Cross-Chain Bridging – Current Risks & Future Development

Today, there are 180 national currencies. Each country has a different legal tender, and each economy settles its economic activities in its native currency. For example, most economic activities in the US are settled in US Dollars (USD). To settle economic activities in Vietnam - which are settled in Vietnam Dong (VND), you trade your USD for VND, then use the VND to transact within Vietnam's economy. 

Each currency represents a database with different individual balances and historical economic transactions. For USD holders to transact elsewhere, other databases must figure out how much 1 USD is worth relative to their currency. Here is where brokers, hedge funds, and individual traders step in, creating the Forex market via their exchange activity. This process is re-complicated by the proliferation of different data storage systems in the form of national currencies.

Blockchains, fundamentally, are another type of database. Each blockchain is a separate database, with different relative strengths. These advantages are based on a core set of beliefs, and a technical approach built on those tenets for solving problems identified as most critical. As Layer 1s, Layer 2s, or sub-blockchains become increasingly specialized, there is potential for wide-scale adoption of a wide range of new utilities. But just as in traditional currencies, economic activity across chains necessitates an efficient and reliable system of exchange.

However, ecosystems are not interoperable by default. These blockchains and ecosystems speak different languages and store different sets of data, making it difficult to facilitate connectivity. This is where cross-chain bridging technology steps in, solidifying the analogy to the Forex market. 

Let's consider a real example - say you have millions of dollars invested in Ethereum-based DeFi, but you find a new game on Avalanche you want to try out. To play, you must create an account in the Avalanche ecosystem, and fund your account to start transacting in this space.

Today, there are dozens of popular protocols that support cross-chain bridging. There are centralized exchanges who play the similar role as traditional centralized brokers in the forex market. There are also decentralized exchanges and routers as OTC markets but with publicly visible data on the blockchain.

Each exchange and router offer different swapping routes. Fundamentally, we can group them into two main approaches for transferring value across chains: wrapped asset bridging and bridging using liquidity (CEXs, Cross-chain DEX, Cross-chain Routers).

Wrapped Asset Bridging deploys a mechanism very similar to that of currency backed by the  Gold Standard. Customers first bring their gold to the bank to exchange for IOUs (fiat money). The bank’s IOU promises that a customer can always come back to redeem their gold, with that pledge securing the value of the IOUs. 

On the other side, the bank takes custody of the gold. As a result, they need to invest extensive resources to protect the gold, including the use of secure communication systems. If a communication channel is compromised and the gold is stolen, all the IOUs issued by the bank become worthless paper. 

Wrapped asset bridging works the same way. Imagine you want to transfer 100 native ETH to other networks. A wrapped asset bridge team creates a smart contract (1) on Ethereum, and a smart contract (2) on other chains, such as Polygon, Solana, or Avalanche. 

The complexity of this model lies in how smart contract (1) communicates with smart contract (2). Since each blockchain speaks different languages and stores different data sets, they require a system to secure the communication between two cross-chain bridging smart contracts. 

This language barrier has led to a number of exploratory technologies such as Cosmos IBC, Polkadot XCM, and LayerZero, all trying to solve the same problem: how to enable efficient and secure cross-chain communication.

The Avalanche Bridge leverages the Intel SGX (Software Guard Extension), which relies on a third-party verification to maintain cross-chain communication, and to decentralize the controlling power of the bridge’s wallets. The application requires 6 out of 8 approved verifiers to submit the same transactions on one chain, before then minting and sending wrapped assets on the destination chain.

Another example is the Multichain protocol, which holds over $2bn Total Value Locked at the time of writing. Multichain facilitates communication through the Secure Multi-Party Computation (SMPC) Network, which implements a Threshold Signature Scheme (TSS) Distributed Key Generation algorithm. In simpler words, the protocol's communication channels and liquidity pools are under the arms of the majority of nodes, where the number of nodes varies for each bridge deployed (e.g. 9-of-15, 15-of-21, 21-of-31).

If attackers can find ways to take over the majority of the SMPC network’s nodes and the trusted verifiers of the SGX Application, they can drain all the real assets (gold) out of the bridge (bank), and turn all the wrapped assets (IOUs) into worthless tokens. 

Looking at this issue from a purely economic perspective, the more assets a bridge stores in its vaults, the greater the economic incentive to target the bridge maliciously. 

Many have worked hard to find solutions that increase the security of crypto assets locked in the vaults of smart contracts, but they are fighting an uphill battle. The omnipresent risk remains othersidentifying protocol security exploits unforeseen by the bridging team. This is especially true given the recent rise of state-sponsored crypto fraud, resulting in large scale capital backing for attacks. Generally, the result of a hack is final barring a bailout- partial or total devaluation of minted, wrapped assets.

These risks are far from just hypothetical. In the last two years, "wrapped asset-related" hacks account for 66% of the funds lost in the top 15 biggest crypto hacks, with a total loss of over $2 billion dollars.

While there's always the possibility that some genius engineer can create an un-hackable protocol, the risk of this approach is that every protocol appears safe and well-engineered… until it doesn’t. Protocol builders operate in brutal zero-sum games, where the penalty for failure is a 100% loss of funds. Success doesn't guarantee stability; it just means the potential profitability from a more sophisticated attack grows. 

In the same way that different national economies connect via Forex and currency exchange markets, token economies also connect using liquidity (exchange rates) in the open market. 

In Forex, swapping EUR for USD means selling your EUR to and buying USD from middlemen: brokers, dealers, and big financial institutions that run 'cross-economy bridges'. These middlemen charge bid-ask spreads (the equivalent of bridging fees). This business model requires large amounts of capital to fulfill large orders and handle high volumes.

Although a few protocols support this swapping model in the crypto market, the most liquid and efficient deployment still happens on centralized exchanges. However, on centralized exchanges (CEXs), the swapping process happens off-chain under the purview of a single party, which is antithetical to a crypto community that favors decentralization. Thus, large amounts of effort and capital have been invested in the hope of a more decentralized process.

Although THORchain’s methodology of swapping native tokens with each other using paired liquidity with RUNE is promising, it still relies on a 27-of-40 Threshold Signature Scheme (TSS) for inbound vaults and a 1-of-1 single signers scheme for outbound vaults. Any successful attack on THORChain's state machine or the MPC Nodes with 27-of-40 TSS would result in severe risk for THORChain's liquidity providers. However, the users who do not actively swap during the attack are not vulnerable to any loss, and most of the damage happens to the liquidity providers.

Layer 0 refers to the concept of networks that facilitate trustless and decentralized communication between blockchains. Suppose layer 1 and layer 2 blockchains' decentralization ensures that networks will never permit double spends (UTXOs) and that everyone's balance is correct. In that case, the layer 0 networks' decentralization will ensure cross-chain data and value transfer legitimacy.

You can read more about the idea of LayerZero via our primer.

LayerZero is an omnichain interoperability protocol, which enables cross-chain applications via a low level communication primitive. The first application leveraging LayerZero’s technology is Stargate.finance - a fully composable liquidity transport protocol that allows users to safely transfer native tokens between unified liquidity pools on different chains.

The ultimate challenge for cross-chain bridging, even assuming cross-chain communication can become completely secure from a technical perspective, still lies in the limitation of multi-signature (Multi-sig) wallets. The most popular technologies used to decentralize wallet control are Multi-sig (on-chain) and TSS (off-chain), which can only effectively distribute the controlling power of asset pools up to a double digit number of parties without materially affecting the bridge’s performance. 

It is hard, but critical, to quantify the risk of each approach when it comes to cross-chain bridging. As a web3 user, it's worth spending time understanding the risks of wrapped asset bridges, as supplying liquidity to these platforms can place investors in harm's way in the event of an exploit.

While popular solutions like Cosmos IBC, Polkadot XCM, LayerZeros, and Avalanche cross-subnet need time to prove their respective models, wallet security will remain an industry bottleneck that will need to improve for scalable and secured cross-chain applications to become possible.

This report is for informational purposes only and is not investment or trading advice. The views and opinions expressed in this report are exclusively those of the author, and do not necessarily reflect the views or positions of The TIE Inc. The Author may be holding the cryptocurrencies or using the strategies mentioned in this report. You are fully responsible for any decisions you make; the TIE Inc. is not liable for any loss or damage caused by reliance on information provided. For investment advice, please consult a registered investment advisor.