Latest update: 12 AM (GMT+7) 23 January, 2024

1. Introduction

This USDC Bridging Compliance Policy outlines the requirements and procedures for clients engaging in bridging activities involving USDC (US Dollar Coin). The purpose of this policy is to ensure the security, transparency, and responsible use of the bridging infrastructure. Clients must adhere to the following criteria to participate in the USDC bridging process.

2. Security Audit

Clients seeking to bridge USDC must undergo a thorough security audit conducted by our trusted auditing firm. The audit is designed to assess the security measures, code quality, and overall robustness of the bridging implementation. Clients are responsible for the cost of Auditing Service from our trusted auditing firm at a discounted rate.

The auditing firm's approval is a prerequisite for participating in the USDC bridging process.

3. Multisig Wallet Requirement

The bridge minter, responsible for creating and managing USDC tokens on the bridging platform, must be a multisignature (multisig) wallet. The multisig wallet configuration should include a minimum of three (3) signers. These signers must be designated individuals or entities with appropriate authorization and responsibility.

4. Bridge Mint Limit

A cap is imposed on the total amount of USDC that can be minted through the bridging process. The bridge mint limit is set at a particular threshold in USDC (to be confirmed directly with Ancient8). Once this limit is reached, further minting will be temporarily halted until a peer review process is conducted.

5. Peer Review Process

When the bridge mint limit is reached, a peer review will be initiated. The peer review involves a comprehensive examination of the bridging activities, security measures, and compliance with this policy. The review will be conducted by a designated team of experts within the organization.

Upon successful completion of the peer review, the bridge mint limit may be renewed, adjusted, or extended based on the findings and recommendations of the review team.

6. Reporting and Compliance Monitoring

Clients are required to promptly report any suspicious activities, security incidents, or potential vulnerabilities related to the USDC bridging process. Regular compliance monitoring will be conducted to ensure ongoing adherence to this policy.

7. Failure to Comply Consequences

In the event of a failure to comply with this USDC Bridging Compliance Policy, the following consequences will be enforced:

7.1 Revocation of Minter Role

If an exploit or non-compliance is detected, the minter role responsible for creating and managing USDC tokens will be immediately revoked. This action aims to prevent further unauthorized minting and protect the integrity of the bridging infrastructure.

7.2 Halting Bridge Functionality

Simultaneously, the bridge functionality on the user interface (UI) will be promptly halted to mitigate the risk of users being exploited. This measure ensures that no additional bridging transactions can occur until the security issues are addressed and resolved.

7.3 Transparent Incident Report by Bridging Partner

Bridging partners found in non-compliance must conduct a transparent incident report outlining the details of the security incident or exploit. This report should include a comprehensive analysis of the root cause, impact, and steps taken to remediate the issue.

7.4 User Compensation Obligation

Bridging partners are obligated to compensate affected users for any losses incurred as a result of the exploit or security incident. Compensation should be fair and proportionate to the damages suffered by the users.

7.5 Smart Contract Upgrade Requirement

Bridging partners must promptly perform upgrades to the smart contracts associated with the bridging process to address and fix the identified exploits. The upgraded smart contracts should undergo a security audit and adhere to industry best practices to prevent similar incidents in the future.

7.6 Temporary Suspension of Bridging Privileges

In severe cases of non-compliance, a temporary suspension of bridging privileges may be imposed on the offending party. The duration of the suspension will be determined based on the severity of the violation and the promptness of the remediation efforts.

7.7 Reinstatement Conditions

To reinstate bridging privileges, the bridging partner must demonstrate full compliance with this policy, complete necessary security upgrades, and provide evidence of the implementation of corrective measures to prevent future incidents.

Non-compliance consequences are intended to ensure the swift resolution of security incidents, protect user funds, and maintain the integrity of the USDC bridging infrastructure. The severity of consequences will be assessed on a case-by-case basis, considering the nature and impact of the security incident or exploit.

This policy is subject to change at the discretion of the organization. Clients will be notified of any updates or modifications to this policy.

For further information or project integration, kindly send your proposal/ request via email ( contact@ancient8.gg ) our BD team will review it and get back to you.