Users have the option to choose from various bridges for their specific task, each with its own pros and cons such as speed, TVL, efficiency, and cost. However, in the complete absence of liquidity, the bridge defaults to message passing based token bridge which takes longer to complete the same transaction. However, if a new yield farm is created on Polygon and there is a surge in the movement of USDC from Ethereum to Polygon, there may be insufficient liquidity on the Polygon side of the bridge.

2 What Is A Bridge?

This is achieved by proving the correctness of information without exposing the data itself, a crucial feature for maintaining privacy and security. Ethereum, Polygon and Avalanche are integrated as EVM-compatible chains, leveraging existing token standards and bridging solutions. This project leverages the power of Rust, zero-knowledge proofs (ZKPs), and cross-chain interoperability standards (like IBC and XCMP) to create a scalable and trust-minimized multichain platform. The main reason for security vulnerabilities are due to the way a bridge acts as a centralized storage unit. The current state of the blockchain ecosystem resembles a heterogeneous distribution of bubble universes (fragmented multichain universe), each with its own rules of consensus mechanism, design, applications, and use cases.

  • Another version of re-org attack could include, a malicious fraud proof can be inserted allowing the attacker to roll back the rollup even after the L1 block reaches finality.
  • Pre-Crime takes all the chains involved in the messaging, forks them, delivers the message, and then checks them against a set of invariants.
  • Since the ZK bridging space is still in its infancy, we expect exponential growth in research breakthroughs, clever implementations and adoption by cross-chain applications in the coming years.
  • ZK rollups will create a ZK Proof (ZKP) that attests that all of the transactions were done correctly and Optimistic rollups will submit fraud proofs that can be challenged if one thinks they are malicious.
  • In summary, using ZKP for designing bridges solves the problems of decentralization and security, but creates a computational bottleneck due to large circuit sizes.
  • On the one hand, the volume moved through bridges indicates an increasing market demand for interoperability.

Zero-knowledge proofs are foundational to the privacy-preserving features of ZK-Port. This is typically in the case of transfer of funds where substantial trust assumptions are placed on the centralized bridging entity, which usually consists of a small number of trusted parties. Parallelism in proof generation via MPC brings its own bottlenecks in communication complexity, which are as yet open issues. The issues of computational overhead can be ameliorated using hardware acceleration, and the usage of SNARKS in particular, as well as tricks for committing public data, can reduce storage overhead.
One problem with liquidity networks is that the liquidity can dry up and the user will have to wait longer. Liquidity networks thus act as a crosschain DEX such that they allow you to swap tokens for a small fee. Liquidity networks are systems that allow you to swap these tokens from one chain to another. For decentralized bridges, a decentralized approach is used to affirm the message indicating that the asset has been burnt on one side and minted on the other. For centralized bridges, a single entity is responsible for verifying the burn process. This type of bridge has the advantage of allowing virtually limitless minting and burning (provided 6/8 nodes submit the same transactions to the SGX Enclave to sign), thus improving user experience by ensuring an absence of liquidity issues.

Bridges and Zero Knowledge Proofs

The technology offers unparalleled security, transparency and trust, allowing users to securely store and transfer digital data, such as cryptocurrency, in a distributed and immutable manner. And lastly, having a standardized risk assessment framework can be useful from the users’ perspective to select the appropriate bridge for their transaction size and security needs. At the core of every bridge is a messaging infrastructure that sends data across chains.
There could be a governance bridge that allows you to vote from different chains. In a nutshell, whenever one blockchain (eg. Ethereum) connects to any other blockchain (eg. Solana), there is a bridge (eg. Portal) involved leveraging a messaging infrastructure (e.g Wormhole). With the introduction of composability on Ethereum and building of smart contract protocols for various DeFi applications, the number of use cases grew, and Ethereum's initial design was no longer scalable. By taking this proactive approach, developers can protect the assets that their bridges handle and reduce the likelihood of their network being damaged. Thus, bridge hack is a growing problem, as bridges are a common target for attackers and we will discuss how developers can mitigate these attacks, respond to a hack, and assess the safety of a bridge through risk scoring.
One issue with this approach is latency, as the proof generation process needs to keep up with the high block production rate of the Cosmos SDK. And the target chain will then have some information about the source chain baked into its own consensus. The three main areas of security issues were bugs in the code, blindspots in the architecture (such as missing fail safes) and committee/validator takeovers. Synthetix uses TradingView to display data on charts, providing advanced tools to enhance your market research. Earn steady rewards without collateral ratio worries or liquidation risk. Built on Ethereum Mainnet, with the strongest asset security guarantee in DeFi.

🔵 ZK-Enabled Privacy

Notwithstanding the fact that this goes against the very founding principles of blockchains, it brings with it issues related to censorship and security. Interchain communication in the multichain universe, often referred to as the interoperability layer, is a foundational infrastructure that acts as a bridge between different blockchains. A typical user interacts with a bridge by sending funds on a chain C1 to the bridge protocol that “locks” these funds into contract, i.e these funds are unusable in C1.

  • This is achieved by proving the correctness of information without exposing the data itself, a crucial feature for maintaining privacy and security.
  • Polkadot’s Substrate-based chains are integrated through XCMP/XCM, with future support planned for trust-minimized light client verification.
  • Meaning, the smart contracts for the liquidity providers are separate for each bridge pair and hence hacking one contract doesn’t affect the others.
  • Electronlabs have proposed to parallelize the computation with multiple machines to generate proofs at the same rate as the block production rate and do a recursion to generate a single zk-Snark proof.
  • In regards to the validation method, bridges can be designed to validate messages in a decentralized, centralized manner or a hybrid version of the two.
  • In order to relieve the Ethereum Mainnet from data and execution load, many Layer-2 blockchains were built on top of Ethereum.

🔵 Cross-Chain Transfers

Based on the application or the utility of the bridge, there can be several types of bridges such as Token bridges, NFT bridges, Governance bridges, Lending bridges, ENS bridges etc. Additionally, some bridges use a hybrid model, further blurring the distinctions between the types. Before we dive into the different types of bridges, an important thing to note is that there are many different ways to describe the same technology and hence it can spinmaya casino bonus get a bit confusing while categorizing bridges. These two smart contracts communicate with each other through messages with cryptographic signatures.
Chainalysis data has revealed that bridge hacks have accounted for a staggering 69% of the total funds stolen in the DeFi space in the past two years. Different bridges use different mechanisms to ensure the message is valid and hence it is incredibly difficult to build fully secure bridges. Hacken is a blockchain security auditor born in 2017 with a vision of transforming Web3 into a safer place. To evaluate the security of different types of bridges, the three main pillars of bridge security, namely Economic Security, Implementation Security, and Environment Security need to be considered.

Succinct Verification of Proof of Consensus (Succinct Labs)

Avalanche bridge provides an example of a message based token bridge, in which tokens are locked/burned on one chain and minted/unlocked on the other. Based on the VAA user can withdraw funds on the other end of the bridge. Another example is Portal Token Bridge  built on top of Wormhole (a message passing protocol) where the validation process takes place in an external network called the Guardian Network. The Polygon bridge, for example, has 100 validators, so compromising it would require compromising at least 51 of these validators, a difficult task due to the participants having their own native tokens at stake.
And lastly we propose a two part standardized risk assessment framework that bridge users can use to guide themselves to choose the right bridge for their transaction requirements and level of security needed. Bridges present a challenge for blockchains since they need to be able to trust and validate external information. In order to facilitate the exchange of value between different blockchains, interoperability is essential.
And for Optimistically verified bridges, they have a delay built in the bridge model itself which means that these types of risks can be easily detected and reacted to, without having to change any fundamental bridge design. For externally verified systems, it is easy to add delay and off-chain verification but not necessarily required for the bridge. One example of a weak environment security would be, connecting a less secure blockchain to a more secure one such as Cardano to Ethereum. So if we compare the three bridge security models, in terms of implementation security, starting with the most secure, #1 is Optimistically verified, #2 is Externally verified and #3 is Natively verified.
Ronin bridge can also be categorized as somewhat centralized, although it was 5/9 multisig, but four of the multisig parties were stored by one operator essentially making it 2/9 for hackers. For example, if you swap from USDC on Ethereum, to USDC on Polygon using Coinbase, you're technically bridging USDC, though the method is externally verified we are unsure of the method as it is something centralized and non-transparent. With an external validator set, the trust lies on the bridge itself acting as an intermediary. Examples include Wormhole, Multichain, Axelar, DeBridge, Synapse, Stargate. This is a type of bridge where a 3rd party verifies the transactions. The implementation of a seven-day challenge period prior to exit provides an added layer of security as it allows ample time for the security team to identify and address any potential bugs.

Unmatched Liquidity

This data from Chainalysis reveals that bridge hacks constitute a significant proportion of the total funds stolen in DeFi in 2022, amounting to an alarming 69% of the total. This can jeopardize even the security of the blockchain it connects to. However, if for example a bridge introduces new and unsafe tokens to the destination chain by minting, then these assets are only as secure as the bridge itself.
Token bridges can be further classified into Lock and Mint type or Liquidity Network type. To conclude, bridges can be categorized in many ways, we’ve seen the categorization by validation method and the categorization by the applications built on top of the messaging infrastructure. As a result, users must trust the aggregators to provide a carefully selected set of options with minimal risk. For instance, TransferTo.xyz and Bungee allow users to access LI.FI and Socket's bridge aggregation services directly. One such bridge aggregator LiFi’s has written a section on Bridge Aggregation Protocols while contributing to the Crosschain Risk Framework. By combining the features of multiple bridges, aggregators may have a unique advantage in the bridge sector.