L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

Portal (Wormhole) logoPortal (Wormhole)

About

Portal Token Bridge is built on top of Wormhole, which is a message passing protocol that performs cross-chain communication.

  • Total value locked
    $473.20 M3.13%
  • Destination
    Various
  • Validated by
    Third Party
  • Type
    Token Bridge
  • ...

    Tokens

    Choose token

    Bridged Tokens (Top 15)

    USD Coin (USDC)
    Wrapped Ether (WETH)
    Tether USD (USDT)
    Dai Stablecoin (DAI)
    Lido DAO Token (LDO)
    Chain (XCN)
    Uniswap (UNI)
    ChainLink Token (LINK)
    SushiToken (SUSHI)
    Serum (SRM)
    BUSD (BUSD)
    Liquid staked Ether 2.0 (stETH)
    HUSD (HUSD)
    Milestones

    Contracts hacked for $326M

    2022 Feb 3rd

    Detailed description

    Portal Token Bridge is built on top of Wormhole, which is a message passing protocol that performs cross-chain communication.

    It leverages specialized network of nodes called Guardians to do this. It is governed by the same set of Guardians that run the underlying Wormhole protocols.

    Risk summary
    Technology

    Principle of operation

    This is a Token Bridge that locks tokens in the escrow contracts on Ethereum and mints tokens on the destination network. What differentiates this solution is the cross-chain message passing via the Wormhole protocol, in which emitted messages on one chain are observed by a network of nodes and then verified. After verification, this message is submitted to the destination chain for processing.

    1. Docs: Wormhole architecture

    Transfers are externally verified

    Validation process takes place in external network called the Guardian Network. Nodes in the network, called Guardians, observe the Core Contract on each supported chain and produce VAAs (Verified Action Approvals, essentially signed messages) when those contracts receive an interaction. Based on the VAA user can withdraw funds on the other end of the bridge.

    • Users can be censored if guardians decide to stop processing certain transactions (CRITICAL).

    • Funds can be stolen if guardians allow to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL).

    • Funds can be stolen if guardians sign a fraudulent message allowing themselves to withdraw all locked funds (CRITICAL).

    1. WormholeCore contract: function verifyVM()

    Destination tokens

    Type of the token received on the destination chain depends on the token, if it is native to this chain user will receive canonical token. If the bridged token is not native to the destination chain then user will end up with wrapped version, the contract is called BridgeToken and is upgradable.

    • Funds can be stolen if destination token contract is maliciously upgraded (CRITICAL).

    1. BridgeToken contract implementation
    Permissions

    The system uses the following set of permissioned addresses:

    Off-chain actors signing messages (VAA) containing transfer information or governance actions such as upgrades, which are decoded on chain with signature checks.

    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts on the host chain (Ethereum):

    Governance contract storing current Guardian set and provides a facility to verify a cross-chain message by verifying Guardians signatures. Guardians themselves can choose a new Guardian set. Can be upgraded by Guardians.

    Main bridge contract on Ethereum and an escrow for ETH and ERC20 tokens that were bridged to other chains. Can be upgraded by Guardians. This contract stores the following tokens: WETH, XCN, USDT, USDC, HUSD, BUSD, LINK, SRM, SUSHI, UNI, LDO, DAI, stETH.

    TokenImplementation 0x0fD0…4eE6

    This is the template for BridgedToken implementations minted by Portal on Ethereum.

    NFT bridge contract and an escrow for NFTs that were bridged to other chains. Can be upgraded by Guardians.

    NFTImplementation 0xEc4d…a7fc

    This is the template for bridged NFTs minted by Portal on Ethereum.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge Nuggets