Search

Search for projects by name

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

Symbiosis logoSymbiosis

About

Symbiosis is a cross-chain AMM DEX externally validated my a MPC relayers network.


  • Total value locked
  • Destination
    Various
  • Validated by
    Third Party
  • Type
    Hybrid

  • About

    Symbiosis is a cross-chain AMM DEX externally validated my a MPC relayers network.


    Value Locked
    Risk summary
    This project includes unverified contracts. (CRITICAL)
    Technology

    Principle of operation

    Symbiosis uses a MPC relayer network to facilitate cross-chain transfers. An AMM on BOBA BNB is used to perform swaps.

    Transfers are externally verified

    Requests are watched by a relayer network that, utilizing MPC, signs off swaps and token minting.

    • Users can be censored if MPC nodes decide to censor certain transactions.

    • Funds can be stolen if MPC nodes decide to maliciously takeover them or there is an external exploit which will result in signing malicious transaction.

    • Funds can be lost if MPC nodes lose their private keys.

    Destination tokens

    Received tokens can be wrapped tokens or native tokens depending on the destination network.

    • Funds can be lost if destination token contract is maliciously upgraded or not securely implemented.

    Permissions

    The system uses the following set of permissioned addresses:

    Multisig 0x5112…106a

    This multisig can upgrade the BridgeV2 and Portal contracts.

    Smart contracts
    Note: This section requires more research and might not present accurate information.

    The system consists of the following smart contracts on the host chain (Ethereum):

    MetaRouter 0xf621…Ff7F

    An upgradeable contract to process funds by provided route.

    A contract that generates Oracle requests for the Symbiosis relayers network. The source code of this contract is not verified on Etherscan.

    A contract that stores “bridged” liquidity. This contract can store any token.

    The current deployment carries some associated risks:

    • Funds can be stolen if the source code of unverified contracts contains malicious code (CRITICAL).

    Knowledge Nuggets