Fraxferry is a novel, but simple bridge solution that allows transfer of unlimited Frax issued assets, while keeping the Ethereum based protocol safe from any exploits. What the team realized in the wake of the Harmony hack was that the real risk was in providing unlimited instant transfers of assets between chain.
The one change Frax made to their bridge design was to add in a 24hr timelock. Instead of providing instant transfers, users bridging funds have to wait a day. If there is a hack or major exploit and the attacker tries to bridge funds back to Ethereum to cash out, the Frax multi-sig can stop the transfer. It’s a simple design update that provides unparalleled security.
Now this doesn’t stop instant on-demand cross-chain Frax liquidity. Other third party protocols can setup their own pools and infrastructure to provide for these types of transactions. If they get hacked, it wouldn’t affect the overall collateral health of Frax. With the timelocks Frax establishes a checkpoint to prevent system damage to the protocol and peg. It’s the only way to safely allow billions of dollars to move back and forth between chains.
The process begins when users send their tokens to the Fraxferry contract, initiating the transfer.
Fraxferry is overseen by a designated individual known as the "Captain," who examines the source blockchain to determine which tokens need to be moved. The Captain then proposes a batch of tokens to be transferred, which triggers the token transfer process.
Before the actual transfer takes place, there is a waiting period of at least 24 hours to allow for verification and dispute resolution. Departures happen once per day, and users can add and remove assets freely before the Ferry departs.
During this time, other participants, referred to as "Crewmembers," review the batch proposal to identify any potential issues.
If no disputes are raised, the token transfer is executed, moving the tokens to the target blockchain. Before execution, the system ensures that the transactions are valid by comparing the provided hash to the actual batch of transactions.
In the event of suspicious activity, the multi-sig can prevent a specific token transfer to mitigate any potential damage. It is the responsibility of the multi-sig to manage the tokens in the Fraxferry contract to ensure smooth operations.
It’s called a “ferry” because it’s slow, but it gets there on time.