Blockchain Bridges: A Security Perspective

Table Of Content

Share:

The Blockchain Interoperability Problem

Interoperability has been a long withstanding problem in the blockchain space. Many argue that the very benefits of decentralization and trustlessness that this technology is built on have resulted in a major communication gap between blockchains- each instead continuing to function independently with separate goals and distinct audiences. In fact, some have even gone so far as to say that the limitations of interoperability between blockchains are hindering the technological advancement of our community.

Currently, there are many issues that blockchain interoperability can help solve. As of now, over 100 public blockchains are active, including major names like Bitcoin, Ethereum, and Ripple. Decentralized apps are built on top of these blockchains, due to which they are forced to transact using only those tokens which are native to them- isolating them from the majority of liquidity in the crypto space which is being offered on other blockchains. As a result, a fragmentation of liquidity is seen, which is then distributed across hundreds of exchanges. This can contribute to bigger problems like increased fees and slippage, as a larger order may need to be carried out over several exchanges, each with relatively shallow liquidity.

Another missing link that interoperability may solve is the lack of composable application infrastructure currently present in the blockchain space. Composability can be understood as building on top of existing parts of a system to create something new. The result is a much more efficient solution with the potential to become even more innovative. By making the infrastructure of an application composable, resources can be consumed as needed as well. In the blockchain world, this can only be done with interoperability solutions that work to bridge the gap between different blockchains.

Blockchain Bridges

To combat these growing issues, the concept of blockchain bridges has emerged as a potential solution. Similar to how bridges in the real world act as a merger between two pieces of land separated by water, blockchain bridges link two independently functioning blockchains together. Users can then use this technology to achieve a variety of tasks, including the transfer of assets, cross-chain lending, and execution of dapps on many platforms instead of just one. 

To further understand the concept of bridges, we can compare their architecture to oracles, a more common occurrence seen on the blockchain. Oracles work similarly to bridges in the sense that their objective is to provide the blockchain with a connection. However, the difference here is that oracles feed data from off-chain sources to the blockchain, while bridges are developed to establish links between blockchains. Oracles are also usually centralized third parties and bring about trust conflicts within the ecosystem as well.

The blockchain community has seen an explosion of interoperability solutions this past year alone, with over 40 different bridge projects operating currently. Many of these projects have a centralized structure, requiring users to place their trust in a central body which is required for the bridge to operate. These are known as federated bridges, and may use proof of stake (POS) or proof of authority (POA) to facilitate bridging. However, some are working towards decentralized or trustless solutions as well, such as Bifrost and Interlay.

A Bigger Emphasis on Security

Recently, Poly Network was attacked by a hacker who managed to steal a record $600M by manipulating a design flaw in the contract code. The interoperability protocol allows different heterogeneous blockchains to work with each other under its own platform. As a result, the hacker was able to steal funds from a variety of chains, including Ethereum, Binance Smart Chain, and Polygon.

For a more detailed analysis of the hack and its interesting aftermath, you can read this piece titled The Poly Network Hack: Who To Blame?

Unfortunately, this was not a lone case. Earlier this year, the cross-chain asset bridge ChainSwap was also attacked, losing over $8M in crypto assets from various protocols. In the same year, cross-chain DeFi protocol pNetwork was also swindled out of $12M due to a bug in their codebase.

These events, though unfortunate, teach us a powerful lesson on the importance of security. As blockchain bridges and other interoperability solutions work to connect different blockchains together, the responsibility they hold is even more paramount. This is further discussed in academic literature as well. A research piece titled “A Survey on Blockchain Interoperability: Past, Present, and Future Trends” addressed both the advantages and limitations of blockchain bridges and other cross-chain solutions in detail, highlighting open issues and challenges currently present in the blockchain interoperability landscape. The paper cited the gap between theory and practice, discoverability, privacy and security, and governance as the most relevant issues of interoperability today.

At the end of the day, it should be understood that a product or solution is only as good as its reliability to its users. While it is true that collaboration breeds innovation, the risks associated with interesting solutions must be considered beforehand. In the blockchain world, security should always be regarded as the top priority.

More Weblogs

GameFi: Future of Gaming or Short-lived Gimmick?

On the surface, the GameFi industry sounds revolutionary. However, digging a little deeper reveals several questions about its legitimacy. What are the risks associated with its play-to-earn model? Are all games which claim to be a part of GameFi credible? And, at the end of the day, is this a viable direction for gaming, or nothing more than a short-lived gimmick?

Consumer Privacy & Data Breach Part II - Is Web 3.0 The Cure?

When the dot-com bubble burst, the technology modifications accelerated, and web 1.0 transformed into web 2.0. User-generated content took a boom, that allowed users to interact with the content and share their thoughts. But, the happiness wasn’t long-lived, the people soon realized that their information is being tracked and used for target marketing.

Harvest Finance Hack Analysis & POC

Harvest finance got hacked for around $34M due to a flashloan attack which manipulated the price in the Curve pool to retrieve more USDT tokens than originally deposited USDT amount in fUSDT pool.

Stay in Touch

Drop your email to read the BlockApex newsletter and keep yourself updated around the clock.

    All rights reserved. Copyright 2020-21