Developer Integration & Security Considerations
- Audits: The M Portal contracts have undergone security audits. Refer to linked audit reports for findings and details.
-
Upgradeability:
- M Portal Lite: Is designed as an upgradeable system using the UUPS proxy pattern (via OpenZeppelin Upgrades). This allows for seamless logic updates without requiring contract migration.
- M Portal (Standard): The contracts are also designed to be upgradeable.
-
Security Dependencies:
- M Portal (Wormhole): Security relies significantly on the integrity of the Wormhole Guardians and the NTT framework contracts.
- M Portal Lite (Hyperlane): Security relies on the Hyperlane protocol, including its configured Interchain Security Modules (ISMs) and the correctness of the Hyperlane Relayer network.
- Key Security Feature (Lite): The
bridgedPrincipaltracking in theHubPortalof M Portal Lite provides an additional layer of accounting security, ensuring that the Hub cannot be drained of more tokens than were originally locked for a given spoke chain. -
Code Repositories:
- M Portal (Wormhole): https://github.com/m0-foundation/m-portal
- M Portal Lite (Hyperlane): https://github.com/m0-foundation/m-portal-lite
-
External Documentation:
- Wormhole NTT Documentation: https://docs.wormhole.com/wormhole/ntt/overview
- Hyperlane Documentation: https://docs.hyperlane.xyz/
-
Audit Reports:
- M Portal (Wormhole): https://github.com/m0-foundation/m-portal/tree/main/audits
- M Portal Lite (Hyperlane): https://github.com/m0-foundation/m-portal-lite/tree/main/audits