Search

Search for projects by name

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

xDai Bridge logoxDai Bridge

About

xDai Bridge is the official bridge dedicated to transferring Dai from Ethereum into xDai on Gnosis Chain.


  • Total value locked
  • Destination
    Gnosis Chain
  • Validated by
    Third Party
  • Type
    Token Bridge

  • About

    xDai Bridge is the official bridge dedicated to transferring Dai from Ethereum into xDai on Gnosis Chain.


    Value Locked
    Detailed description

    xDai Bridge is the official bridge dedicated to transferring Dai from Ethereum into xDai on Gnosis Chain.

    It uses a set of trusted validators to confirm deposits for a Lock-Mint swap. Tokens sent to the bridge escrow can be further sent to Compound to generate interest for external recipient, although this functionality has been disabled at the time of Ethereum Merge.

    Risk summary
    Technology

    Principle of operation

    xDai Bridge is the native Gnosis Chain bridge for swapping Dai on Ethereum into xDai on Gnosis, which is the native asset used for gas and transaction fees. Due to this native aspect of xDai it is minted via block reward contract by Gnosis consensus mechanism. Specifically, when a user deposits Dai to Bridge Contract on Ethereum, it is noticed by an external Bridge Validator Oracle service (4 / 7 Multisig). After collecting required signatures, the service calls a Bridge Contract on the Gnosis chain which instructs a Block Reward Contract that recipient’s xDai balance needs to be increased (as an EVM state update by consensus engine). To transfer xDai to Ethereum, a user deposits xDai to Bridge Contract on Gnosis chain, which is then burned. The Bridge Validator Service provides required signatures for a Bridge Contract on Ethereum which releases Dai to the user. Bridge contract on Ethereum supports sending deposited tokens to Compound to accrue yield, which can be transferred to EOA account with intention to be spent on supporting bridge operations.

    1. xDai Bridge Documentation
    2. Earning yield on Bridge Deposit

    Transfers are externally verified

    Dai and xDai deposits to Bridge Contracts are validated by a 4 / 7 Validator MultiSig. A separate 8 / 16 Governor Multisig is used for updating validator set, signature thresholds, bridge parameters and bridge contracts.

    • Users can be censored if validators decide to not pass selected messages between chains.

    • Funds can be stolen if validators relay a fake message to Gnosis chain to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum.

    • Funds can be stolen if validators relay a fake message to Ethereum chain allowing a user to withdraw tokens from Ethereum escrow when equivalent amount of tokens has not been deposited and burned on Gnosis chain.

    • Funds can be stolen if there's an exploit in Compound when it holds part of user deposit.

    • Funds can be frozen if validators don't relay messages between chains.

    • Funds can be frozen if there's insufficient liquidity of requested token in escrow and Compound.

    1. xDai Bridge Documentation
    Permissions

    The system uses the following set of permissioned addresses:

    GnosisBridgeGovernanceMultisig 0x42F3…A3F6

    A Gnosis Safe with 8 / 16 threshold. Can update bridge contracts, validator set, signature thresholds and bridge parameters.

    Used in:

    Smart contracts

    The system consists of the following smart contracts on the host chain (Ethereum):

    Bridge Contract and Escrow for (s)DAI. This contract stores the following tokens: cDAI, DAI, sDAI.

    Validator Management Contract.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).