According to crypto analytics firm DefiLlama, bridge protocols are ranked third in terms of total value locked (TVL) after decentralized exchanges (DEX) and lending protocols. There are just 17 bridges currently yet they command over $33 billion in TVL. Despite the prevalence of bridges, many including Ethereum’s co-founder Vitalik Buterin have expressed concerns regarding the fundamental limits to the security of bridges. This week, the Ronin bridge behind the popular Axie Infinity game was exploited for a whopping $625 million making it one of the largest decentralized finance (DeFi) hacks till date. In this article, we will try to understand what bridges are, how they are used and security implications surrounding it.
Bridges are protocols that bridge tokens from one network to another. Say an investor needs to transfer BTC from the Bitcoin network to Ethereum (ETH) network. One of the primary reasons why such a need arises can be the lack of DeFi apps or smart contracts on the Bitcoin network. But these assets are not compatible with each other. Here’s where bridges come in. Bridges are tools that allow the creation of synthetic derivatives that represent an asset from another blockchain. In this case, BTC is converted to WBTC with W standing for Wrapped, according to the ERC-20 token standard that’s compatible on Ethereum network.
Generally, using native assets of one blockchain within that ecosystem was the norm before a bunch of layer 1 alternatives such as Avalanche (AVAX), Fantom (FTM), Cosmos (ATOM) started gaining immense traction. With that, interoperability became the need of the hour because in order to use ETH in a Solana Dapp, it involved going through exchanges which is a time consuming process. So, cross chain bridges which enable such use cases shot up in terms of both TVL and popularity. The largest blockchain bridge is WBTC with a TVL of over $12 billion.
A typical blockchain bridge operates in the following way:
An user pays a bridging fee and sends X tokens to a deposit address on the source chain (e.g. Bitcoin)
Those X tokens are locked by a validator who can either be a custodian (like BitGo) or a non custodian (trustless like smart contracts)
Information of locked up tokens is broadcasted to the destination chain (e.g. Ethereum)
After that, Y number of tokens equivalent to X tokens will be issued on the destination chain
Y tokens are then sent to the user’s address on the destination chain (that is Ethereum in this case)
If the user decides to get back his X tokens, then the user needs to send the Y tokens to an assigned address where it will be burned and the X tokens will be released by the validator.
While the security risks associated with a validator (like BitGo) is implicit given its centralized nature, cross chain bridge protocols on the other hand with decentralized design like Ronin bridge were considered to be safe and robust. But it was proven wrong as the Ronin protocol, which is the Ethereum sidechain created for the game of Axie Infinity, was hacked using a security exploit. To put it simply, the security limits of cross chain bridges are fundamentally limited.
For example, as Vitalik explained in a reddit post, a 51% attacker (who’s attacking Ethereum) can’t technically propose a block to take away an user’s ETH tokens whereas in the case of a cross chain bridge, if an user sends 1 ETH onto a bridge on Solana to get 1 WETH, then a 51% attacker can revert the transaction of the WETH by depositing their own ETH, reducing the worth of user’s 1 WETH to less than 1 ETH.
According to Vitalik, it's always safer to hold Ethereum-native assets on Ethereum or Solana-native assets on Solana than it is to hold Ethereum-native assets on Solana or Solana-native assets on Ethereum. This is why multichain ecosystems like Polkadot, Kusama that can support multiple blockchains (interconnected yet independent) are better positioned to scale. And that is the same reason why Ethereum is moving on to ETH 2.0 with a central beacon chain and up to 64 independent chains (shards). This is a vast and important topic on its own which we will revisit another day.
Use promocode TNM51 at www.giottus.com/profile#promo after registration to get Rs.51 worth free Bitcoin
Disclaimer:This article was authored by Giottus Crypto Exchange as a part of a paid partnership with The News Minute. Crypto-asset or cryptocurrency investments are subject to market risks such as volatility and have no guaranteed returns. Please do your own research before investing and seek independent legal/financial advice if you are unsure about the investments.