Socket - L2BEAT

Website	socketscan.io
Docs	developer.socket.tech/Learn/protocol-design
Repository	github.com/SocketDotTech/socket-DL github.com/SocketDotTech/socket-plugs/blob/main/contracts/superbridge
Social	@SocketDotTech

This page gathers Socket vaults built on top of Socket Data Layer cross chain messaging protocol.

Socket is highly flexible and configurable and risks vary depending on the current configuration of the specific route. It allows to define custom Token Vaults that communicate using different messaging protocols. Token Vaults are connected via Plugs and Switchboards to their remote counterparts. The central contract on each chain, Socket, stores the configuration of all Plugs and Switchboards. Some Switchboards may be as secure as “native” (canonical) bridge, some may use simple Relayers/Watchers to move messages across chains.

Risk summary

The security parameters of each individual token and vault must be individually assessed, and can be changed by the developers. DYOR and use Socket at your own risk.

Funds can be stolen if

watchers submit fraudulent block hash and relay fraudulent transfer (CRITICAL),
the Socket Vault owners change the Vault configuration (CRITICAL),
a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

Users can be censored if

watchers fail to facilitate the transfer (CRITICAL).

Technology

Principle of operation

Socket is a bridge framework connecting different chains via a set of “switchboards”. Every chain using Socket for some of its tokens can mix & match many switchboards with varying trust assumptions, for example mixing a “fast” route via “Fast Switchboard” with a “Standard Route” using a native rollup AMB.

Various switchboards

Note: This section requires more research and might not present accurate information.

Vaults can use any registered switchboards. The validation model is chosen by the switchboard and their security can vary from using a canonical bridge to a third-party validation model.

Users can be censored if watchers fail to facilitate the transfer (CRITICAL).
Funds can be stolen if watchers submit fraudulent block hash and relay fraudulent transfer (CRITICAL).
Funds can be stolen if the Socket Vault owners change the Vault configuration (CRITICAL).

Protocol Design - Socket Documentation

Permissions

The system uses the following set of permissioned addresses:

socketadmin.eth EOA 0x5fD7…6d34

Account privileged to set up different roles in the main Socket contract.

LyraMultisig 0x246d…9fCF

Multisig that owns the Socket Vaults associated with Lyra. This is a Gnosis Safe with 2 / 3 threshold.

LyraMultisig participants (3) 0xb88D…1F65 0x76E6…6D52 0x4cEa…9F12

Those are the participants of the LyraMultisig.

KintoMultisig 0xf152…5D82

Multisig that owns the Socket Vaults associated with Kinto. This is a Gnosis Safe with 3 / 6 threshold.

KintoMultisig participants (6) 0x5D97…Ae2e 0x78C0…2259 0x08E6…F5a8 0xc1f4…f40B 0x9456…745E 0xc31C…61eC

Those are the participants of the KintoMultisig.

HookOwnerEOA 0x3B88…81BF

EOA that owns the Socket Vaults associated with hook.xyz.

Smart contracts

Note: This section requires more research and might not present accurate information.

A diagram of the smart contract architecture

The system consists of the following smart contracts:

Socket 0x943A…16f9

Central contract in Socket SuperBridge holding configuration of all Plugs and associated Switchboards.

FastSwitchboard 0xD5a8…F5cD

Fast Switchboard having a set of Watchers authorizing transfers. If the transfer is not explicitly authorized within certain period of time, it is optimistically considered to be valid. Watchers can also stop (trip) an invalid transfer.

PolygonL1Switchboard 0x0534…62CD

Switchboard using native Polygon message passing.

OptimismSwitchboard 0x139f…c287

Switchboard using native Optimism message passing.

ArbitrumL1Switchboard 0xdf5f…9CAe

Switchboard using native Arbitrum message passing.

ExecutionManager 0xFB4d…84E0

TransmitManager 0xeD03…0341