As the decentralized finance ecosystem has grown across different layer-1 and layer-2 networks, bridging has become a ubiquitous and critical tool for DeFi users. As we evolve towards a multi-chain future, however, one of the biggest vulnerabilities of DeFi continues to be the very bridges we’ve come to rely on. The recent US$600 million Axie Infinity Ronin sidechain hack has brought the problem into stark contrast.
What cross-chain bridges do
Today’s cross-chain bridges are inherently complex. Different blockchains use a variety of consensus mechanisms, block sizes, finality metrics, validator requirements, hashing algorithms and cryptographic signature schemes. Unless built within the same framework, like the Ethereum Virtual Machine (EVM), these networks are largely incompatible.
Patchwork, centralized solutions are often deployed to enable users to bridge assets from one distinct architecture to another — creating severe vulnerabilities along the way.
In order for an asset to transfer from one blockchain to another, it must be “disabled” (whether locked or burned) on the originating network, and an equivalent version is minted on the receiving side. These are typically known as “wrapped” tokens — they are not the same original token, as it is just not possible to have an exact token replication across chains. Instead, wrapped tokens are representations that both originating and destination blockchains can agree upon through consensus by “synchronizing their ledgers” to lock or mint tokens across their respective chains.
Bridge nodes are required to understand what is happening on both of the chains that they are connecting. This is achieved by either running full nodes on both sides, a full node on one chain and a “light client” on the other that relies on cryptographic proofs, or by trusting a centralized service that runs full nodes internally and provides updated data through APIs. For smart contracts on various chains to trust that actions have been completed on extraneous networks, they require valid cryptographic signatures from pre-authorized entities.
Nonetheless, as previously mentioned, many chains utilize different signature schemes — in other words, they don’t speak the same language. In order to solve this, bridge nodes need to be able to understand what is happening on both sides of the aisle, so to speak, and to collectively sign in their respective “languages” across each chain to ensure unity of coordination.
Over 1% of all Bitcoin lives as wrapped Bitcoin on the Ethereum network. But wrapping presents unique risks. In order to wrap Bitcoin, you need a trusted custodian as the intermediary to manage the bridge. This custodian must hold the “disabled” asset (like BTC) on the originating chain, and remain liquid enough to return the underlying asset when the wrapped asset (WBTC) is redeemed. Should this custodian be corrupt or exploited and lose those held assets, the wrapped tokens could risk illiquidity.
In more centralized bridges, the exploit could be a multi-signature hack or accidental private key exposure. In more decentralized bridges, multi-sig risk is reduced through the utilization of larger sets of nodes that collectively are required to threshold sign together. Nonetheless, the surface area for smart-contract risk will also continue to persist until we as an industry harden and mature.
Catch-22: the future is still interoperable
So far in the short history of DeFi, bridge exploits have already accounted for an earth-shattering amount of stolen funds — most recently and notably, the US$320 million Solana Wormhole bridge hack and the aforementioned Axie Infinity Ronin sidechain exploit that caused over US$600 million in losses.
Despite these growing pains, interoperability between blockchains isn’t going anywhere. People will continue to enter the DeFi ecosystem from various “front doors,” and they will continue to desire access to alpha on other DeFi, NFT (non-fungible token), and gaming ecosystems on other chains without having to go back through a centralized exchange like Binance, Coinbase or FTX. Native interoperability protocols powered by cryptography will become the default solution for Web 3.0 user experience under the hood. These solutions will become more abstracted away from the user experience (UX) front end. DeFi will grow more and more composable into an immensely powerful construction of open source financial technologies.
Securing DeFi’s Achilles heel
The need for secure, trustless, and sustainable bridges will only become more pressing and the solution will not be a single one. Secure bridges will emerge from a combination of decentralized custodians, efficient pricing oracles, novel techniques like atomic swapping, UX improvements, and innovations in collateral management. The road to those solutions will be riddled with more bridge exploits and lost funds, but also with immense innovation — supercharged by the power of composable, open-source technology.
In the near future, securing cross-chain DeFi is likely to require the following technologies: cross-chain communication protocols (such as bridges, relayers and messaging bus), oracles to help coordinate activities across multiple smart contracts, decentralized key management systems to manage keys across a multitude of rotating node operators, and automation networks to submit transactions upon conditions arising across multiple ecosystems. A singular platform that can achieve these all is likely to be highly valuable in binding multiple chains together to enable trustless decentralized cross-chain DeFi.