Cosmos inter-chain communication is facilitated using IBC protocols, relaying token information and enabling secure transfers between chains. In such an interchain bridge, a substantial amount of funds could be sitting in a bridge whose security relies on a small number of trusted parties, making it an active target for attacks. This led to the fragmented multichain universe, where each blockchain basically operates in isolation, completely oblivious to the existence of other blockchains. Furthermore, since the blockchains in the multichain universe are defined over a wide variety of domains (fields, curves) depending on application, optimizations in and out of field arithmetic are vital building blocks at the lowest level.
Overall, this combination of proving systems enables efficient cross-chain communication in zkBridge without external trust assumptions. It relies on a protocol called GKR and a polynomial commitment scheme to generate proofs for a circuit that validates multiple signatures. ZkBridge uses deVirgo, a parallelised version of the Virgo zkSNARK proving system, which has a small proof size and does not require a trusted setup. The main difference between zkBridge and other industry-led approaches is that it only requires the existence of one honest node in the relay network and the assumption that the zkSNARK is sound. Electron Labs plans to address this by using multiple machines to generate the proofs in parallel and combining them into a single zkSNARK proof. The Tendermint light client used in the Cosmos SDK operates on the Ed25519 curve, which is not supported natively on the Ethereum blockchain.
Perps on Ethereum Mainnet
- Bridge hacks have constituted a substantial ~70% of total funds stolen in the DeFi sector over the past two years, mainly due to the novel technology, vast attack surface, and high value at stake.
- In this article, we focus on specific implementations of bridge constructions using Zero Knowledge Proofs (ZKP’s).
- The ed25519 curve signatures are not aggregatable and therefore cannot produce a single zk-SNARK proof for aggregated signatures, unlike the BLS signatures.
- For externally verified systems, it is easy to add delay and off-chain verification but not necessarily required for the bridge.
- It can also be used by Bridge Liquidity Providers to identify and assess potential risks and make more informed decisions while searching for yield generating opportunities.
- By implementing effective threat mitigation measures, developers can help ensure that their bridge contracts function as intended and protect the assets that they manage.
Hybrid validation is a combination of the two and aims to balance security and complexity. Centralized validation is less complex to build but comes with less security. (e.g. Stargate, Aptos, Satellite, Portal) Bridges can also be categorized based on the way in which crosschain messages are validated, which can be done in a decentralized, centralized, or hybrid way. The CCC is a community focused on scaling cross chain infrastructure through events & education. Additionally, a good threat response plan should include a faster response time once the attack has begun .
Add live sports to your HBO Max plan for €5/month*
Yet another such infrastructure is the Cross-Chain Transfer Protocol (CCTP), which is a permissionless on-chain utility that can burn native USDC on a source chain, and mint native USDC of the same amount on a destination chain. So the hierarchy is a messaging layer, then bridge applications on top of it. Now that we understand what a bridge is and why we need it, in the next section let’s uncover the different ways to categorize them. But in some sense it's accepting deposits on one end and giving you other assets on the other end just like a bridge would. Uniswap is the largest DEX in the DeFi ecosystem on Ethereum and they recently expressed their interest to deploy their v3 on BNB chain. One indication of the need for interoperability was recently demonstrated by the Uniswap protocol.
It can also be used by Bridge Liquidity Providers to identify and assess potential risks and make more informed decisions while searching for yield generating opportunities. In other cases the centralized exchanges have frozen attacker funds by blacklisting their wallets and then later return the fund to the team. They act as health checkers and notify in case of any security invariances instantaneously.
- In the first step, a deVirgo proof is generated, which is then compressed using the Groth16 prover.
- If a challenge is accepted, the bridging transaction will fail, and if no challenge is made, the funds will be bridged after the seven-day window.
- Different bridges use different mechanisms to ensure the message is valid and hence it is incredibly difficult to build fully secure bridges.
- With the introduction of composability on Ethereum and building of smart contract protocols for various DeFi applications, the number of use cases grew, and Ethereum’s initial design was no longer scalable.
- Additionally, bridges can be categorized based on the different ways of validating a crosschain message.
Since we know the appetite for interoperability is growing we can expect more development of secure and scalable bridging technologies, which in turn will likely further boost the development of ZK technologies. Since the ZK bridging space is still in its infancy, we expect exponential growth in research breakthroughs, clever implementations and adoption by cross-chain applications in the coming years. But as we mentioned in the introduction to this post, trusting data providers can lead to issues of censorship or data breaches. But when this is not possible, or very expensive to provide,, organisations may turn to trusted data providers, such as AWS or Infura, to access their needed data.
Unlocking Seamless Blockchain Connectivity: The Magic of Zero-Knowledge Proofs in Cross-Chain Bridging
It was a centralized bridge with a validation process consisting of multi-signature scheme with five validators for approving transactions. The attack highlights the significance of thoroughly reviewing smart contract code before deploying it. This hack demonstrates the importance of secure coding practices and an in-depth security audit.
Disney Plus, Hulu, HBO Max Bundle
TON Foundation teams up with @JupiterExchange to incubate new liquidity aggregator on $TON blockchain! This collaboration aims to enhance liquidity aggregation on the TON network and pave the way for cross-chain swap integrations. The TON Foundation has announced a strategic partnership with Jupiter to incubate a new liquidity aggregator on the TON blockchain. Polkadot’s Substrate-based chains are integrated through XCMP/XCM, with future support planned for trust-minimized light client verification. The backend is implemented entirely in Rust, designed to handle data aggregation, cryptographic computations, and cross-chain communication efficiently and securely.
Get the Disney+, Hulu, HBO Max Bundle
The sooner the response, the higher the chances of recovering funds. A good threat response plan should include a faster response time, which can be achieved by using continuous monitoring tools that alert you. Having a well-defined threat response plan can help minimize the damage and recover lost assets.
To address this, bridges offer incentives to add liquidity on both sides. An example of a liquidity network in production right now are protocols like Hop and Connext. So when you use a liquidity network, you basically swap out an already minted asset rather than sending a message to mint a token on the destination chain. Message-based bridges can sometimes take a long time to complete a cross-chain transfer.
For optimistically verified bridges there are a few different ways you can corrupt, one being corrupting the entire watcher set. For externally verified bridges, you just have to corrupt the bridge validator set (such as in the case of Ronin Bridge hack). For natively verified bridges, you would have to corrupt the underlying domain’s validator set.
Bridges enable users to communicate messages between chains including digital assets (cryptocurrencies), state of the chain, contract requests, proofs and more. Electron labs aims to construct a bridge from the Cosmos SDK ecosystem (a framework for application specific blockchains) spinmaya casino bonus that uses IBC (Inter-Blockchain Communication) to communicate across all sovereign blockchains defined in the framework. Following this, the block headers and the proof are submitted to the smart contract, which then performs the verification on the Gnosis chain. While some of the hacks are not preventable just because one uses ZKP’s, the soundness of a ZKP extends the security of the blockchain consensus protocols to the bridge. Finally for users, we propose a two-part risk assessment framework to help choose the right bridge based on their transaction needs and desired security level.
Ultimately bridges were built between these parallel blockchains in order to ease fragmentation of liquidity and allow users to hop from one blockchain to another seamlessly. In the natively verified bridges, the trust was on the two blockchains. Notwithstanding the fact that this goes against the very founding principles of blockchains, it brings with it issues related to censorship and security.Some of the biggest hacks in blockchain history have occurred on bridgesThe main reason for security vulnerabilities are due to the way a bridge acts as a centralized storage unit. The Ethereum light client uses a solidity smart contract on the Gnosis chain, while the off-chain computations consist of constructing circom circuits for the verification of the validators and their BLS signatures, and then computing the zk-SNARK proof. Bridges are communication protocols that facilitate the transfer of information such as messages, funds or other data between blockchains. Hence, in order to safeguard the security and reliability of blockchain bridges, developers must implement proactive threat prevention strategies.
Built on Ethereum
This includes expanding to new chains without exposing the existing users to the risks of the new chain. Given timely and relevant alerts about the security and health of owned or dependent systems, protocols and investors can react quickly to neutralize threats and prevent or minimize loss of funds. One such tool is called ‘Forta’, which is a real-time detection network for security & operational monitoring of blockchain activity. So if we compare the three bridge security models, in terms of Environment security, starting with the most secure, #1 is Optimistically verified, #2 is Externally verified, and #3 is Natively verified.
It is clear that more and more DeFi participants prefer to move their funds across different chains to chase the yields and so the bridges are going to need to transfer growing amounts of value as time passes. According to the blockchain data platform Chainalysis almost $2 billion has been stolen from bridges over the past two years, with close to 15 incidents reported. These aggregators incorporate various protocols, including different bridges and DEXs, each with their own security features and risks. The smart contracts of the bridge aggregator simplify the complexities of working with multiple bridges and DEXs, but also introduce another layer of smart contract risks. In order to relieve the Ethereum Mainnet from data and execution load, many Layer-2 blockchains were built on top of Ethereum.
These projects leverage the properties of zk-SNARKS to redefine how bridges should be designed. As of 2022, it is estimated that 69% of the funds lost in the past year were due to attacks on bridges, resulting in losses amounting to billions of dollars. The way crosschain messages are validated can also determine the type of bridge, including decentralized, centralized, or hybrid validation.