SummaryChartMilestonesDescriptionRisk analysisRollup stageTechnologyOperatorWithdrawalsPermissionsSmart contractsKnowledge nuggets

Paradex logoParadex

Value Locked

$2.95 M

4.19%

Canonically Bridged
$2.95 M (100%)
Externally Bridged
$0.00 (0%)
Natively Minted
$0.00 (0%)
View TVL Breakdown
  • Breakdown
  • Daily TPS
    Coming soon
  • 30D tx count
    Coming soon
  • Stage
    Stage 0
  • Technology
    ZK Rollup
  • Purpose
    Exchange

    • Chart

    ...

    Tokens

    Choose token

    Canonically Bridged Tokens (Top 15)
    USD Coin (USDC)
    View TVL Breakdown

    Milestones

    Open Beta Mainnet Launch

    2023 Oct 1st

    Paradex launches Open Beta on Mainnet.

    Learn more
    Show more

    Description

    Paradex is a high-performance crypto-derivatives exchange built on a Starknet Appchain.

    If you find something wrong on this page you can submit an issue or edit the information.

    Risk analysis

    Sequencer failureState validationData availabilityUpgradeabilityProposer failure

    State validation

    ZK proofs (ST)

    zkSTARKS are zero knowledge proofs that ensure state correctness.

    Data availability

    On chain (SD)

    All of the data (SD = state diffs) needed for proof construction is published on chain.

    Upgradeability

    Yes

    The code that secures the system can be changed arbitrarily and without notice.

    Sequencer failure

    No mechanism

    There is no mechanism to have transactions be included if the sequencer is down or censoring.

    Proposer failure

    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Rollup stage

    ParadexParadex is a
    Stage 0
    ZK Rollup.
    The requirement for available node software is under review
    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.

    Technology

    Validity proofs ensure state correctness

    Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. These proofs are then verified on Ethereum by a smart contract.

    Zero knowledge STARK cryptography is used

    Despite their production use zkSTARKs proof systems are still relatively new, complex and they rely on the proper implementation of the polynomial constraints used to check validity of the Execution Trace.

    • Funds can be lost if the proof system is implemented incorrectly.

    1. STARK Core Engine Deep Dive

    All data required to reconstruct rollup state is published on chain

    State diffs are publish on-chain as calldata on every state update. The state diffs contain information on every contact whose storage was updated, and additional information on contract deployments. From diffs full system state can be recovered. Contracts’ code is not published on L1, but can be trustlessly verified if available elsewhere.

    1. On-Chain Data - Starknet documentation

    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    Users can't force any transaction

    There is no general mechanism to force the sequencer to include the transaction.

    • Users can be censored if the operator refuses to include their transactions.

    1. Censorship resistance of Starknet - Forum Discussion

    Withdrawals

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is proven the funds become available for withdrawal on L1. Finally the user submits an L1 transaction to claim the funds. This transaction does not require a merkle proof. Note that the withdrawal request can be censored by the Sequencer.

    • Funds can be frozen if the operator censors withdrawal transaction.

    1. Withdrawing is based on l2 to l1 messages - Starknet documentation

    Emergency exit

    There is no generic escape hatch mechanism as Starknet cannot be forced by users into a frozen state. Note that a freezing mechanism on L2, to be secure, requires anti-censorship protection.

    Permissions

    The system uses the following set of permissioned addresses:

    Paradex owner 0x2E6f…A74f

    Can upgrade implementation of the system, potentially gaining access to all funds stored in the bridge and potentially allowing fraudulent state to be posted. Currently there is no delay before the upgrade, so the users will not have time to migrate.

    SHARP Verifier Governors 0x3DE5…F5C60x21F9…AEc4

    Can upgrade implementation of SHARP Verifier, potentially with code approving fraudulent state. Currently there is 28d delay before the upgrade.

    SHARPVerifierGovernorMultisig 0x21F9…AEc4

    SHARP Verifier Governor. This is a Gnosis Safe with 2 / 3 threshold.

    SHARPVerifierGovernorMultisig participants 0x5923…85580xebc8…fD7F0x955B…2Fec

    Those are the participants of the SHARPVerifierGovernorMultisig.

    Operators 0xC70a…4fe2

    Allowed to post state updates. When the operator is down the state cannot be updated.

    USDC Escrow owner 0xa1F2…E77c

    Can upgrade implementation of the USDC Escrow, potentially gaining access to all funds stored in the bridge. Currently there is no delay before the upgrade, so the users will not have time to migrate.

    Smart contracts

    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts:

    Paradex 0xF338…3640Implementation (Upgradable)

    Paradex contract received verified state roots from the Sequencer, allows users to read L2 -> L1 messages and send L1 -> L2 messages.

    Can be upgraded by: Paradex owner

    Upgrade delay: No delay

    SHARPVerifierProxy 0x4731…Db60Implementation (Upgradable 28 days delay)

    CallProxy for GpsStatementVerifier.

    SHARPVerifier 0x6cB3…1BF6

    Starkware SHARP verifier used collectively by Starknet, Sorare, ImmutableX, Apex, Myria, rhino.fi and Canvas Connect. It receives STARK proofs from the Prover attesting to the integrity of the Execution Trace of these Programs including correctly computed state root which is part of the Program Output.

    FriStatementContract 0x3E61…d2DD

    Part of STARK Verifier.

    MerkleStatementContract 0x5899…5fa4

    Part of STARK Verifier.

    MemoryPageFactRegistry 0xFD14…D1b4

    MemoryPageFactRegistry is one of the many contracts used by SHARP verifier. This one is important as it registers all necessary on-chain data.

    CairoBootloaderProgram 0x5d07…9dDf

    Part of STARK Verifier.

    Value Locked is calculated based on these smart contracts and tokens:

    Escrow for USDC 0xE3cb…3Db3Implementation (Upgradable)

    Paradex USDC Escrow. The current bridge cap is 5.00 M USDC.

    Can be upgraded by: USDC Escrow owner

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge nuggets

    Understand StarkWare #1

    Learn more

    Understand StarkWare #2

    Learn more

    Understand StarkWare #3

    Learn more

    Understand StarkWare #4

    Learn more