rBridge Beta Officially Launched — A Cross-chain Bridge on Ethereum Built by StaFi

Published in
6 min readNov 13, 2020



In the past month, the core engineers of StaFi have pulled many all-nighters to complete the development of rBridge. A cross-chain bridge on Ethereum, rBridge will act as a channel linking StaFi mainnet assets and Ethereum chains. Users can exchange FIS for ERC 20 FIS at a 1:1 rate by using rBridge. Thereafter, they will be able to access transactions, lending and other applications of the DeFi world of Ethereum.

What is the use of rBridge? It can enable FIS tokens to be traded on Uniswap. This is, of course, just one of its many applications. rBridge will help with the cross-chain inter-operation between assets on the StaFi mainnet and other ecosystems, including Ethereum, Polkadot, and Cosmos. Therefore, we will keep updating rBridge products in the future, so that FIS tokens and rToken assets issued by SatFi can freely circulate across different public chains at a low cost.

We hereby announce that rBridge Beta is officially launched: https://test-apps.stafi.io/?rpc=wss%3A%2F%2Fstafi-seiya.stafi.io#/accounts

Product Introduction

Holders of FIS tokens can exchange ERC 20 FIS tokens through rBridge. Here’s how you can do so:

1) First, fill in the number of ERC 20 FIS tokens you want to exchange and the Ethereum address for the payment in StaFi rBridge product page;

2) rBridge will automatically calculate the charge of the current ETH network and calculate the amount of FIS tokens to be paid by current FIS/ETH exchange rate;

3) The user confirms and makes the payment, which will be temporarily locked in a transitional contract address;

4) When the rBridge contract deployed on the Ethereum network monitors the user’s request on the StaFi chain, it will automatically Mint out the same amount of ERC 20 FIS tokens and transfer them to the Ethereum payment address filled in by the user.

5) In less than 1 minute, the user will receive FIS tokens in ERC 20.

It should be noted that rBridge makes it really convenient for users so that they do not need to pay the commission by their ETH wallet while connecting to the StaFi wallet. We will pay on behalf of them, so they only need to pay FIS by the current FIS/ETH exchange rate.

To encourage everyone to use rBridge products, we will not charge any service fees at the beginning. The rate scale is detailed below:

Security Audit

StaFi ETH rBridge includes 3 technical modules, which are:

1) StaFi bridge module:


2) StaFi Relay Bridge Service:


3) ETH smart contract:


We have invited CertiK, a well-known smart contract audit company, to audit the smart contract part. We are grateful for their comments and suggestions on potential problems and their fixes. Our engineers are working on code optimization, which is estimated to take about 1 week.

We will update CertiK’s audit progress on the DAO forum: https://commonwealth.im/stafi/proposal/discussion/727-audit-process

Bug Bounty Program

The reason why the Beta test version was released first is that we must take on the responsibility of safeguarding our users’ assets. We will, through the beta version, conduct a one-week public test before it is officially launched.

Ⅰ. Function Test


1) Test the verification of the ETH address

2) Test the initiation of a transaction

3) Test whether the transaction is successful (whether the ERC 20 token is received)

4) Test whether the number of tokens received is consistent with that of the ERC 20 tokens that were converted to ETH

2Test document:


Ⅱ. Code Testing

1 Range

StaFi bridge module:


StaFi Relay Bridge Service:


ETH smart contract:


2 Process

1) Detect bugs in the code, and submit issues with regard to functions and security.

2) Find which portions of the code are to be optimized in terms of performance, security, and cost savings.

Ⅲ. Criteria

  • Critical: Abnormal function, ineffective function, or security breach, etc.;
  • Moderate: Defects that do not affect the function, non-security issues, such as the room for optimization, performance improvement, etc.;
  • Low: Unimportant issues, some minor issues that can be modified during updates, such as modifying text or notes.

Outside the scope of the bounty program

  • Repeated reports on security issues, including security issues that have been confirmed by the StaFi team;
  • Theoretical security issues without pragmatic application scenarios, or issues that require complex user-interactions.

Ⅳ. Rules

1 It must be a newly discovered bug(s) that has/have not been reported before

2 The bug(s) found must be related to security issues in StaFi GitHub page code, but not other third-party code;

3 Have not written any codes of StaFi around the bug(s), and have not participated in any process that generated the bug(s) of StaFi in other ways;

4 Public disclosure will make you lose your bounty;

5 The StaFi team reserves the right to make the final decision on eligibility for the event and all rewards.

Ⅴ. Bounty rules

The bounty will be issued in the form of FIS, and the amount will depend on the severity of the bugs found.

In addition to severity, the bounty amount will be determined (but not limited to) by other factors including:

  • The accuracy and details of the bug description;
  • The quality of reproducibility, such as test code, scripts, and detailed instructions.

Ⅵ. Submission Method

When you find bug(s), please send a report to: sara@stafi.io. Please attach your name, email, company name (optional), description of the bug(s), your opinion on what is the potential impact of that bug on StaFi rBridge, and how you discovered that bug.


1. What should I do if I submit a bug but do not hear a reply?

Before publicly publishing the bug(s) you found, we need some time to review and confirm them, and will reply to you as soon as possible. If you haven’t received a reply two weeks after submission, you can send an email to us at: sara@stafi.io

2. In what form is the bounty issued?

The bounty is issued in the form of FIS. In certain areas, you can choose to take payment in USDT. The bounty is usually issued three weeks after the submission is confirmed. According to local legal requirements, you need to provide your identification, usually passport information. In addition, you need to provide your FIS or USDT address.

For participants from the United States, the bounty will be issued in the form of USDT.

If you have more questions, please send an email to us: sara@stafi.io.

About StaFi Protocol

StaFi is the first DeFi protocol unlocking liquidity of staked assets. Users can stake PoS tokens through StaFi and receive rTokens in return, which are available for trading, while still earning staking rewards. FIS is the native token on StaFi Chain. FIS is required to provide security to the network by staking, pay for transaction fees on the StaFi chain, and mint & redeem rTokens.

Website: www.stafi.io
Telegram Chat: https://t.me/stafi_protocol
Telegram Announcements: https://t.me/stafi_ann
Discord: https://discord.com/invite/jB77etn



Editor for

StaFi_Protocol A Decentralize Protocol to Provide the liquidity of Your Staking Assets