In our first blog in the Interoperability series, we discussed why the future of blockchains belongs to a Crosschain world and the need for Interoperability. In the following two blogs (Part 1, and Part 2) we talked about the different categories of crosschain solutions and the various means of validating messages on bridges. Different bridges use different validation mechanisms, but bridge security ultimately determines the safety of the tokens transferred. Poor bridge security can result in a hack and loss of user funds. In this article, we’ll explore why and how bridges break.
According to the blockchain data platform, Chainalysis almost $2 billion has been stolen from bridges over the past two years, with close to 15 incidents reported. This data from Chainalysis reveals that bridge hacks constitute a significant proportion of the total funds stolen in DeFi in 2022, amounting to an alarming 69% of the total.
In order to understand how they break, we need to focus on the three main pillars of bridge security. Each of these pillars can have multiple ways of attacking. Let’s dive into the three main pillars, and how they can be compromised.
Out of the most expensive five hacks, three were due to inadequate Implementation Security and two due to inadequate Economic Security. Notably, none have been caused by compromised Environment Security so far.
In conclusion, it is clear that there are several reasons why bridges are the main target for attackers, and that there are multiple ways to exploit them. Depending on the economic security, implementation security, and environmental security, hackers can start with the easiest attacks, such as stealing signer keys, to try more sophisticated attacks by submitting fraudulent proofs and exploiting vulnerabilities in the code. Now that we know why and how bridges get hacked, in the next and final blog of the Interoperability series, we’ll discuss how to mitigate these exploits, how to respond after a hack has occurred, and we will dive into the risk assessment and scoring framework to compare bridge safety.
Coinchange research team has written a long-form research report on Crosschain Interoperability and Security which will be published in the next few weeks, where we do a deep dive into the various bridge security models and propose solutions for users to make the right choice while selecting a bridge for their transaction. So stay tuned for that, meanwhile, kick back and earn a yield on your crypto using Coinchange.
Coinchange's August 2023 Digest offers a snapshot of key crypto happenings. From DeFi trends to regulatory news, get a quick update on what mattered most.
Explore OTC crypto trading with Andrew Bulman of Coinchange. Learn how their OTC desk offers high-volume traders advantages like diverse liquidity and same-day settlements.
Receive monthly news and insights in your inbox. Don't miss out!