It leverages an oracle and relayer for cross-chain security for the protocol. Note that StarGate UI also supports omnichain tokens built directly on top of LayerZero protocol, e.g. JOE.

Risk summary

This project includes unverified contracts. (CRITICAL)

Funds can be stolen if

oracles and relayers collude to submit fraudulent block hash and relay fraudulent transfer ,
the source code of unverified contracts contains malicious code (CRITICAL).

Users can be censored if

oracles or relayers fail to facilitate the transfer.

Technology

Principle of operation

StarGate is a Liquidity Network. It relies on liquidity providers to supply tokens to liquidity pools on each chain. Users can swap tokens between chains by transferring their tokens to a pool and receive token from the pool on the destination chain.

Oracles and relayers

Note: This section requires more research and might not present accurate information.

StarGate is built on top of LayerZero protocol. LayerZero relies on oracles to periodically submit source chain block hashes to the destination chain. Once block hash is submitted, relayers can provide the merkle proof for the transfers / swaps.

Users can be censored if oracles or relayers fail to facilitate the transfer.
Funds can be stolen if oracles and relayers collude to submit fraudulent block hash and relay fraudulent transfer .

Permissions

Ethereum

Actors:

StarGate Multisig 0x65bb…9705

A Multisig with 3/6 threshold. Bridge owner, can create new pools, chainpaths, set fees.

Participants (6):

0x2E10…d437 0x565c…B070 0x1D7C…e28d 0x79e2…8523 0x7C8D…C326 0xf02C…b0f0

Used in:

LayerZero Multisig 0xCDa8…4C92

A Multisig with 3/5 threshold. The owner of Endpoint, UltraLightNode and Treasury contracts. Can switch to a new UltraLightNode for an Endpoint. Can switch proof library for an UltraLightNode and change Treasury.

Participants (5):

0xB981…12CF 0x112c…77b0 0x771d…e77e 0x9F40…F327 0x73E9…0e1e

Used in:

LayerZero Relayer 0x902F…089E

Contract authorized to relay messages and - as a result - withdraw funds from the bridge.

Used in:

LayerZero Relayer Admin owner 0x76F6…d6e5

Can upgrade LayerZero relayer contract with no delay.

Used in:

LayerZero Oracle Admin owner 0x7B80…e6c8

Can upgrade LayerZero oracle contract with no delay.

Used in:

Smart contracts

Ethereum

Router 0x8731…1e98

Entry point for the user interaction with StarGate Bridge, handles the logic of swaps and adding liquidity, send messages to the bridge.

Bridge 0x296F…3f97

Main bridge contract, receives messages from LayerZero Endpoint, stores bridge configuration.

Factory 0x06D5…173E

Factory contract managing all liquidity pools.

TSS Oracle 0x5a54…10B2 Implementation (Upgradable)Admin

The source code of this contract is not verified on Etherscan.

Proxy used in:

Google Cloud Oracle 0xD56e…C7cc

Proxy used in:

LayerZero Relayer 0x902F…089E Implementation (Upgradable)Admin

The source code of this contract is not verified on Etherscan.

Proxy used in:

Endpoint 0x66A7…d675

LayerZero Ethereum Endpoint.

Proxy used in:

UltraLightNodeV2 0x4D73…78E2

LayerZero UltraLight Node. Used by oracles to checkpoint source chain block hashes.

Proxy used in:

Value Secured is calculated based on these smart contracts and tokens:

Escrow for USDC 0xdf07…FF56

USDC Escrow

Escrow for USDT 0x38EA…D783

USDT Escrow

Escrow for USDD 0x6929…374e

USDD Escrow

Escrow for DAI 0x0Faf…850d

DAI Escrow

Escrow for FRAX 0xfA0F…6e68

FRAX Escrow

Escrow for LUSD 0xE8F5…8CC2

LUSD Escrow

Escrow for Metis 0xd877…Da47

METIS Escrow

Escrow for USDT 0x430E…116d

USDT Pool 2

Escrow for WOO 0x1CE6…3A09

WOO Pool

Escrow for mETH 0xA572…618c

mETH Pool

The current deployment carries some associated risks:

Funds can be stolen if the source code of unverified contracts contains malicious code (CRITICAL).

Search

Funds can be stolen if

Users can be censored if

Principle of operation

Oracles and relayers

Ethereum

Actors:

Ethereum

Value Secured is calculated based on these smart contracts and tokens: