🔒
Bridge Security
Detailed technical FAQs relating to Fiorin's integrated Ethereum bridge
Fiorin’s bridge consists of two functions:
- 1.A smart contract on the Ethereumnetwork and;
- 2.A token issuance mechanism on the BSVnetwork
These functions are encapsulated within the Fiorin wallet UI for a completely seamless stablecoin deposit / withdrawal experience.
Bridges are notorious for being insecure / unsafe. In order to have a higher level of confidence in a bridge, a user should consider the below:
- 1.Bridge smart contract is audited
- 2.Bridge smart contract is open source
- 3.Bridge smart contract locked and issued token amounts are public and verifiable
- 4.Controls / limits are hardcoded into the bridge smart contract
We address each of these points below.
- 0 critical findings
- 0 medium findings
- 11 informative findings (which have since been resolved on a redeployed smart contract)
- 1.User must specify their ERC20 withdrawal address when the wallet is created and this address cannot later be changed
- 2.ERC20 withdrawal addresses cannot be reused between different Fiorin wallets
- 3.User cannot withdraw funds until 24 hours after their first deposit
- 4.User has a 24 hour withdrawal limit equal to the maximum deposit they have made into the wallet
- 5.There is a maximum daily withdrawal amount from each user account of $100,000
- 6.All withdrawals are automatically blocked if there is an imbalance between locked and issued stablecoin amounts (next section)
- 7.There is a auxiliary private key (in cold storage) for the Ethereum bridge smart contract that can nullify the primary private key and issue new primary and auxiliary private keys
Fiorin’s bridge consists of two functions:
- 1.A smart contract on the Ethereumnetwork (which locks ERC20 tokens)
- 2.A token issuance mechanism on the Bitcoin SVnetwork (which wraps ERC20 tokens as USDXS tokens using the STAS protocol)
BSV token information:
Symbol: USDXS
token ID: aeded8ce7e2d25544be184ceb16875ede4711425
Fiorin allows ERC20 tokens (Ethereum) deposits which it then wraps 1:1 as USDXS tokens using STAS (BSV):
Fiorin monitors (via 3rd party api) both inbound and outbound ERC20 transfers to/from the bridge smart contract. Suspicious sends/receives will be blocked.
- 1.The bridge smart contract is exploited. Attackers could withdraw locked ERC20 tokens
- 2.Fiorin server is compromised. Attackers could action ERC20 withdrawal from bridge accounts of their choosing
- 3.Fiorin server is compromised. Attackers could mint unlimited USDXS tokens on BSV
- Mitigated by using open source bridge code
- Mitigated by having a reputable 3rd party audit
- Mitigated by public disclosure of locked ERC20 tokens and issued USDXS tokens. If these balances do not perfectly reconcile, the bridge smart contract can be disabled
- Mitigated by hardcoded bridge smart contract controls
- Each bridge user has their own account with a fixed and pre-specified withdrawal address as well as 24 hour withdrawal limits
- Mitigated by an auxiliary private key (kept in cold storage) which has the power to disable the bridge smart contract and reissue new primary and auxiliary private keys
Last modified 3mo ago