Click here to join our community Discord server!

OMG Network logoOMG Network

TVL: $3.08M

-0.21% / 7 days

...

...

Tokens:

News

Description[Edit][Issue]

OMG Network claims to be the leading value transfer network for ETH and ERC20 tokens. Using the OMG Network, individuals and businesses can transact on a financial infrastructure that is claimed to be several times faster, 1/3rd the cost, and as secure as the Ethereum Network — while retaining full autonomy over their funds and keys. The Network scales by centralizing transaction processing and remains safe by decentralizing security.

Risk summary

Note: This project's overview requires more research and might not present accurate information. If you want to contribute you can edit the information on Github. Alternatively you contact the project team on Twitter and encourage them to contribute a PR.

Technology

Fraud proofs apply to exits only[Edit][Issue]

Note: This section requires more research and might not present accurate information.

The internal system state is not subject to any checks. Only exits from the system can be challenged. This places a much higher burden on potential validators, as they have to monitor all user activity and not only the single state.[Citation needed]

  • Funds can be stolen if there are fraudulent exits which nobody reported. Fraud proofs assume that every exit is checked by at least one honest and able party (CRITICAL).

Data is not stored on chain[Edit][Issue]

Note: This section requires more research and might not present accurate information.

The transaction data is stored on a plasma chain and is not recorded on the Ethereum main chain.[Citation needed]

  • Funds can be lost if the external data becomes unavailable.

Operator

The system has a centralized operator[Edit][Issue]

Note: This section requires more research and might not present accurate information.

The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.[Citation needed]

  • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

Users can independently exit the system[Edit][Issue]

Note: This section requires more research and might not present accurate information.

Independent exit allows the users to escape censorship by withdrawing their funds. The system allows users to withdraw their funds by submitting a transaction directly to the contract on-chain.[Citation needed]

  • Users can be censored if the operator refuses to include their transactions. They can still exit the system.

Withdrawals

Regular exit[Edit][Issue]

Note: This section requires more research and might not present accurate information.

The user executes the withdrawal by submitting a transaction on L1 that requires a merkle proof of funds.[Citation needed]

    The mass exit problem is unsolved[Edit][Issue]

    Note: This section requires more research and might not present accurate information.

    In case the operator is malicious all users need to exit within a predetermined time frame. Users that do not manage to do this will lose their funds.[Citation needed]

    • Funds can be stolen if users are unable to withdraw in a mass exit event.

    Smart Contracts[Edit][Issue]

    The system consists of the following smart contracts:

    • EthVault 0x3Eed…2ce0
      This contract stores the following tokens: ETH.
    • Erc20Vault 0x070c…430B
      This contract stores the following tokens: USDT, OMG, BAT, WBTC, DAI, CAT, renBTC, GNO, BUSD, ELEC, USDP, SPANK, LION, ZRX, MATIC, TUSD, BNT, KICK, LINK, BAL, CEL, CRO, LRC, USDC, AST, PASS, KNC.
    • ETHDepositVerifier 0x649f…70Be
      The source code of this contract is not verified on Etherscan.
    • ERC20DepositVerifier 0xD876…CD82
      The source code of this contract is not verified on Etherscan.
    • PlasmaFramework 0x0D4C…72ac
    • PaymentExitGame 0x48d7…Aad3
      The source code of the PaymentStartStandardExit library used by this contract is not verified on Etherscan.

    The current deployment carries some associated risks:

    • Funds can be stolen if the source code of unverified contracts contains malicious code (CRITICAL).