The future of multi-chain behind cross-chain bridges
Recently, Ethereum founder Vitalik Buterin posted a post on Reddit where he reflects on the cross-chain interoperability of blockchains. In short: he is pessimistic about this concept, even if he believes in a multi-channel ecosystem by understanding the coexistence of networks and communities with different values.
Especially for ForkLog, the founder of the Bridge.finance project, Alex Smirnov, analyzed Buterin’s theses and explained why the 51% attacks are not a death sentence for cross-chain bridges. He is convinced that the future lies in the full compatibility of blockchain ecosystems, and not in a parallel existence without direct connections.Bridge Smart Contract Development Services.
Attack Tolerance 51%
Vitalik Buterin links his pessimism to the security model and sees the 51% attack as an example. According to him, attacks of this type are not critical and do not need to be prevented.
The blockchain is a certain sequence of states, and the most painful for the user is the return of the state to a previous value. For example, you successfully traded 1 ETH for 3300 USDT on Uniswap. In the event of an attack, the worst thing that can happen is a rollback to when you didn’t have 3300 USDT yet, but you had 1 ETH in your wallet balance. Buterin sums up that as part of an ecosystem, these attacks aren’t that critical and you don’t have to put all your effort into overcoming them.
With Cross chain bridge development, the situation is completely different: if you managed to receive assets from one blockchain to another via the bridge, then in the event of an attack on the send chain and state restoration , your original asset will be returned to you. . At this point, wrapped assets issued by the bridge protocol on other networks lose their collateral on the native chain.
Buterin’s fears are indeed justified
We shouldn’t treat 51% attacks as normal, which is expected by protocol. In each blockchain, a social consensus has developed regarding the finality of transactions — 11 confirmations are required in the Ethereum network , and only then is the transfer considered irreversible. It is assumed that if this condition is met, the transaction cannot be undone using block reorganization attacks.
Potential attacks affect not only cross-chain bridges, but the entire ecosystem of applications and services above the blockchain: exchanges, payment and custody solutions, gateways, etc. Any attack that violates the generally accepted standard of transaction finality undermines confidence in the security of the entire ecosystem, so it should not be allowed.
Protection methods
How can interoperability protocols (bridges) protect themselves from this type of attack?
In deBridge, the protocol consists of two layers:
Protocol layer, which is represented by a set of smart contracts in each of the supported networks.
The infrastructure layer, which is represented by government-appointed validators of the protocol. The task of validators is to provide infrastructure to the protocol and have execution nodes of all supported blockchains as well as a deBridge node that reads information from smart contracts.
Validators confirm transactions in ascending order of no’s — if duplicates appear in the sequence, then the network has undergone a block reorganization or an attack. Validators automatically suspend validation of all transactions in that network so that the Protocol Government can determine what happened and whether requirements for transaction finality in that chain need to be tightened.
Considering that blockchain states are always consistent, attackers cannot inject arbitrary state (e.g. override nonsense). In the case of a 51% attack, they would only have one attempt to transfer a single specific token across the bridge, for which they would need to attack the consensus of the entire blockchain . In addition to the consensus attack cost, attackers must purchase an asset for the amount they plan to attack, which will make the attack even more expensive.
In addition, validators can always exclude the validation of scenarios whose probability is close to zero. For example, if $10 billion in ETH is locked in the bridge protocol, there is hardly any scenario where the entire amount belongs to a wallet and can be withdrawn in a single transaction. For such scenarios, the validators node can increase the finality requirements (e.g. 400 confirmations instead of 11), which will make the bridge attack even more expensive.
Risk insurance
In the near future, all Build a cross chain bridge interactions will be abstracted by the interface of wallets and decentralized applications (dapps), the user will not even know that he is using some kind of bridge. On the example of cross-chain swaps, the user simply makes an exchange, indicating which asset he gives and which asset he wishes to receive on another network. Bridges are like TCP/IP for the Internet. When we use websites, we don’t think about how the packets are transmitted, we just enjoy the result, and everything else is abstracted outside the browser window.
The entire risk is borne by those who own the token wrapped in the asset that suffered in the attack, namely the liquidity providers. For example, if, as a liquidity provider, I am a holder of an Ethereum network wrapped asset , I take the risk of transaction finality and realize that it is impossible to make a 51% attack on this network which will last more than 11 blocks. In the event of a successful attack, the amount of losses will be distributed proportionally among the liquidity providers who knowingly took the risk.
Therefore, the future is not just for multi-chain coexistence, but certainly for full cross-chain compatibility across protocols and ecosystems.