Multichain (ANY)

From CryptoWiki

Revision as of 08:56, 23 January 2022 by 5imp5on (talk | contribs) (1 revision imported)

Basics

  • Based in:
  • Started in / Announced on:
  • Testnet release:
  • Mainnet release:

History

  • Rebranded from Anyswap to Multichain (2022).

Audits

"Anyswap will reward anyone who reports bugs to us. This will help us build truly secure and even better cross-chain solutions."

Bugs/Exploits

  • From their Twitter (17-1-2022):

Critical vulnerability that affected 6 tokens (WETH, PERI, OMT, WBNB, MATIC, AVAX) has been reported and fixed. All assets on both V2 Bridge and V3 Router are safe, and cross-chain transactions can be done safely.:

"The funds lost were all $ pegged stablecoins totalling approximately $7.9M. The root of the exploit lay in the prototype V3 Router’s use of ECDSA, the algorithm securing its MPC wallet by generating private keys. This potential security flaw has been known since 2010, when console hacking group fail0verflow detailed the process here (p123-129). And its application to blockchain keys was later detailed in 2013. Despite this, Anyswap’s post-mortem states that the attacker detected a repeated k value in two of the V3 Router’s transactions on BSC, and was able to back-calculate the private key.

Anyswap stressed that “only the new V3 cross-chain liquidity pools have been affected” and that the bridge remains operational via V1 and V2 Routers. The post-mortem also states that the V3’s code has been fixed and will reopen after the 48hr timelock installed by the team expires. Although action was taken relatively quickly to prevent another attack, @nicksdjohnson is of the opinion that the patch does not do enough:

"Setting aside the fact that there's a much better, industry standard solution to this, their patch: Fails catastrophically (exposing users to another hack) if you accidentally delete a file, or restore from an old backup, or move to a new server. And it requires every signature request to scan every previous one, but really that's the smallest problem here."

Anyswap call themselves a “trustless protocol”, but perhaps that label no longer has the desired effect after such a damning evaluation from a leading Ethereum developer."

Governance

Admin Key

DAO

Treasury

Token

Launch

Token Allocation

Utility

Other Details

Stablecoin

Coin Distribution

Technology

  • Whitepaper can be found [insert here].
  • Code can be viewed [insert here].

Implementations

  • Built on: BSC
  • Programming language used:

Transaction Details

How it works

Fee Mechanism

Upgrades

Mining

Staking

Validator Stats

Liquidity Mining

Scaling

Interoperability

  • Also behind Allbridge.

Other Details

Oracle Method

Privacy Method

Compliance

Their Other Projects

Roadmap

  • Can be found [Insert link here].

Usage

Projects that use or built on it

Competition

Pros and Cons

Pros

Cons

Team, Funding and Partners

Team

  • Full team can be found [here].

Funding

Partners

(:

Knowledge empowers all and will help us get closer to the decentralized world we all want to live in!

Making these free wiki pages is fun but takes a lot of effort and time.

If you have enjoyed reading, tips are appreciated :) This will help us to keep expanding this archive of information.

ETH tip address: 0x83460bE5F218b1520B69D702cE60A1DE37dD8E31

Also check out CoinTr.ee for more content.