Connect with us

Blockchain

Tight Blockchain Bridge Security Is Critical For Cross-Chain Interoperability – The Tokenist

Tight Blockchain Bridge Security Is Critical For Cross-Chain Interoperability

Image courtesy of 123rf.

Neither the author, Adi Ben-Ari, nor this website, The Tokenist, provides financial advice. Please review our website policy before making any financial decisions.

Trustless blockchain bridges will play an important role in cross-chain interoperability and reducing the risk of hacks in the blockchain industry. This problem was highlighted earlier this year with some major attacks on blockchain bridges: the $320 million hack on the Solana Wormhole Bridge in February and the theft of $540 million from Ethereum and Ethereum. USDC stablecoin from the Ronin network in March.

A pressing problem for bridges and the blockchain industry

The Ronin Bridge was made seriously vulnerable by its lack of a decentralized and trustless system. The theft was carried out by the North Korea-based Lazarus group, which hacked into the “validation nodes” of the Ronin Bridge. The funds could be withdrawn if five of the nine validators approve it.

The attacker got hold of the private cryptographic keys belonging to five of the validators, which enabled the theft. Ronin’s audit of the attack concluded: “All evidence indicates that this attack is socially engineered, rather than a technical flaw.”.

While the Ronin attack is not the result of technical shortcomings, it illustrates how crypto and DeFi interoperability are fundamentally undermined by the security issues associated with more centralized bridging solutions.

And since bridges are used to move a lot of liquidity between blockchains, the security problem increases. At the end of 2021, the global cryptocurrency market capitalization was around $1.8 trillion and is expected to reach around $32.4 trillion by 2027.

Increased interoperability between blockchains is essential for the development of the technology and the continued growth of the industry, but while bridges provide a lot of liquidity, not all of them are secure. Their importance to the future of an interoperable blockchain ecosystem is clear to everyone involved in the industry, but the industry cannot unlock the potential of bridging without overcoming this considerable security risk.

Join our Telegram group and never miss a breaking digital asset story.

Benefits of decentralization

The problem with many bridges is the security model and security assumptions in their design, and the fact that they force users to trust a centralized operator, undermining the security benefits of decentralization.

Bridges normally lock tokens on the source blockchain and manufacture new “wrapped” tokens on the destination blockchain. The original locked tokens remain locked as collateral until the tokens return in a reverse operation when the wrapped tokens are “burned” and the locked tokens are released.

Locked token pools are a hacker’s treasure chest, and when compromised, the value of unsaved wrapped tokens on the destination chain is called into question. This question highlights both how the majority of bridges are built, with this sluice and currency approach, and the risks for very loosely decentralized networks.

The attacks undermine trust in the whole concept of blockchain bridges. The value of assets held on bridges has grown from $670 million to over $32 billion since the start of 2021. For this growth to continue, a bridge solution with security assumptions more aligned with the blockchain network itself is essential.

Such a solution can be delivered through “trustless” systems, mitigating the security risks associated with more centralized bridges.

Finances change.

Find out how, with Five Minute Finance.

A weekly newsletter that covers major trends in FinTech and Decentralized Finance.

London Bridge

Algorand and Applied Blockchain are collaborating on a (relatively) trustless cross-chain bridge, called London Bridge, which will initially use the security properties of hardware enclaves and later use a new cryptography feature called state proofs, which is introduced by Algorand.

With secure enclave technology, bridge operators will not have access to bridge private keys, nor will they be able to influence the code used to communicate, verify, or send transactions to blockchains without first updating. level smart contracts. This means that even if the operators of the bridge are compromised as happened with the Ronin network, through social engineering or in any other way, the attacker will not be able to access the keys or compromise the bridge in this way.

On the other side, Algorand’s proofs of state, which will be introduced later, is a new interoperability standard that securely connects blockchains to the outside world without requiring trust in an intermediary. This type of technology is very important for all Proof of Stake blockchains, as it allows provable verification of transactions emanating from the chain. If proofs of status, or the like, are not available for a proof-of-stake blockchain, then bridge operators need to be trusted to properly verify every transaction.

Status evidence provides an immutable chain of evidence that verifies the status of assets held on Algorand. In a bridge scenario, this allows smart contracts on the target chain to process transactions from the Algorand chain.

With state proofs, Algorand will be able to securely connect to the wider blockchain world, allowing users to transact across chains efficiently, cost-effectively, and more securely. This will serve as a model for other cross-chain solutions seeking to bridge the security gaps of more centralized trusted operator systems.

Proofs of state and blockchain bridges enable communication and trust between blockchains, but basic token transfers are not the only application. Bridges and proofs of state can be used on other blockchains to verify different types of data and activity.

Applications such as SilentData, a privacy-preserving data oracle also developed by Applied Blockchain, can be used to verify real Web2 data sources, like Instagram for example, to provide evidence that can be used in the environment of the blockchain. NFT creators with Instagram accounts, for example, can prove they are behind an NFT and prevent it from being hacked or stolen by using SilentData to provide cryptographic proof of Instagram account ownership and associate it with their created NFT. This proof can now also be linked across chains using state proofs.

Next-generation security measures such as proof-of-state being developed at Algorand, in partnership with Applied Blockchain, are essential for the long-term viability of blockchain bridges. They will improve security, thus encouraging more investors to use these solutions to transfer their assets from one chain to another.

What do you think about the future of blockchain security and bridges? Let us know in the comments below.

#Tight #Blockchain #Bridge #Security #Critical #CrossChain #Interoperability #Tokenist

Click to comment

Leave a Reply

Your email address will not be published.

Trending