on one chain are observed by a network of nodes and then verified. After verification, this message is submitted to the destination chain for processing.

Transfers are externally verified

Validation process takes place in external network called the Guardian Network. Nodes in the network, called Guardians, observe the Core Contract on each supported chain and produce VAAs (Verified Action Approvals, essentially signed messages) when those contracts receive an interaction. Based on the VAA user can withdraw funds on the other end of the bridge.

  • Users can be censored if guardians decide to stop processing certain transactions (CRITICAL).

  • Funds can be stolen if guardians allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL).

  • Funds can be stolen if guardians sign a fraudulent message allowing themselves to withdraw all locked funds (CRITICAL).

Destination tokens

Type of the token received on the destination chain depends on the token, if it is native to this chain user will receive canonical token. If the bridged token is not native to the destination chain then user will end up with wrapped version, the contract is called BridgeToken and is upgradable.

  • Funds can be stolen if destination token contract is maliciously upgraded (CRITICAL).

Permissioned Addresses

The system uses the following set of permissioned addresses:

Guardian Network

Off-chain actors signing messages (VAA) containing transfer information or governance actions such as upgrade, which are decoded on chain with signatures check.

Smart Contracts

Note: This section requires more research and might not present accurate information.

The system consists of the following smart contracts:

Token Bridge 0x3ee1…a585Implementation (Upgradable)

This contract stores the following tokens: WETH, XCN, USDT, USDC, HUSD, BUSD, LINK, SRM, SUSHI, UNI, LDO, DAI, stETH.

The current deployment carries some associated risks:

  • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).