Building bridges has always been fraught with problems.
Trolls live under bridges, London Bridge falling down was famously immortalised in a nursery rhyme, the Tacoma Narrows Bridge threw a wobbly, and bridges across the world are destroyed in pretty much every disaster movie ever made.
In fact bridges are such a problem that Wikipedia even has a dedicated, and extensive, list of bridge failures dating back to 312CE.
Building bridges is a complicated business.
But it’s not just physical bridges that are hard to build. Bridges between different blockchains are also hard to construct. And while they may not be as impressive as seeing Godzilla take out the Golden Gate Bridge for the upteenth time, the financial costs* are definitely comparable.
*the death rate is a lot lower tbf
What are cross-chain bridges?
Cross-chain bridges are a way to move the value of your cryptocurrency from one blockchain to another. The simplest example of this would be if you had some Bitcoin but wanted to actually do something interesting with it, like interact with DeFi. This can be achieved by using a bridging service that holds your Bitcoin and gives you access to the equivalent amount of a token that is minted on the Ethereum blockchain.
An example of how this works is;
- Deposit Bitcoin on the bridge
- The equivalent amount of ‘Bitcoin’ is minted on Ethereum – this is known as Wrapped Bitcoin or wBTC
- You gain access to this wBTC to use how you want.
If you want to get your Bitcoin back you can just cross the bridge in the opposite direction where the wBTC gets burnt and you get your original Bitcoin back.
This is not just limited to Bitcoin and Ethereum – bridges have been built to link multiple blockchains.
Multi-chain vs Cross-chain
Before we go on we should clarify that this post is about the issues with cross-chain, which shouldn’t be mistaken for multi-chain.
Cross-chain technology connects and allows data to move between different blockchains.
Multi-chain technology refers to a technology that allows projects, and their token or NFT, to exist on multiple blockchains.
Why are cross-chain bridges a problem?
While seemingly useful, cross chain bridges introduce a variety of risks to anyone using the bridge, as well as to blockchains themselves. The biggest risk factors include;
The 51% Attack
This type of attack occurs where a hacker gains control of 51% of a network. In the case of a bridge this doesn’t have to be the blockchain itself but it could be the validator keys, i.e. who has control of the private keys to the wallet(s) controlling the bridge.
If an attacker gains access to more than 51% of the keys then they can drain the funds on that side of the bridge. Not only does this result in direct loss of funds on that side, it also means that people on the other side are left holding tokens that are unbacked and essentially valueless.
This isn’t an issue thats just been realised either – Vitalik was writing about it ~6 months ago – https://old.reddit.com/r/ethereum/comments/rwojtk/ama_we_are_the_efs_research_team_pt_7_07_january/hrngyk8/
Single Point of Failure
Cross-chain bridges that are controlled by a single entity mean that users have to trust that entity to hold and secure their funds. If security is not strong enough then hackers only have to attack a single point of failure to access all the held assets.
Additionally if a centralised or permissioned bridge decides to become a bad actor then they have all the power. They may take control and steal your crypto assets or they could take them hostage, forcing you to pay a ransom to unlock them.
Or the custodian could fall into the pit of Khazad-dûm while fighting the Balrog leaving your tolkens locked up forever.
Those good old smart contract exploits. We’ve seen it time and time again where a small bit of code allows hackers to exploit the contract making away with millions. Simply trusting that the millions of dollars locked away in the contract gives it credibility isn’t enough – just one simple mistake could expose all those funds to a clever hacker.
Not a hack but an issue nonetheless.
If a bridge doesn’t hold enough of both assets then users may find it difficult to cross and cash out to the asset of their choice leaving you stuck holding an asset that you don’t want.
What are the biggest cross-crypto bridge hacks/exploits?
Harmony – $100m
On the 24th June 2022 the Harmony blockchain bridge noticed that a theft had occurred to the tune of $100m.
Reports from blockchain analysis company, Elliptic, suggest that the attacker removed Ethereum, Binance Coin, Tether, USD Coin and Dai before using Decentralised Exchanges to quickly convert them to Ethereum.
Although Harmony has remained largely silent on exactly how the hack occurred, it was basically down to poor security and bad key management. With just two out of five multisig wallets required to move funds, as soon as any two private keys were compromised it was game over.
Badger Finance – $120m
In December 2021 a series of unauthorised transactions totalling $120m occurred on BadgerDAO, a Bitcoin to Ethereum bridge.
This hack was made possible via a Cloudflare exploit that allowed API keys to be generated for three Badger accounts. When someone at Badger unwittingly completed account creation for one of these API keys, the attacker had access to the Badger platform and started injecting malicious scripts. The scripts were designed to intercept transactions and allow the third party address to control all ERC-20 transactions on the compromised account.
The rest is history and $120m was drained from user accounts.
Read more: https://badger.com/technical-post-mortem
Wormhole – $326m
In January 2022 the Wormhole Network, a bridge between the Ethereum and Solana blockchains, was exploited by a hacker that made off with around 120,000 Wormhole Ethereum (wETH) worth $326m.
The Wormhole Network hack occurred when an unknown hacker managed to discover an exploit in the smart contract code. This meant that the hacker was able to mint wETH on the Solana side of the chain, which was unmatched on the Ethereum side.
Luckily for wETH holders the damage was reduced when Jump crypto jumped in and covered the stolen assets.
Ronin – $650m
And so we reach the biggest bridge hack to date.
The Ronin Network is an Ethereum sidechain built for Axie Infinity, a popular Play-to-Earn, Pokemon inspired NFT game on Ethereum. The network was developed by Sky Mavis as a result of the huge gas fees, and slow network speeds users were encountering on the Ethereum mainnet.
All seemed well until the 29th March 2022 when a security breach was discovered by the Ronin Network team.
The hack itself was a result of a spear phishing attack that targeted Sky Mavis employees, most likely by the North Korea based Lazarus Group. The success of this attack meant that the hacker was able to gain access to relevant IT infrastructure and more importantly the validator nodes.
Centralisation of the validators meant that the attacker now had access to four of the nine validator nodes. All the hacker needed was one more to make the withdrawals.
However, it turns out that Sky Mavis’ ability to sign transactions on behalf of Axie DAO hadn’t been revoked, and via a backdoor the hacker got this signature as well.
Once they had 5/9 validator nodes it was inevitable… $650m was gone.
Bridges are hard to build. Cross-chain bridges are insecure. Use them at your own risk.