Uniswap Bridge Assessment Report | Polygon 2.0 | Hashflow Exploit | DLN Trade Live & More!
Last Week In The Multi-Chain Ecosystem (12 - 18 June '23)
Welcome to LI.FI’s Cross Chain Insider newsletter. If you want to join this community of cross-chain aficionados learning about bridges, interoperability, and the multi-chain ecosystem, subscribe below.
You can also check out LI.FI’s research articles, and follow us on Twitter!
Bridge Updates
1) Uniswap Foundation’s ‘Bridge Assessment Report’ is Out 🧐
The highly anticipated ‘Bridge Assessment Report’ is finally out. The report evaluates 6 bridges and different multi-bridge solutions for Uniswap’s cross-chain governance needs.
Read the full report here. Read the summary of the report here.
2) DLN Trade by deBridge is Live 👏
DLN Trade, a cross-chain exchange by deBridge, is live. DLN exchanges assets between users directly instead of wrapping or using liquidity pools.
3) Hashflow Exploited for ~$600k 👀
Hashflow was impacted by an approval-related issue that caused a loss of ~600k. Important updates related to the incident:
All users comprising the ~$600K affected will be made whole.
Impacted router contracts were deprecated by Hashflow on May 3, 2022 — Individuals who began using Hashflow after the new routers were implemented on May 3, 2022 were and remain safe from any impact.
Users can revoke funds by following the instructions. Read the post-mortem here.
4) Band Integrates with Axelar 🤝
Band, a cross-chain oracle protocol, has integrated Axelar to enable data availability and interoperability between the EVM and Cosmos ecosystem. dApps leveraging Axelar’s tech can now access Band’s data services.
5) MetaMask Now Offers Routes Via Connext 🦊
MetaMask Bridge now offers routes supported by Connext. Users can now access Connext quotes for bridge requests across Eth Mainnet, Polygon, BNB Chain, Optimism, and Arbitrum.
6) LI.FI Integrations & Cross-Chain Zaps 🦎
Sailing Sea, a blazing-fast fiat-to-crypto onramp, has integrated LI.FI’s API to allow users to buy any token across four chains, including Ethereum, Binance Smart Chain, Arbitrum, and Polygon.
Split Protocol Integrates LI.FI’s SDK
Split Protocol, a new innovative DEX aggregator, has integrated LI.FI’s SDK to power seamless cross-chain bridging and swapping inside their platform.
Cross-Chain Zaps by LI.FI and Wido
LI.FI and Wido are partnering to build cross-chain zaps for dApps interested in improving the crypto user experience.
Deposit to any contract from any token and any chain in one click.
Fill out this form to build xchain zaps for your dApp.
Multi-Chain Ecosystem Updates
1) Uniswap Labs Releases Vision for Uniswap v4 🦄
Uniswap Labs announced v4 with updates like Hooks, the singleton architecture, Flash Accounting, native ETH for pool operations, and governance updates, among others. An early implementation of the code can be found here.
2) Polygon Labs Introduces Polygon 2.0 💜
Polygon Labs introduced Polygon 2.0, a blueprint to build the ultimate Value Layer.
Polygon 2.0 is a set of upgrades that radically reimagine almost every aspect of Polygon, from protocol architecture to tokenomics to governance. More details will be announced in the coming weeks.
3) EigenLayer Mainnet is Now Live 👏
EigenLayer announced the deployment of the Stage-1 EigenLayer protocol on Ethereum Mainnet. Ethereum stakers can now restake in EigenLayer.
4) Frax Finance to Launch Ethereum L2 Called Fraxchain 👀
Frax Finance, the project behind stablecoin FRAX, announced its plans to rollout its own blockchain named Fraxchain. Fraxchain is designed as a Layer 2 rollup deriving its security from the Ethereum mainnet.
5) The Managers — First Ever Cross-Chain Mint 🔗
The mint for The Managers, one of the first NFT collections designed to utilize the possibilities of the ERC6551 standard, is set to go live on Wednesday, June 21, followed by a reveal shortly after the mint ends.
The minting process will feature LI.FI’s widget powered with the NFT Checkout Flow (purchase an NFT on any chain w/ any token), making it the first-ever cross-chain mint. Follow The Managers on Twitter to stay updated.
What’s Popping?
Today’s “What’s Popping?” is a guest post from Fire co-founder Josh Breite.
Fire is a transaction simulator that explains what is happening in a crypto transaction BEFORE a user presses “confirm” in a crypto wallet. Fire is a great tool for both normies and power-users, as it is a really simple way to double check that the contract you are transacting with is safe.
As long-time Fire users, Arjun and I reached out to Josh to write a post on cross-chain transactions from a wallet safety perspective. We think it’s an, ahem, ~fire~ article and we hope you enjoy reading it as much as we did.
Let’s dive in!
— — —
Wallet safety is especially important when it comes to token swaps, bridging and similar transactions. That’s because we’re often impatient to complete those transactions because we want to do another transaction afterwards.
Scams happen in a number of ways, but these are the most common when it comes to bridging and swapping:
Landing on a spoofed site: Scammers create fake websites which look like real, trustworthy platforms—but these replicas steal your assets as soon as you sign a transaction.
Using a dangerous bridge: Fraudulent bridges claim to facilitate secure transfers between blockchains, but redirect funds to their own addresses instead of your address on a different network.
Leaving approvals open: Unattended smart contract approvals leave bad actors with access to your funds—which they then send to themselves.
Not using a hot wallet: Experienced web3 users almost always have multiple wallets and move assets they don’t expect to move soon out of their “hot wallet” (which is an internet-connected wallet with funds you could stomach losing).
Scammers rely on rushed decisions when it comes to trades and approvals. This kind of carelessness is one of the most common ways people get scammed in web3. That’s why it’s super important to stay on top of a few wallet safety basics.
Before we get into specifics of swapping and bridging, a few basics:
Always maintain control of your private keys/seed phrase. Your private keys are like your credit card data—once someone has it, they can make any transaction they want to make. Never share your private keys with anyone, even services or individuals you trust.
Use a smart contract, multi-signature or MPC wallet—these add an extra layer of safety compared to conventional browser wallets.
How to Stay Safe With Token Swaps
Before we talk about the specifics of bridging and swapping, we need to explain the two types of wallets most people recommend you to have in web3:
A hot wallet is an online wallet that provides quick access to digital assets, but at the risk of being more vulnerable to online threats. This is where you keep funds you need immediately or soon—and where you do any trading. It’s like your checking account.
A cold wallet mostly stays offline, which lowers your exposure to bad actors (and keeps you from signing transactions too quickly). However, this means accessing and transacting with assets can be less convenient. It’s like your savings account where you keep assets you don’t need to move anytime soon.
When it comes to token swapping and bridging only use reputable and trusted platforms. Jumper.exchange aggregates trustworthy exchanges like 1inch, Uniswap and Sushiswap:
If you’re not using an aggregator, you can run into replications of well-known exchanges. These often look the same, but send scam transactions which give the wrong token approvals.
Token approvals in the context of Web3 are a transaction when interacting with smart contracts. They let you give permission to a smart contract to access or 'spend' a specific amount of a certain token from your wallet.
While even trustworthy decentralized exchanges need some approvals to spend your tokens (because they need to move them to your smart contract), scammers usually try to get approval for all of your assets, which is a transaction you should (almost) never sign.
A great way to stay safe is to use a transaction simulator like Fire, which shows you exactly what leaves and enters your wallet before you sign any transaction.
This is important because bad actors sometimes impersonate trustworthy websites. They replicate the design, hoping users will rush to sign the transaction because they believe themselves to be on a trustworthy site.
Many users unfortunately fall for this—often because they don’t understand what kind of transaction they’re signing. A transaction simulator alleviates this. If you’re only using your wallet, this is what you might see for a regular token swap:
While you can see the gas cost and the amount of ETH you’d send to the contract, it’s confusing—do you have any idea what the smart contract you’re interacting with would do if you approved this transaction?
Simulators make these transactions human-readable. Look at a Fire simulation of the same transaction:
Instead of being confused, you know exactly what’s leaving and entering your wallet. By looking at a simulation before confirming transactions, you’re more likely to spot scams, even if it’s just because you’re taking an extra moment to read what you’re signing.
If you already have a wallet and want an extra layer of safety, we recommend installing Fire’s free chrome extension today.
Interesting Reads
1) How the Optimism Bedrock upgrade affected the cross-chain bridging landscape
2) Intents and Where to Find Them
3) Evaluating Cross-Chain Messaging Protocols
4) What does scaling a blockchain 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 mean?
5) First principles and the mental model of Storage proofs
Get Started With LI.FI Today
For more information about the LI.FI protocol,
Head to our link portal at link3.to/lifi
Read our SDK’ quick start’ at docs.li.fi
Join the official Discord server
Follow our Telegram Newsletter
Subscribe on our Substack
or try our any-2-any swaps NOW at jumper.exchange