Search

Search for projects by name

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

SummaryValue LockedMilestones & IncidentsDetailed descriptionRisk summaryTechnologyPermissionsSmart contractsKnowledge Nuggets

Portal (Wormhole) logoPortal (Wormhole)

About

The Portal token bridge is built on top of Wormhole, a message passing protocol for enabling and validating cross-chain communication.

  • Total value locked
  • Destination
    Various
  • Validated by
    Third Party
  • Type
    Token Bridge

    • About

    The Portal token bridge is built on top of Wormhole, a message passing protocol for enabling and validating cross-chain communication.

    Value Locked
    Milestones & Incidents

    Wormhole introduces NTT for $W

    2024 Apr 25th

    Native Token Transfers (NTT) is a multichain composable token standard developed by Wormhole.

    Learn more

    Contracts hacked for $326M

    2022 Feb 3rd

    Learn more
    Detailed description

    The Portal token bridge is built on top of Wormhole, a message passing protocol for enabling and validating cross-chain communication.

    A specialized network of external nodes called Guardians are the source of truth for all such messages. The bridge escrow contracts are governed by the same set of Guardians that run the underlying Wormhole message protocol.

    Risk summary

    Users can be censored if

    1. guardians decide to stop processing certain transactions.
    Technology

    Principle of operation

    This is a type of Token Bridge that locks tokens in the escrow contracts on the source chain and mints tokens at the destination. What differentiates this solution is that the cross-chain message is sent via the Wormhole protocol, in which emitted messages on one chain are observed by a network of nodes (Wormhole: Guardians) and then verified. After its verification, the message is submitted to the destination chain for processing. Since the Guardian network is essential to the security of the Wormhole protocol, Guardians can tap into additional sources of truth apart from the events emitted at the source chain. The Wormhole Gateway, a Cosmos-SDK chain, serves as a hub that can perform additional standardized checks on metadata like VAA format and global token balances and flows.

    1. Docs: Wormhole architecture

    Transfers are externally verified

    Validation process takes place in an external network called the Guardian Network. Nodes in the network, called Guardians, observe the Core Contract on each supported chain and produce VAAs (Verified Action Approvals, essentially signed messages) when those contracts receive an interaction. Based on a threshold of VAAs, users can withdraw funds on the other end of the bridge.

    • Users can be censored if guardians decide to stop processing certain transactions.

    • Funds can be stolen if guardians allow to mint more tokens than there are locked on Ethereum, preventing some existing holders from being able to bring their funds back to Ethereum.

    • Funds can be stolen if guardians sign a fraudulent message allowing themselves to withdraw all locked funds.

    1. WormholeCore contract: function verifyVM()

    Destination tokens

    The type of token received on the destination chain depends on the token: If it is native to this chain, the user will receive the canonical token. If the bridged token is not native to the destination chain the user will receive a wrapped version. The token contract in this case is called BridgeToken and is upgradable.

    • Funds can be stolen if the destination token contract is maliciously upgraded.

    1. BridgeToken contract implementation
    Permissions

    The system uses the following set of permissioned addresses:

    Guardian Network (19) 0x5893…3Cd30xfF6C…21570x114D…2fD10x107A…cbEB0x8C82…f6b20x11b3…23430x54Ce…a7cd0x15e7…5a200x74a3…3ef00x000a…768e0xAF45…FC140xf931…cF950xD2CC…48900xDA79…08110x71AA…19C30x8192…b3Cf0x178e…96e80x5E14…9EdB0x6FbE…348d

    Off-chain actors signing messages (VAAs) containing transfer information or governance actions such as upgrades, which are decoded onchain with signature checks.

    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts on the host chain (Ethereum):

    WormholeCore 0x98f3…288BImplementation (Upgradable)Admin

    Governance contract storing the current Guardian set and providing a facility to verify cross-chain messages by verifying Guardians signatures. Guardians themselves can choose a new Guardian set. Can be upgraded by Guardians.

    TokenBridge 0x3ee1…a585Implementation (Upgradable)Admin

    Main bridge contract on Ethereum and an escrow for ETH and ERC20 tokens that were bridged to other chains. Can be upgraded by Guardians. This contract can store any token.

    TokenImplementation 0x0fD0…4eE6

    This is the template for BridgedToken implementations minted by Portal on Ethereum.

    NFTBridge 0x6FFd…51fEImplementation (Upgradable)Admin

    NFT bridge contract and an escrow for NFTs that were bridged to other chains. Can be upgraded by Guardians.

    NFTImplementation 0xEc4d…a7fc

    This is the template for bridged NFTs minted by Portal on Ethereum.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge Nuggets
    Thumbnail of Wormhole core architecture

    Wormhole core architecture

    Learn more

    Thumbnail of How Wormhole Guardians work

    How Wormhole Guardians work

    Learn more