L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our discord to suggest improvements!

xDai Bridge logoxDai Bridge


...


Tokens:

Description

xDai Bridge is the official bridge dedicated to transferring Dai from Ethereum into xDai on Gnosis Chain. It uses a set of trusted validators to confirm deposits for a Lock-Mint swap. Tokens sent to the bridge escrow can be further sent to Compound to generate interest for external recipient, although this functionality has been disabled at the time of Ethereum Merge.

If you find something wrong on this page you can submit an issue or edit the information.

Risk summary

Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Technology

Principle of operation

xDai Bridge is the native Gnosis Chain bridge for swapping Dai on Ethereum into xDai on Gnosis, which is the native asset used for gas and transaction fees. Due to this native aspect of xDai it is minted via block reward contract by Gnosis consensus mechanism. Specifically, when a user deposits Dai to Bridge Contract on Ethereum, it is noticed by an external Bridge Validator Oracle service (4/6 Multisig). After collecting required signatures, the service calls a Bridge Contract on the Gnosis chain which instructs a Block Reward Contract that recipient's xDai balance needs to be increased (as an EVM state update by consensus engine). To transfer xDai to Ethereum, a user deposits xDai to Bridge Contract on Gnosis chain, which is then burned. The Bridge Validator Service provides required signatures for a Bridge Contract on Ethereum which releases Dai to the user. Bridge contract on Ethereum supports sending deposited tokens to Compound to accrue yield, which can be transferred to EOA account with intention to be spent on supporting bridge operations.

  1. xDai Bridge Documentation
  2. Earning yield on Bridge Deposit

Transfers are externally verified

Dai and xDai deposits to Bridge Contracts are validated by a 4/6 Validator MultiSig. A separate Governor 7/16 Multisig is used for updating validator set, signature thresholds, bridge parameters and bridge contracts.

  • Users can be censored if validators decide to not pass selected messages between chains (CRITICAL).

  • Funds can be stolen if validators relay a fake message to Gnosis chain to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL).

  • Funds can be stolen if validators relay a fake message to Ethereum chain allowing a user to withdraw tokens from Ethereum escrow when equivalent amount of tokens has not been deposited and burned on Gnosis chain (CRITICAL).

  • Funds can be stolen if there's an exploit in Compound when it holds part of user deposit (CRITICAL).

  • Funds can be frozen if validators don't relay messages between chains.

  • Funds can be frozen if there's insufficient liquidity of requested token in escrow and Compound.

  1. xDai Bridge Documentation

Permissioned Addresses

The system uses the following set of permissioned addresses:

Bridge Governance 7/16 MultiSig 0x42F3…A3F6

Can update bridge contracts, validator set, signature thresholds and bridge parameters

Bridge Validators

Interest Receiver 0x5eD6…97CC

Address set to receive interest from investing deposited tokens.

Smart Contracts

The system consists of the following smart contracts:

xDai Bridge Contract (Escrow). This contract stores the following tokens: cDAI, DAI.

Validator Management Contract.

The current deployment carries some associated risks:

  • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).