Search

Search for projects by name

SummaryValue SecuredDetailed descriptionRisk summaryTechnologyPermissionsSmart contracts

Transporter logo
Transporter

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

About

Transporter is a Token Bridge based on Chainlink’s Cross-Chain Interoperability Protocol (CCIP) network.

  • Total Value Secured
  • Destination
  • Validated by
    Third Party
  • Type
    Token Bridge
    • Explore more in Discovery UI

    About

    Transporter is a Token Bridge based on Chainlink’s Cross-Chain Interoperability Protocol (CCIP) network.

    Value Secured

    2024 Oct 24 — 2025 Oct 08

    Detailed description

    Transporter is a Token Bridge based on Chainlink’s Cross-Chain Interoperability Protocol (CCIP) network.

    Transporter is a hybrid bridge that can work either as a Token Bridge or Liquidity Network depending on the requirements of tokens. It is using Chainlink CCIP standard for cross-chain communication, and it makes use of a secondary network of nodes, called Risk Management Network, responsible for validating the messages or halt the bridge.

    Risk summary

    Funds can be stolen if

    1. oracle network is compromised and Risk Management Network fails to halt ("curse") the bridge. Both networks would need to be separately compromised,
    2. a contract receives a malicious code upgrade. There is a 3h delay on code upgrades, during which designated Cancellers can veto the upgrade.

    Users can be censored if

    1. oracle network fails to facilitate the transfer.
    Technology

    Principle of operation

    Transporter is a Token Bridge based on the CCIP network. The CCIP network is an AMB (Arbitrary Message Bridge) that enables the cross-chain transfer of arbitrary messages that are attested by ChainLink Oracles as well as a separate Risk Management Network. On each chain it has a singleton Router contract. For each route (”lane”) there is a triplet of OnRamp, OffRamp and CommitStore contracts defined. OnRamp is used to send messages to a destination chain, while OffRamp and CommitStore are used to receive messages. The CommitStore is used to store Merkle roots of CCIP messages sent from the Source chain, while OffRamp is used to verify and execute incoming messages. Both OnRamps and OffRamps use TokenPools to escrow tokens, one TokenPool per token. TokenPools - depending on token - may Lock/Release or Mint/Burn tokens. They may also use some custom setup, like e.g. for USDC where TokenPool is a wrapper for Circle’s CCTP bridge.

    Oracle Network

    Chainlink Oracle network is responsible for validating cross-chain messages. For additional security, CCIP uses an off-chain secondary validation network called Risk Management Network. Each pathway between a source and a destination blockchain contains two Oracle committees. One committee interacts with the CommitStore contract on the destination chain to store the Merkle root of the finalized messages on the source blockchain. After the Risk Management Network verifies the merkle root and submits a voteToBless() transaction, the second oracle committee can execute the message on the destination chain.

    • Users can be censored if oracle network fails to facilitate the transfer.

    • Funds can be stolen if oracle network is compromised and Risk Management Network fails to halt ("curse") the bridge. Both networks would need to be separately compromised.

    1. Risk Management Network
    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Actors:

    RBACTimelock 0x4483…9449

    Role-based Access Control Timelock (RBACTimelock) smart contract. Onchain security-critical configuration changes and upgrades to the CCIP must pass through this contract. CCIP contract upgrades have to go through a 3h timelock.

    Timelock Admins 0x4483…9449

    Admins of the RBACTimelock contract. Can modify all other roles.

    Timelock Proposers (3) 0xE532…012F0xD659…05bf0xD975…Cf7e

    Proposers of the RBACTimelock contract. Can propose upgrades.

    Timelock Cancellers (6) 0xE532…012F0xAD97…F87B0xD659…05bf0xa8D5…69FF0x117e…aADc0xD975…Cf7e

    Cancellers of the RBACTimelock contract. Can cancel pending upgrades.

    Timelock Executors 0x82b8…5A2e

    Contract through which RBACTimelock proposals are executed. Proposals execution can be initiated by anyone.

    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    Router 0x8022…6f7D

    Central contract in CCIP responsible for the configuration of OnRamp, OffRamp and Commit Stores for different chains. This is an example Router contract for one of the lanes. There are many more lanes in the system, please check the specific smart contract for the lane you are interested in.

    OnRamp1 0x86B4…49d1

    OnRamp for outgoing messages to Arbitrum. This is an example OnRamp contract for one of the lanes. There are many more lanes in the system, please check the specific smart contract for the lane you are interested in.

    OffRamp1 0x3a12…c6c5

    OffRamp for incoming messages from Arbitrum. This is an example OffRamp contract for one of the lanes. There are many more lanes in the system, please check the specific smart contract for the lane you are interested in.

    CommitStore1 0x31f6…89AB

    CommitStore for storing incoming message roots from Arbitrum. This is an example CommitStore contract for one of the lanes. There are many more lanes in the system, please check the specific smart contract for the lane you are interested in.

    ARMProxy 0x411d…5e81

    The contract that manages the Risk Management Network, allowing blessing (validation) of messages and cursing (halting) the chain.

    RBACTimelock 0x4483…9449

    CCIP contract upgrades have to go through a 3h timelock.

    Value Secured is calculated based on these smart contracts and tokens:

    Generic escrow 0x1B74…8932
    Generic escrow 0x0549…eDC8
    Generic escrow 0x0617…660AImplementation (Upgradable)Admin
    Generic escrow 0x45af…8AA3
    Generic escrow 0x8E7e…CAEa
    Generic escrow 0xAc34…f95b
    Generic escrow 0xF57f…E89A
    Generic escrow 0x6A88…480B
    Generic escrow 0x542B…be84
    Generic escrow 0xF6c8…1B99
    Generic escrow 0xbfc8…3351
    Generic escrow 0xc2ef…9979
    Generic escrow 0xe483…e86F
    Generic escrow 0x03D1…9FEF
    Generic escrow 0x2E3c…0F73
    Generic escrow 0x89c9…6D04
    Generic escrow 0x79BC…1d49
    Generic escrow 0x75a8…9799
    Generic escrow 0xF640…C2D0
    Generic escrow 0xeAD3…461d
    Generic escrow 0x0ef0…e1E1
    Generic escrow 0x4913…F196
    Generic escrow 0x9b8F…0DCC
    Generic escrow 0x9c79…E192
    Generic escrow 0xa768…660f
    Generic escrow 0x5c16…7A59
    Generic escrow 0xAFcC…Dd1D
    Generic escrow 0x011E…7D40
    Generic escrow 0x61D4…F92f
    Generic escrow 0xBDCc…18b7
    Generic escrow 0xa275…bBbd
    Generic escrow 0x4E63…1ed0
    Generic escrow 0x3999…E576
    Generic escrow 0x6948…9F20
    Generic escrow 0x46A3…7877
    Generic escrow 0x606c…2BD9
    Generic escrow 0x3eC7…5920
    Generic escrow 0xEa9c…7C82
    Generic escrow 0xc75a…78f8
    Generic escrow 0x4715…B26C
    Generic escrow 0x8113…8435
    Generic escrow 0x55c4…C6c3
    Generic escrow 0xac82…E453
    Generic escrow 0x5882…97b1
    Generic escrow 0xf333…440a
    Generic escrow 0xD27F…3812
    Generic escrow 0x5686…521c
    Generic escrow 0xe26D…f73C
    Generic escrow 0x53a8…4007
    Generic escrow 0x6F58…f193
    Generic escrow 0x89F3…dA27
    Generic escrow 0x7061…70d5
    Generic escrow 0x75dF…8a2B
    Generic escrow 0x0a02…B404
    Generic escrow 0x9054…7d2B
    Generic escrow 0xEDe8…55bc
    Generic escrow 0x8d9F…D639
    Generic escrow 0xBc13…BFF3
    Generic escrow 0xB18e…635d
    Generic escrow 0xF669…5b93
    Generic escrow 0x1837…BbF0
    Generic escrow 0x3f7A…A33f
    Generic escrow 0x799A…4aE4
    Generic escrow 0x5207…a9f8
    Generic escrow 0x13E2…e3b8
    Generic escrow 0x0Baa…a3Ae
    Generic escrow 0x603D…0076
    Generic escrow 0x72a0…366a
    Generic escrow 0x1A4B…5dA2
    Generic escrow 0xF420…3Fa6
    Generic escrow 0xC3d3…2782
    Generic escrow 0x9987…eae3
    Generic escrow 0x10c9…6058
    Generic escrow 0x44e7…8C74
    Generic escrow 0x0c31…1362
    Generic escrow 0x7Eee…2921
    Generic escrow 0xA586…9FA7
    Generic escrow 0x8fd9…9841
    Generic escrow 0x8238…D89D
    Generic escrow 0xb086…8220
    Generic escrow 0x639f…a50c
    Generic escrow 0x9584…CCCd
    Generic escrow 0x19EE…c26a
    Generic escrow 0x3A2E…54Df
    Generic escrow 0x20B7…6491
    Generic escrow 0xf05a…b1C9
    Generic escrow 0x55e5…AB25
    Generic escrow 0xe48D…136E
    Generic escrow 0x4251…46D5
    Generic escrow 0x9763…Aea9
    Generic escrow 0xa558…e3aD
    Generic escrow 0xC8c2…F9B5
    Generic escrow 0xEcf6…3f78
    Generic escrow 0x407d…8a68
    Generic escrow 0x2B94…0F38
    Generic escrow 0xC26B…3d96
    Generic escrow 0xC8C8…E6bb
    Generic escrow 0x8628…50B9
    Generic escrow 0x8356…2Cd3
    Generic escrow 0x5536…a1Bc
    Generic escrow 0xc785…D650
    Generic escrow 0xbD09…50ee
    Generic escrow 0x43f4…fA54
    Generic escrow 0x18d3…6Ec1
    Generic escrow 0x94A4…e25b
    Generic escrow 0xDE76…9822
    Generic escrow 0x9c5a…6849
    Generic escrow 0x05dd…558e
    Generic escrow 0x3E8A…8529
    Generic escrow 0x3717…90D4

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is a 3h delay on code upgrades, during which designated Cancellers can veto the upgrade.