Calling for improvement proposals for StarkGate

Hi Community -
We’re working on a new major version of StarkGate - our token bridge - and we’re planning to re-audit and deploy new bridge contracts in the next couple of months. One of the new features on the roadmap, for example, is allowing L1 deposits to call L2 functions so that dApps could offer an atomic operation of “deposit tokens from L1 + do something with the tokens on L2”.

We encourage the community to suggest new functionality to StarkGate. If you have any ideas or requests that would make the bridge more useful, we’d appreciate your thoughts!

26 Likes

Not exactly new functionality, rather completion of existing ones:

  • deposit cancellation
  • bridge should not have the absolute power to selectively burn(permissionedBurn) user funds
21 Likes

I think that one of the big risks in L2s is the dependence on a single contract on Ethereum as a single-point-of-failure (e.g. what happens if the contract gets hacked).

Over time, as tooling and audit will improve, plus Lindy effect for smart contract best practices, the risk will diminish. But I believe that a major part of diminishing risk will depend on building good insurance products that gives extra economic security to L2s (so users that onboard starknet can purchase smart contract hack risk through Nexus Mutual or another provider).

I’m trying to think which kind of features or architecture choices can help insurers that will want to underwrite the risk in the future do that easily. Some ideas:

  1. General timelock for any withdrawals higher than %x of the TVL - any extremally high withdrawal in terms of nominal value and/or #% of the TVL will activate a timelock (the withdrawal can be cancelled only by a special majority, which will probably agree in the case of a hack). This could minimize damage in cases like the Ronin bridge hack
  2. Safety Starknet mutual fund - each time you bridge into L2 through Starkgate you pay a small percentage fee that goes into a mutual that is dedicated to bridge safety. The mutual is managed by the Starknet DAO and can allocate funds into → bug bounties, continuous audit, perform stress tests, insurance fund for harmed users etc.
  3. Embedded insurance → this is an idea for the front end application and not the the Starkgate itself, but offering embedded insurance in the application layer can increase the safety factor of users
18 Likes