Search

Search for projects by name

L2BEAT Bridges is a work in progress. You might find incomplete research or inconsistent naming. Join our Discord to suggest improvements!

Multichain logoMultichain

THE BRIDGE IS NOT SAFE FOR USE. The Multichain’s team urges everyone to refrain from using the bridge as it is under investigation by Chinese law enforcement authorities. For more information, please visit this thread.

About

Multichain is an externally validated bridge. It uses a network of nodes running SMPC (Secure Multi Party Computation) protocol. It supports dozens of blockchains and thousands of tokens with both Token Bridge and Liquidity Network.


  • Total value locked
  • Destination
    Various
  • Validated by
    Third Party
  • Type
    Hybrid

  • About

    Multichain is an externally validated bridge. It uses a network of nodes running SMPC (Secure Multi Party Computation) protocol. It supports dozens of blockchains and thousands of tokens with both Token Bridge and Liquidity Network.


    Value Locked
    Milestones & Incidents

    Anyswap rebrands to Multichain

    2021 Dec 16th

    Contracts hacked for $3M

    2022 Jan 18th

    Multiple critical vulnerabilities were found in the contracts.

    Learn more
    Risk summary
    THE BRIDGE IS NOT SAFE FOR USE. The Multichain’s team urges everyone to refrain from using the bridge as it is under investigation by Chinese law enforcement authorities. For more information, please visit this thread.
    Technology

    Principle of operation

    Multichain (formerly AnySwap) is a Hybrid Bridge that, depending on a token, can act as a Token Bridge or as a Liquidity Network. It uses multiple escrows on a source chain (one per each destination) in addition to tokenized Liquidity Pools (anyToken contracts) - one anyToken contract per token. It uses an on-chain Router that, depending on the token/destination will choose either TokenBridge or Liquidity Network to bridge assets.

    Transfers are externally verified

    Outgoing transfers are being watched by external entities that - utilizing MPC (MultiParty Computation) - sign off token minting (for Token Bride) or token swap (for Liquidity Network). Incoming transfers work similarly - tokens burned on a source chain release tokens from escrow on a destination chain.

    • Funds can be stolen if MPC nodes decide to maliciously takeover them or there is an external exploit which will result in signing malicious transaction.

    • Users can be censored if MPC nodes decide to censor certain transactions.

    • Funds can be lost if MPC nodes lose the private key.

    • Funds can be frozen if MPC nodes decide to stop processing transfers.

    Destination tokens

    Type of the token received on the destination chain depends on the token. Users may receive wrapped Token, canonical Token or anyToken that can be considered to be an IOU for the canonical Token.

    • Funds can be stolen if destination token contract is maliciously upgraded or not securely implemented.

    Permissions

    The system uses the following set of permissioned addresses:

    Multichain "Liquidity Tool" 0x5E58…6F00

    Privileged account that received funds from Ethereum source escrow without corresponding burn on the destination chain. These funds were bridged to different chains and used to supply liquidity for various anyTokens. Users have to trust this account that it never tries to redeem held anyTokens for the underlying canonical token.

    Multichain MPC 0x2A03…A869

    Account controlled by the MPC nodes. Can set minters for anyTokens. Can access liquidity in anyTokens.

    Smart contracts
    Note: This section requires more research and might not present accurate information.

    The system consists of the following smart contracts on the host chain (Ethereum):

    AnyswapV4Router 0x6b7a…1522

    Multichain Liquidity Network Router V4.

    AnyswapV6Router 0xBa8D…0705

    Multichain Liquidity Network Router V6.

    Knowledge Nuggets