Friday, March 25, 2022
HomeEthereumChain Response: The Madness of L1 Bridges (Cross-Chain Chaos)

Chain Response: The Madness of L1 Bridges (Cross-Chain Chaos)


By Andreas Freund, EEA Mainnet Curiosity Group Member, with enter from the Mainnet IG and Cross-chain WG

The Wormhole hack at about $320M might be categorised as a counterfeit operation and a financial institution theft on the identical time. This makes it each the most profitable counterfeiting operation in historical past and the second-largest financial institution theft ever. A good forensic reverse engineering job of the hack revealed on Twitter by @samczsun highlights each the technical complexities of L1 Bridges (techniques that may transport worth between totally different Layer 1 blockchains) and the present lack of technical and financial safety requirements. The kind of code exploit used isn’t confined to L1 bridges, by the best way, however might occur in DeFi protocols as nicely that make use of comparable authentication strategies. The kicker is that the bug repair of the hack was accessible on a public code repository for 2 weeks previous to the hack. This may increasingly nicely have been what alerted the hacker to the exploit. Good vulnerability response processes maintain issues below wrap till the vulnerability is mounted, and solely then made public.

Nonetheless, with billions locked up in L1 bridges, and elevated demand, the query is, are L1 bridges creating the crypto equal of the mortgage-backed securities disaster of 2008?

The brief reply is sure! The Bridges trade is just not but refined sufficient to cope with that a lot worth, and, subsequently, that a lot danger. This is sort of a decrease league group abruptly competing within the UEFA Champions League with out the correct gamers and assets, also called a pre-programmed catastrophe! Vitalik Buterin gave nice and easy causes in a current Reddit thread in regards to the systemic dangers of L1 bridges.

As L1 bridges are rapidly locking extra worth, the chance is growing quickly, and turning into systemic. Right here is a straightforward instance: I take out an overcollateralized mortgage on say an Aave mortgage pool utilizing bridged tokens akin to WSOL or WADA or WBTC as collateral. What if the WADA is definitely W-WADA coming from Solana, and WBTC is W-WBTC coming from Cardano? Which means the lender should not solely belief the safety of the unique Cardano, Solana, Ethereum, and Bitcoin Layer 1 networks. The lender should additionally belief the safety of 5 totally different bridge operator networks with considerably fewer validators than the L1 networks, and in some instances advanced, unaudited code. As well as, the lender should belief that the funds weren’t illegally minted on some bridge, which might make the mortgage truly undercollateralized.

That is similar to the mortgage-backed securities disaster the place all people ASSUMED the costs would proceed to go up, all people ASSUMED loans weren’t given to financially unsophisticated individuals, all people ASSUMED default charges wouldn’t improve considerably, regardless of low teaser charges on NINJA loans resetting after a yr or two. And we all know what occurred then.

The writing is on the wall within the crypto group as nicely … until L1 bridge networks develop up, take heed to the adults within the room, and observe interoperability specs and safety pointers as revealed by requirements our bodies such because the Enterprise Ethereum Alliance Interop Working Group, which all the time welcomes new contributors to enhance cross-chain safety.

Till then … Bridger beware!

Keep updated on all the pieces EEA by following us on Twitter, LinkedIn and Fb.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments