Giter Club home page Giter Club logo

hashi's Introduction

⚠️ Warning ⚠️

⚠️ This code is being actively developed and is not yet production ready.

⚠️ DO NOT deploy this code or use deployments of this code for anything valuable.


Github Actions Coverage Status Hardhat License: LGPL-3.0-only

Hashi

Hashi 橋

Hashi is an EVM Hash Oracle Aggregator, designed to facilitate a principled approach to cross-chain bridge security.

The primary insight being that the vast majority of bridge-related security incidents could have had minimal impact if the systems relying on them had built in some redundancy. In other words, it's much more secure to require messages be validated by multiple independent mechanisms, rather than by just one.

We call this setup a RAIHO (Redundant Array of Independent Hash Oracles).

Features

Hashi (橋) allows users to:

  • Build custom oracle adapter contracts for any hash oracle mechanism they would like to use.
  • Query an oracle for the hash for a given ID in a given domain. (e.g. header of a block on a given chainId)
  • Query a set of oracles the hash for a given ID in a given domain.
  • Query for a unanimously agreed upon block hash from a set of oracles for a given ID in a given domain.

ShoyuBashi (所有橋) allows:

  • An owner account to:
    • Define an instance of Hashi to query.
    • Define a set of oracles for each domain.
    • Define a threshold of oracles that must agree on a hash for each domain.
    • Change any of the above settings at any time.
  • Anyone to:
    • Query for a unanimously agreed on hash from that full set of oracles.
    • Query for a hash agreed upon by a threshold of oracles for a given block on a given chain; the provided oracles must all agree on the hash for the ID, must all be enabled as oracles for the given domain, and must exceed the threshold for the domain.

GiriGiriBashi (ギリギリ橋) allows:

  • An owner account to:
    • Initialize the set of oracles for each domain.
    • Initialize the threshold of oracles that must agree on a hash for each domain.
    • Replace quarantined oracle adapters.
    • Set a challenge bond recipient.
  • Anyone to:
    • Query for a unanimously agreed on hash from that full set of oracles.
    • Query for a hash agreed upon by a threshold of oracles for a given block on a given chain; the provided oracles must all agree on the hash for the ID, must all be enabled as oracles for the given domain, and must exceed the threshold for the domain.
    • Challenge an oracle to report on a hash.
    • Resolve a challenge, either returning the bond to the challenger and quarantining the given oracle, in the case that the oracle does not report in time or reports a conflicting hash, or forwarding the challenge bond to the recipient.
    • Declare a state of no confidence for a given domain, forcing the domain to be re-initialized by owner.

Yaho (ヤッホー) allows users to:

  • dispatch arbitrary messages via Hashi, which:
    • emits the hash of arbitrary messages as events
    • stores the arbitrary message in storage
  • relay previously stored messages to any number of message adapters
  • dispatch messages and relay them to adapters in a single call

Yaru (やる) allows owner to:

  • execute arbitrary messages passed from Yaho

Hashi Zodiac Module allows users to:

  • Control an avatar (like a Safe) on one chain from a controller address on another chain, via messages passed over hashi.
  • Define an instance of Yaho which can pass it messages.
  • Define a chainId (usually called domain elsewhere in this repo).
  • Define a foreign controller address.

Hashi's additional redundancy obviously comes with a higher gas cost, along with moving only as quickly as the slowest oracle in a given set. However, this trade-off seems well worth it given the scope and frequency of past bridge-related security incidents.

Audits

Hashi has been audited by the G0 group.

All issues and notes of the audit have been addressed as of commit hash 9f373635.

The audit results are available as a pdf in this repo.

Please note, there have been changes to contract code since this audit. A subsequent audit of the changed code is pending.

Security and Liability

All contracts are WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

License

Created under the LGPL-3.0+ license.

hashi's People

Contributors

allemanfredi avatar auryn-macmillan avatar dimo99 avatar lrnt avatar mattstam avatar mellowcroc avatar mikekinetex avatar oliviera9 avatar rhlsthrm avatar seungjulee avatar shivam78288 avatar solidoracle avatar utkarsh-21st avatar viatrix avatar victoryeo avatar zengzengzenghuy avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.