Allbridge's maintainers, with support from Stellar Development Foundation, engaged with Quarkslab to perform an audit of Allbridge Core implementation in the Stellar ecosystem. This new implementation uses Stellar's smart contracts platform: Soroban.

Introduction

Allbridge Core is a cross-chain swap built specifically for dollar-pegged tokens (stablecoins). It operates on multiple blockchains and allows users to transfer stablecoin funds across different networks. As of today, Allbridge Core oversees a Total Value Locked (TVL) exceeding $17 million. It works by keeping liquidity pools for the supported tokens on each blockchain. Incoming tokens go into the pool, and the value of those tokens is sent via the messaging protocol to another chain, where it is converted back to tokens to be paid to the user.

Allbridge Core supports several blockchains such as Ethereum, Polygon, and Solana. The project is evolving and will be deployed in the Stellar ecosystem. Allbridge's maintainers implemented the Allbridge Core protocol for the Stellar blockchain in addition to the Allbridge Classic protocol already supported.

The Stellar ecosystem provides the Soroban environment. It is a smart contract platform that was audited by Quarkslab and introduced as a new feature to the mainnet. This platform includes the smart contract environment, a Rust SDK, a CLI, and an RPC server.

The goal of this audit was to assess the security of the Soroban implementation of Allbridge Core protocol. The full audit report is available on Allbridge's website.

Scope

The scope of this audit included the standard architecture of the Allbridge Core protocol. It is divided into four Soroban smart contracts, available in the allbridge-io/allbridge-core-soroban-contracts GitHub repository:

  • Bridge smart contract
  • Messenger smart contract
  • Gas oracle smart contract
  • Pool smart contract

Findings

The table below summarizes the findings of the audit. A total of 8 issues were found, of which 1 had medium severity and 1 had low severity, while the others were informational only.

ID Title Severity Perimeter
MED-1 Admin can drain stablecoin liquidity Medium Pool (set_bridge)
LOW-1 Lack of input sanitization in admin functions Low Pool (setters)
INFO-1 Tests reproduce the code logic Info Tests
INFO-2 Bridge implements an insecure pattern Info Bridge (swap_and_bridge)
INFO-3 Superfluous storage DataKey::ReceivedMessage Info Messenger
INFO-4 Unused variant DataKey::Admin Info Gas oracle
INFO-5 Admin fees seem to be incorrect Info Pool (initialize)
INFO-6 Multiple casting from u128 to i128 Info Pool (deposit)

All the reported findings were fixed, except the medium severity finding. Allbridge acknowledged this issue and stated they plan to address it by developing a cross-chain DAO in their 2024 timeline.

Conclusion

The Allbridge Core protocol codebase, upon thorough review, has demonstrated a great level of maturity and sophistication. Quarkslab had a successful collaboration with Allbridge with the help of the Stellar Development Foundation and participated in securing a key component of the ecosystem. Despite the constrained timeline, this comprehensive evaluation unveiled one medium and one low severity issue. Going forward, we strive to continue pursuing our mission of advancing security in the Web3 ecosystem.


If you would like to learn more about our security audits and explore how we can help you, get in touch with us!