As 2022 comes to a close, advancements in Web3 continue coming to fruition, allowing more and more people to experience a new frontier in finance and technology. However, just as in any new technology, risk comes alongside growth. This risk has been felt most sharply in cross-chain bridge security.
One of the biggest hurdles remaining in blockchain technology is interoperability, the ability for parallel networks to communicate with one another and work together seamlessly. In place of true blockchain interoperability, cross-chain bridges have emerged as a means to move assets between networks.
How cross-chain bridges work
In a nutshell, here’s how a bridge works: a user is holding Token X on Network A, but they want to use it in an application on Network B, where the protocols and technology function so differently that Token X is impossible to use in its current form.
To solve this issue:
The user connects to a cross-chain bridge that serves both networks.
The user deposits the amount of Token X they want to bring over to Network B.
The bridge “wraps” Token X, creating a representation of it that can function on Network B.
To wrap the token, a cross-chain bridge takes the following steps:
The bridge contract locks the user’s Token X into a vault on Network A, and mints a new token on Network B in an equivalent amount, representing those locked tokens.
This gives the user a way to use Token X on Network B, without swapping it for a native Network B token.
Benefits of cross-chain bridges
In Web3, just about every blockchain network to come after Bitcoin and Ethereum has their own decentralized cross-chain bridge to enable users to move funds onto their platform: there’s an Avalanche cross-chain bridge (AVAX), an Arbitrum cross-chain bridge (ARB), a Polygon cross-chain bridge (MATIC), etc. Chances are, if a network is available to the public, you can bridge assets to it.
Elsewhere, we've discussed in depth the benefits of cross-chain bridges – but at a high level, the key benefits for both developers and end-users are:
Access to alternative blockchain networks, without exposure to price volatility in that network's native token.
Onboarding of new users regardless of what tokens they hold or where they have established blockchain access.
Greater utility for tokens -- allowing them to function on other networks, besides the network where they originated.
WBTC is an example of a wrapped token that conveys some of these benefits. Although Bitcoin has a large amount of volume and market capitalization, its functionality is somewhat limited. Because Bitcoin operates on a proof-of-work system that requires high amounts of computational energy, transaction confirmation is significantly slower than most other networks. Also, when it comes to Web3, although Bitcoin functions as a store-of-value, it’s not good for much else, but by wrapping Bitcoin so that it can be used on other networks (such as Ethereum’s ERC20 network), users are suddenly able to use their Bitcoin to engage with applications and smart contracts built on other networks, giving them much more bang for their digital buck, as it were.
Limitations of cross-chain bridges
The benefit of using wrapped assets on non-native chains has four significant limitations: liquidity and availability of gas tokens.
Once you’ve moved your assets to a new network, does liquidity exist for the functions, (borrowing, lending, swapping, etc.) you want to perform? DeFi providers need to onboard your wrapped token and support it, before you can use it.
Once platforms on your new network support your wrapped token, users need to have some of the network’s native token just to get those wrapped tokens to do anything. With multiple, two-way bridges in operation, the liquidity limitation is especially daunting: will DEXs support multiple wrapped versions of the same cross-chain token?
Most bridges will require developers to send their users to a third-party: if you're building a dApp on Network B, and want to welcome users from Network A, you can do it using a bridge – but it involves sending your users through an awkward user experience that is outside your control.
Some assets, like NFTs, for example, cannot easily be represented with wrapped units, minted on another chain.
One way around limitations 3. and 4., related to user experience and non-wrappable assets, is General Message Passing. Axelar’s development of General Message Passing (GMP) allows any payload to move securely between chains – not just wrapped tokens. Using GMP allows developers to build one-click experiences to onboard users via interchain flows; it also allows them to handle any kind of token, whether it is possible to wrap that token, or not.
Risks of cross-chain bridges
Until General Message Passing is more widely adopted, or when blockchain networks achieve true interoperability (in the sense that Cosmos Hubs have with one-another) cross-chain bridges are vital to the ecosystem of DeFi. Indeed, cross-chain bridges make up a billion dollar portion of trading every week – which, along with their relative novelty and immaturity, is exactly what makes them such attractive targets for bad actors.
Given the billions of dollars transferred via cross-chain bridges in 2022, it’s hardly a surprise that in 2022, Chainalysis noted that 69% of all funds stolen from DeFi have been from malicious parties exploiting bugs in security and hacking cross-chain bridges. Vitalik Buterin, co-founder of Ethereum, noted the risk inherent in cross-chain bridges back in January of 2022, saying, “you can't just pick and choose a separate data layer and security layer. Your data layer must be your security layer.”
Most bridges are trusted setups, in which a handful of parties are designated to approve transactions and prevent fraud. For example, LayerZero utilizes a configuration of three parties to validate transactions across their cross-chain bridge, Stargate. Currently, that is Polygon, Sequoia and the LayerZero team itself. (The original default configuration used FTX as a validator. It probably isn’t necessary to explain why that would be a problem.)
The case of the $600 million Ronin bridge hack, back in March, illustrates how this kind of setup can present risks in cross-chain bridges. On Ronin, five out of the nine validators used to approve transactions were hijacked after their private keys were stolen. This gave hackers the ability to validate transactions without oversight.
There are other kinds of vulnerabilities, of course. In August, cBridge, the cross-chain bridge run by Celer, was hacked through a different approach: instead of targeting the back-end of the bridge, hackers went after the front-end, poisoning the DNS cache so that cBridge users would be redirected to a phony bridge, which, once they connected their wallets to it, would simply drain their assets. Though the error was caught within a few hours, cBridge users wallets were completely wiped out in that time, to the tune of a quarter-million dollars in just over two hours.
Indeed, as centralized exchanges continue to operate with little-to-no transparency, their utility as a cross-chain bridge can seem to many as just as, if not more, risky than DeFi solutions. But as Vitalik said back in January, the key to achieving and maintaining security has to be written into the code from the very beginning, that’s where Axelar comes in.
Securing a bridgeless future
Axelar has been coded core-outwards to prevent the security failures that have plagued other networks: rather than expecting application developers to work to secure their applications on-network, Axelar's team took charge and built a system that maximizes security through decentralization. Axelar's set of validator nodes is permissionless and dynamic, to minimize potential exploitation from malicious parties. Aside from diversity among nodes, Axelar doubles down on the decentralization aspect through quadratic voting, making it harder for any one node to gain an outsized number of votes (thereby turning it into a liability for the network).
Axelar's security doesn't stop at the network level. Axelar has taken point on reducing hacks by instituting strategic practices such as regular third-party audits, routine rotation of security keys (to prevent a Ronin-style bridge attack) as well as a generous bug bounty program encouraging white-hat hackers to test the limits of the network's security. Indeed, if these standards were followed by other bridges, Axelar might indirectly make bridge exploits a thing of the past; however, their goal is to do it directly – by making bridges obsolete entirely.