Bridge exploits cost $2B in 2022. They could have been averted.
As the move towards a full multi-chain future continues, bridges are still more susceptible to hacks than the cryptocurrency networks themselves. In 2022, over $2 billion in assets were stolen from token bridge exploits, and all of these could have been prevented by implementing multiple security measures.
By examining some of the attacks that occurred in 2022, we can identify some of the major flaws in the system and the security measures that exist or are being developed to protect against them.
Social engineering
Social engineering attacks are the most common form of security breach. Everyone has experienced a social engineering attack at some point in their lives, either through phishing or honey traps, where “too-good-to-be-true offers” are promised in exchange for personal information.
Martin Köppelmann is the co-founder of Gnosis.
- Binance leaving Canada – impact on crypto industry?
- Elizabeth Warren is mistaken about the relationship between cryptocurrency and the fentanyl epidemic.
- Fragmented Bitcoin may be worth more than complete Bitcoin
The hackers in the biggest bridge exploit of 2022 relied on similar methods to siphon funds. The blockchain of the high-profile crypto game Axie Infinity was hacked with a phishing scheme that involved fake LinkedIn job offers.
The game’s developer, Sky Mavis, said its employees were targeted with fake job offers and even asked to appear for multiple rounds of job interviews. When the employees took the bait, hackers accessed their systems and made off with $625 million from the Sky Mavis’ Ronin Network. During a postmortem analysis of what went wrong, Sky Mavis said it had been the victim of advanced spear-phishing attacks.
Compromised private keys
In September 2022, Wintermute, an algorithmic market maker, was hacked for $160 million, likely due to a weakness in private keys generated by the Profanity app.
The hot wallet’s private key was exploited and used to drain the funds. Reports said flaws were previously detected in Profanity’s addresses, but the company didn’t take these reports seriously.
A similar reason was reported behind the hack of Slope, resulting in a loss of $6 million for the company.
Smart contract bugs
Smart contracts are programs stored in a blockchain set to trigger when certain predetermined conditions are met. In terms of e-commerce, for instance, it’s what confirms to a website that an item should be delivered once you’ve added it to your basket and paid for it. A bug in a smart contract can thus allow hackers to illegitimately trigger the transfer of money between blockchains without fulfilling any conditions.
In the case of Nomad, hackers were able to drain nearly $200 million from the bridge by discovering a misconfiguration in the primary smart contract which allowed anyone with a basic understanding of the code to withdraw funds.
It is a worrying thought that these bugs and security flaws were so blatantly exploited by hackers, yet what is more troubling is that the ‘trusted’ systems that people didn’t think about using were so easily exploitable.
The solution: multiple security measures
Bridge standards are sets of rules that define how different blockchain networks can communicate with each other, in this case, through a cross-chain bridge. While some of these protocols, by themselves, are at risk of exploitation, when put together they add much-needed additional layers of security.
By using multiple bridge standards at the same time, developers can offset weaknesses displayed in one protocol with the use of another protocol. Let’s look at some cryptographic standards that could be used in combination to add additional layers of security.
Multi-sig and committee
Multi-sig technology requires the signature or approval of multiple parties before a transaction can be executed. It can prevent unauthorized access to networks and ensure that no single party has complete control.
A committee bridge standard uses a group of trusted entities, or a committee, to manage the security of a network bridge. Members are responsible for approving and overseeing network transactions. Committees are beneficial when multiple organizations share access to a network.
Zero Knowledge
Zero Knowledge (ZK) is a cryptographic technique that allows two parties to exchange information with each other without the need to reveal any additional information beyond what is absolutely required.
The integration of ZK models eliminates the need for the committee model by allowing developers to utilize light clients on-chain. By using Zero Knowledge Proof systems and specifically the “Succinctness” property of a ZK-SNARK, it is possible to efficiently perform this verification process using on-chain light clients. It is also possible to verify both state transitions and consensus on-chain for maximum security, similar to running a full node.
On-chain light clients use ZKP systems to prove the validity of the source chain’s state. This is achieved by generating a proof that can be verified by the target chain without the need to know the entire state of the source chain. On-chain light clients can improve the security and scalability of blockchains by verifying the state of the source chain on the target chain. This helps to prevent fraud and other malicious activities while still working to scale the network. For example, ZK can prove that a transaction has been authorized by the owner of a particular wallet without revealing the private key.
Optimistic
Some bridges use an “optimistic” approach to transaction verification. Instead of immediately verifying each transaction on the target blockchain, optimistic bridges assume that each transaction is valid and incentivize additional participants to point out fraudulent transactions for a reward. The funds are only cleared after the challenge period has lapsed. Optimistic bridges are game-theoretically secure but not mathematically secure, as they rely on third parties to pay attention to what is happening. Liquidity providers check the veracity of the bridge claims and make the funds immediately available on the other chain for a fee of a few basis points.
Optimistic bridges can still be quite secure as they use the “challenge and dispute” method. If a user believes that a transaction has been processed incorrectly, they can challenge the transaction and the bridge will investigate.
Challenges of implementing multiple bridge standards
The best security is achieved by using a combination of standards. This way, if one bridge implementation experiences a bug or a security weakness, the other standards can still protect the network. Bridges rely on the consensus mechanisms of the connecting networks and can never be more secure than the networks they connect.
Securely accessing a multi-chain world
Bridges are necessary to provide unfettered access to our multi-chain world, but we have to fortify these bridges in inventive ways to reduce points of attack. Blockchain technology allows strangers to come together and make direct, immutable decisions. The more we utilize the entire scope of the networks at our disposal, the stronger our bridges will become.
Edited by Jeanhee Kim and David Z. Morris.