Search

Search for projects by name

SummaryValue SecuredRisk summaryRisk analysisState validationPermissionsSmart contracts

Eclipse logoEclipse

Badges

About

Eclipse is a sidechain powered by the Solana Virtual Machine (SVM).

  • Total Value SecuredTVS
    $75.41 M23.5%
  • Past day UOPSDaily UOPS
    20.3620.4%
  • Type
    Other
  • Purpose
    Universal

    • Tokens breakdown

    Value secured breakdown

    View TVS breakdown
    Sequencer failureState validationData availabilityExit windowProposer failure
    Explore more in Discovery UI

    Badges

    About

    Eclipse is a sidechain powered by the Solana Virtual Machine (SVM).

    Why is the project listed in others?

    The proof system isn't fully functional

    Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

    There is no data availability bridge

    Consequence: projects without a data availability bridge fully rely on single entities (the sequencer) to honestly rely available data roots on Ethereum. A malicious sequencer can collude with the proposer to finalize an unavailable state, which can cause loss of funds.

    Learn more about the recategorisation here.

    Value Secured

    2024 Jul 29 — 2025 Jul 21

    Total value securedTotal
    $75.41 M23.5%
    Canonically BridgedCanonically Bridged ValueCanonical
    $75.41 M23.5%
    Natively MintedNatively Minted TokensNative
    $0.000.00%
    Externally BridgedExternally Bridged ValueExternal
    $0.000.00%
    View TVS breakdown
    Risk summary

    Funds can be stolen if

    1. a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL),
    2. the Treasury owner decides to transfer the funds locked on L1.

    Users can be censored if

    1. the bridge operators decide not to mint tokens after observing a deposit.
    Risk analysis
    Sequencer failureState validationData availabilityExit windowProposer failure
    Sequencer failure
    No mechanism

    There is no mechanism to have transactions be included if the sequencer is down or censoring.

    State validation
    None

    Currently the system permits invalid state roots. More details in project overview.

    Data availability
    External

    Proof construction and state derivation fully rely on data that is posted on Celestia. Sequencer tx roots are not checked against the Blobstream bridge data roots onchain, but L2 nodes can verify data availability by running a Celestia light client.

    Exit window
    None

    There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

    Proposer failure
    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    State validation
    No state validation

    Eclipse implements a custom permissioned bridge. Withdrawals need to be actively authorized by a Multisig. Moreover, there is no mechanism to send arbitrary messages from Eclipse back to Ethereum. There is a 7d delay for withdrawals.

    • Users can be censored if the bridge operators decide not to mint tokens after observing a deposit.

    • Funds can be stolen if the Treasury owner decides to transfer the funds locked on L1.

    1. CanonicalBridge.sol - Etherscan source code, authorizeWithdraw() function
    2. Mailbox.sol - Etherscan source code, receiveMessage() function calls CanonicalBridge
    3. Treasury.sol - Etherscan source code, emergencyWithdraw() function
    Permissions
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco

    Ethereum

    Actors:

    Eclipse Multisig 0x4720…64E0

    A Multisig with 3/5 threshold.

    • Can interact with CanonicalBridgeV1
      • authorize withdrawals to any address
      • grant / revoke all access control roles and thus access all permissioned functions in the contract
      • pause the contract for deposits and withdrawals
    • Can interact with CanonicalBridgeV2
      • authorize withdrawals to any address
      • grant / revoke all access control roles and thus access all permissioned functions in the contract
      • pause the contract for deposits and withdrawals
    • Can interact with Upgrader0to1
      • start an upgrade of the core contracts
    • Can interact with Treasury
      • grant / revoke all access control roles and thus access all permissioned functions in the contract

    Participants (5):

    0xBb53…D5470xCD2f…e6A40x9508…B2a50x7572…BFc20xF48C…46FA
    Eclipse Multisig 2 0x7B2c…0efC

    A Multisig with 3/5 threshold.

    • Can upgrade with no delay
      • Treasury
    • Can interact with CanonicalBridgeV2
      • grant / revoke all access control roles and thus access all permissioned functions in the contract
    • Can interact with Treasury
      • grant / revoke all access control roles and thus access all permissioned functions in the contract
      • withdraw ETH from the contract, even when it is paused
      • withdraw ETH from the contract

    Participants (5):

    0xd061…cDb5GnosisSafe0xDecF…96860xEe05…82D90x3392…C080
    EOA 1 0x1a84…C4fE
    • Can interact with CanonicalBridgeV2
      • authorize withdrawals to any address
    EOA 2 0x6810…77D3
    • Can interact with CanonicalBridgeV1
      • pause the contract for deposits and withdrawals
    Smart contracts
    A dashboard to explore contracts and permissions
    Go to Disco
    Disco UI Banner
    Disco UI BannerExplore in Disco
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    Ethereum

    CanonicalBridgeV1 0x2B08…be11

    Entry point to deposit and withdraw ETH. There is no canonical messaging system. Deposited funds are sent to a Treasury contract and withdrawals must be authorized by a permissioned actor.

    • Roles:
      • defaultAdmin: Eclipse Multisig
      • pauser: EOA 2, Eclipse Multisig
      • withdrawAuthority: Eclipse Multisig
    CanonicalBridgeV2 0x867A…9a51

    Entry point to deposit and withdraw ETH. There is no canonical messaging system. Deposited funds are sent to a Treasury contract and withdrawals must be authorized by a permissioned actor.

    • Roles:
      • defaultAdmin: Eclipse Multisig, Eclipse Multisig 2
      • pauser: Eclipse Multisig
      • withdrawAuthority: EOA 1, Eclipse Multisig
    Treasury 0xD7E4…E644Implementation (Upgradable)Admin

    Permissioned escrow for assets bridged to Eclipse. There is no canonical messaging and users need to trust the bridge operators to process deposits and authorize withdrawals.

    • Roles:
      • defaultAdmin: Eclipse Multisig, Eclipse Multisig 2
      • emergency: Eclipse Multisig 2, Upgrader0to1
      • upgrader: Eclipse Multisig 2, Upgrader0to1
      • withdrawer: CanonicalBridgeV1, CanonicalBridgeV2, Eclipse Multisig 2
    • This contract stores the following tokens: ETH.
    Can be upgraded by:
    Eclipse Multisig 2 with no delay
    Upgrader0to1 0xD02f…71E3

    This contract was used for an upgrade an still retains its permissions and permissioned actors.

    • Roles:
      • upgrader: Eclipse Multisig

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).