L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!
LightLink
About
LightLink is a sidechain that lets dApps and enterprises offer users instant, gasless transactions. It aims at becoming an Ethereum Layer 2.
About
LightLink is a sidechain that lets dApps and enterprises offer users instant, gasless transactions. It aims at becoming an Ethereum Layer 2.
Funds can be stolen if
- validators decide to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL),
- validators relay a withdraw request that wasn't originated on the source chain (CRITICAL),
- destination token contract is maliciously upgraded (CRITICAL).
Users can be censored if
Principle of Operation
LightLink chain state roots are periodically posted to Ethereum through a CanonicalStateChain contract on L1. After the challenge window of 3d, the published state root is assumed to be correct. During the challenge window, anyone can challenge a block header against some basic validity checks. The challenge fee required is 1.5 ETH. Once challenged, the permissioned defender can respond within 2d to the challenge, by providing the L2 header and the previous L2 header. If the defender does not respond, the block header is considered invalid, the canonical state chain is rolled back to the previous state root, and the challenger can claim back the challenge fee. If the defender successfully responds, the challenger loses the challenge fee to the defender. Since only the block header can be challenged and not the state transition, the system is vulnerable to invalid state roots. Moreover, state roots are not used for L1 bridge withdrawals. Users can deposit tokens on the LightLink chain by sending them to the L1BridgeRegistry contract on Ethereum L1. On the LightLink chain, token minting is then authorized by a permissioned set of signers providing signatures as input to the syncDeposit() function on the L2ERC20Predicate contract. Users can withdraw their funds by submitting a withdraw() transaction to the L2ERC20Predicate contract, which will burn the tokens on the LightLink chain. To then unlock tokens from the bridge on L1, a validator multisig needs to validate the withdrawal based on off-chain validity checks. Users can exit the network once enough validators have signed off on the withdrawal. Currently, a minimum of 2 validators is required to sign off on a withdrawal.
Validation By Signers
For deposits, messages are verified by a permissioned set of signers on the LightLink network, which monitors emitted DepositToken events on L1 and provides signatures to authorize syncDeposit() transactions execution on LightLink. In the same way for withdrawals, the set of signers provides signatures to authorize the withdrawal transactions releasing tokens from the bridge.
Users can be censored if validators decide to not mint tokens after observing an event on Ethereum (CRITICAL).
Funds can be stolen if validators decide to mint more tokens than there are locked on Ethereum thus preventing some existing holders from being able to bring their funds back to Ethereum (CRITICAL).
Funds can be stolen if validators relay a withdraw request that wasn't originated on the source chain (CRITICAL).
Destination tokens are upgradable
Tokens on the destination end up as wrapped ERC20 proxies that are upgradable by the LightLinkMultisig, using EIP-1967.
Funds can be stolen if destination token contract is maliciously upgraded (CRITICAL).
The system uses the following set of permissioned addresses:
Permissioned set of actors that can validate withdrawals from the bridge. Each validators has a voting power assigned that determines the weight of their vote. Currently, the threshold is set to 50.00% of the total voting power.
The proposer (“publisher”) is responsible for pushing new state roots to the CanonicalStateChain contract on L1.
This address is the admin of the L1BridgeRegistry. It can pause the bridge and upgrade the bridge implementation. It also determines the validators of the bridge and their voting power. It is not a Gnosis Safe multisig, but a custom multisig implementation.
This address is the owner of all the CanonicalStateChain and Challenge contracts. Can replace the proposer and core system parameters.
The system consists of the following smart contracts on the host chain (Ethereum):
The Canonical State Chain (CSC) contract is the main contract of the LightLink network. It stores the state roots of the LightLink chain on Ethereum L1.
Upgrade delay: No delay
The Challenge contract is used to challenge block headers on the LightLink chain. Currently, data availability challenges and execution challenges are not enabled.
Upgrade delay: No delay
The L1BridgeRegistry contract is used to store the address of the LightLink multisig and the address and voting power of the validators managing the bridge.
If the DAOracle is set, this contract enables any user to directly upload valid Layer 2 blocks from the data availability layer to the L1.
Upgrade delay: No delay
The DABridge contract used to verify shares inclusion in the ChainOracle provideShares() function. If not set, data shares cannot be verified and stored in the ChainOracle contract.