Adapters in Centrifuge

[BZAghalarov]

Hi team!
I’m trying to better understand the adapter logic in the Centrifuge protocol, especially from a security perspective.
I’ve reviewed the official documentation but couldn’t find detailed information on this topic

• https://docs.centrifuge.io/developer/protocol/overview/

I would appreciate it if you could answer the following questions to clarify this.

1. There are currently three implemented adapters in the Centrifuge repository. As I understand, they are (or were during the Sherlock contest) considered in scope. However, in M-7, the bug title suggests that an attacker could deploy a malicious custom adapter, potentially introducing vulnerabilities — and this scenario was also considered in scope. My question is whether custom-made adapters are acceptable in Centrifuge, or if users should use one of the existing adapters.

2. Could you please mention any test where we really test adapters not mock it? I want to fully understand how message cross-chain with adapter.

If you’re able to share, I would greatly appreciate any resources or documentation the team referenced when integrating the adapters. It would help me better understand the development and security considerations behind the design.

[lemunozm]

Hi @BZAghalarov

There are two ways of using adapters:

• global adapters: for stuff related to the protocol or pool-agnostic messages. These adapters are set by the protocol.

• pool adapters: The pool manager can set a set of adapters for their pool. THey can use the same as global adapters or create their own.

Regarding tests. It's not easy to test adapters because they have an off-chain component, the executor. So even forking the chains we can not really test end-to-end. The closest we have are some tests in script/testnet to manually configure tests and double-check they work cross-chain in sepolia + manual work with them in testnets

[lemunozm]

If you’re able to share, I would greatly appreciate any resources or documentation the team referenced when integrating the adapters. It would help me better understand the development and security considerations behind the design.

We don't have a documentation yet to set pool adapters. But it will be soon! Right now, the source of truth are the comments in MultiAdapter.sol