⚠️ Warning⚠️
⚠️ This code is being actively developed and is not yet production ready.
⚠️ DO NOT deploy this code or use deployments of this code for anything valuable.
Hashi is an EVM Header Oracle Aggregator, designed to facilitate a principled approach to cross-chain bridge security. The primary insight being that the vast majority of bridge-related security incidents could have had minimal impact if the systems relying on them had built in some redundancy. In other words, it's much more secure to require messages be validated by multiple independent mechanisms, rather than by just one.
Hashi allows users to:
- Build custom oracle adapter contracts for any header oracle mechanism they would like to use.
- Query a header oracle for the block header for a given block on a given chain.
- Query a set of header oracles the block headers for a given block on a given chain.
- Query for a unanimously agreed upon block header from a set of oracles for a given block on a given chain.
GiriGiriBashi allows users to:
- Define a set of oracles for each chainId.
- Define a threshold of oracles that must agree on a block header for each chain.
- Query for a unanimously agreed on header from that full set of oracles.
- Query for a block header agreed upon by a threshold of oracles for a given block on a given chain; the provided oracles must all agree on the header for the given block, must all be enabled as oracles for the given chain, and must exceed the threshold for the chain.
Hashi's additional redundancy obviously comes with a higher gas cost, along with moving only as quickly as the slowest oracle in a given set. However, this trade-off seems well worth it given the scope and frequency of past bridge-related security incidents.
Hashi is currently unaudited. Proceed with caution, there is probably dragons. 🐲
All contracts are WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Created under the LGPL-3.0+ license.