Search

Search for projects by name

SummaryValue SecuredRisk summaryRisk analysisState validationPermissionsSmart contracts

Eclipse logoEclipse

Badges

About

Eclipse is a sidechain powered by the Solana Virtual Machine (SVM).

Value secured
$51.50 M0.03%
Canonically Bridged
$51.50 M
Natively Minted
$0.00
Externally Bridged
$0.00
View TVS Breakdown
  • Tokens
  • Past day UOPS
    34.924.45%
  • Type
    Other
  • Purpose
    Universal
    • Sequencer failureState validationData availabilityExit windowProposer failure
    Explore more in Discovery UI

    Badges

    About

    Eclipse is a sidechain powered by the Solana Virtual Machine (SVM).

    Why is the project listed in others?

    The proof system isn't fully functional

    Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

    There is no data availability bridge

    Consequence: projects without a data availability bridge fully rely on single entities (the sequencer) to honestly rely available data roots on Ethereum. A malicious sequencer can collude with the proposer to finalize an unavailable state, which can cause loss of funds.

    Learn more about the recategorisation here.

    Value Secured

    2024 Jul 29 — 2025 Jul 01

    Total value securedTotal
    $51.50 M0.03%
    Canonically BridgedCanonically Bridged ValueCanonical
    $51.50 M0.03%
    Natively MintedNatively Minted TokensNative
    $0.000.00%
    Externally BridgedExternally Bridged ValueExternal
    $0.000.00%
    View TVS breakdown
    Risk summary

    Users can be censored if

    1. the bridge operators decide not to mint tokens after observing a deposit.
    Risk analysis
    Sequencer failureState validationData availabilityExit windowProposer failure
    Sequencer failure
    No mechanism

    There is no mechanism to have transactions be included if the sequencer is down or censoring.

    State validation
    None

    Currently the system permits invalid state roots. More details in project overview.

    Data availability
    External

    Proof construction and state derivation fully rely on data that is posted on Celestia. Sequencer tx roots are not checked against the Blobstream bridge data roots onchain, but L2 nodes can verify data availability by running a Celestia light client.

    Exit window
    None

    There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

    Proposer failure
    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    State validation
    No state validation

    Eclipse implements a custom permissioned bridge. Withdrawals need to be actively authorized by a Multisig. Moreover, there is no mechanism to send arbitrary messages from Eclipse back to Ethereum. There is a 7d delay for withdrawals.

    • Users can be censored if the bridge operators decide not to mint tokens after observing a deposit.

    • Funds can be stolen if the Treasury owner decides to transfer the funds locked on L1.

    1. CanonicalBridge.sol - Etherscan source code, authorizeWithdraw() function
    2. Mailbox.sol - Etherscan source code, receiveMessage() function calls CanonicalBridge
    3. Treasury.sol - Etherscan source code, emergencyWithdraw() function
    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Actors:

    AuthorityMultisig 0x4720…64E0
    • A Multisig with 3/5 threshold. Can pause and upgrade the EtherBridge and Mailbox contracts and change all parameters in the ‘CanonicalBridge’ contract or authorize/cancel withdrawals.

    Participants (5):

    0xBb53…D5470xCD2f…e6A40x9508…B2a50x7572…BFc20xF48C…46FA
    TreasuryOwner 0x7B2c…0efC
    • A Multisig with 3/5 threshold. Can upgrade and transfer funds from the Treasury.

    Participants (5):

    0xd061…cDb50x0706…8Fed0xDecF…96860xEe05…82D90x3392…C080
    WithdrawerEOA 0x1a84…C4fE

    Can authorize arbitrary withdrawals from the Treasury (via the ‘CanonicalBridge’ contract) with a 7d delay.

    PauserEOA 0x6810…77D3

    Can pause standard withdrawals from the ‘CanonicalBridge’ contract and cancel withdrawals during the standard 7d delay.

    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    CanonicalBridge 0x2B08…be11

    Entry point to deposit ETH. It is registered as a module in the Mailbox contract.

    Mailbox 0xb23B…968dImplementation (Upgradable)Admin

    Contract receiving messages from registered modules to send to Eclipse. It doesn’t have any functionality to send messages back to Ethereum.

    Treasury 0xD7E4…E644Implementation (Upgradable)Admin

    Holds the funds locked on Ethereum.

    • This contract stores the following tokens: ETH.

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).