Working principles and security analysis of 9 common cross-chain bridges

Original title: "How do Blockchain bridges really work & can you trust them?   Middleton

Original compilation: Fenbushi Capital 

How to classify cross-chain bridges: by transmission type

1. Lock & Mint Examples: Polygon official bridge, StarkNet official bridge, Shuttle. 

2. Token Issuer Burn & Mint MakerDao, Arbitrum Teleport. 

3. Specialized Burn & Mint (Specialized Burn & Mint) Hop, Debridge. 

4. Atom Atomic Swap Stargate. 

5. Third Party Networks/Chains (Third Party Networks/Chains) Thorchain. 

5. p>

Cross-chain bridges are distinguished by two types: transmission type and trust assumption type. Let's divide it from the transmission type first. The cross-chain aggregation protocol Lifi has identified three main types of cross-chain bridges according to the type of transmission. Because the dividing line is a little fuzzy, it can actually be divided into five types.

Locking & Minting

The simplest and most common cross-chain bridge involves locking and Mint tokens and burn them. The following is the workflow diagram:

When assets cross-chain, The pass from the source chain is locked into the smart contract of the cross-chain bridge, and then a new version is generated on the target chain, which can be a mapped pass & standard pass.

Wrapped token: It will maintain a 1:1 anchor with the native token.

Canonical token: refers to the native tokens circulating on each chain.

Both tokens are minted with their underlying assets fully mortgaged. When the asset crosses the chain, the new token is burned on the target chain, and the native token is then unlocked/released on the source chain. This formula is very common: most "official" layer1>

< b>Advantages:

 100% collateral to support the target chain pass, making it possible to scale.

Disadvantages:

1. Source chain Smart contracts on the network are easy targets for hackers. If the source chain funds are stolen, the target chain pass may be worthless. Hacking attacks are aimed at cross-chain bridge smart contracts that hold a large number of tokens. For example, in March 2022, hackers used the Ronin Bridge vulnerability to steal 600 million US dollars.

2. Projects and applications on the target chain all rely on this cross-chain bridge, and are subject to cross-chain bridges in terms of security, running time, cost, etc. Pinning down of chain bridge operators. This is also known as "lock in problem".

3. Slow cross-chain speed - when it comes to cross-chain from Polygon to Ethereum or from StarkNet/Ex to Ethereum, users may still be willing to wait a few Hours, but for cross-chains on OP rollups such as Arbitrum and Optimism, users are not willing to wait a few days.

Burning & Minting by Token Issuer

This method is slightly different, It provides liquidity across chains by incentivizing token issuers. In other words, when the OP rollup challenge period is relatively long, the token issuer can step in instead of relying on a third party to "provide" liquidity.

For example, MakerDao Arbitrum Teleporter. MakerDAO enables users to quickly obtain the cross-chain asset DAI when Wormhole cross-chains from Arbitrum back to Layer1. In this case, the MakerDAO protocol tracks the final settlement of funds in the background through a network of oracles.

Advantages:

This method eliminates At the same time, when the oracle network is offline, it also uses anti-fraud redundancy to ensure the security of issuers (such as the MakerDao protocol).

Cons:

If MakerDao Arbitrum Teleporter Being exploited, bad debts arise within Dao (such as MakerDao), and the token issuer needs to bear the risk of liabilities.  

Specific burning & minting

Some cross-chain bridge protocols will "burn and Foundry" model combined with AMM liquidity pool. This liquidity pool can contain two or more assets, including specially minted cross-chain assets. Importantly, just like the Lock and mint bridges, this model facilitates quick asset cross-chain between Layer2 and other chains and back to the source chain. deBridge Finance and HOP fall into this category. When users lock ETH on a layer of Ethereum, deBridge mints specific cross-chain bridge tokens (such as deETH) on Arbitrum and other chains.

In terms of deETH itself, its use case on Arbitrum Not much, because there are other forms of ETH that are more widely used on this ecology. Liquidity providers can deposit a combination of ETH and deETH into the DeBridge liquidity pool, and can also (at Curve Factory) obtain transaction fees and arbitrage opportunities from cross-chain bridge users. The cross-chain is then setup/initialized by casting specific cross-chain bridge tokens on each chain, and then through the AMM liquidity pool.

When a user wants to cross-chain USDC from one Layer2 to another Layer2 (for example, between Arbitrum and Optimism), the user’s Arbitrum USDC first Use the AMM pool on Arbitrum to exchange for deUSDC, then deUSDC is burned on Arbitrum and minted on OP. The final step is to swap deUSDC for USDC using the AMM pool on Optimism. The amount of USDC locked in the Layer1 cross-chain bridge contract remained the same throughout the process, which means that deUSDC on Arbitrum and Optimism is still 100% collateralized and fully redeemable for USDC locked on Ethereum.

When the AMM pool slips (when deUSDC or USDC is removed or added from the pool), external LPs rebalance by depositing or withdrawing funds liquidity pool. In contrast, ordinary Lock&mint requires a longer waiting period when redeeming collateral. The Hop bridge works in much the same way, and both Hop and DeBridge have a reward and punishment system for node validators to ensure that the cross-chain bridge operates within a certain service level agreement.

Advantages:

By using the AMM pool As an intermediate step in cross-chain, the specific cross-chain bridge assets can effectively increase the liquidity in the ecology, and at the same time allow LP to earn arbitrage income due to slippage.

Disadvantages:

This method is The cost is higher for users, because the AMM liquidity pool does not provide a 1:1 exchange rate, resulting in slippage. There are also risks for LPs who deposit funds into a dedicated cross-chain bridge liquidity pool or hold cross-chain bridge assets (in the form of IOUs).

Atomic Swap

The Atomic Swap Bridge utilizes the pre-existing Standard/Mapped Tokens (e.g. USDC) and pool these tokens in a single asset pool on both source and target chains.

When users use Stargate to transfer USDC from Ethereum to Polygon , deposit USDC into the USDC pool controlled by the Stargate smart contract on the source chain, and withdraw from the USDC pool on the target chain. This approach can be thought of as "left handed right handed".

On the basis of the atomic exchange bridge, some bridges also add an automatic market maker trading function at the end to build additional services.

Benefits:

Users will no longer Rely on the security of the cross-chain bridge to ensure the token value preservation on the target chain. You can rely on another cross-chain bridge (in the case of a non-native token), or you can just hold the native token on the target chain. Asset transfers can also be very fast and cheap.

Disadvantages:

Due to the target chain pool A large number of tokens are required to scale, and liquidity mining to incentivize token deposits can be costly. Pools are also easily drained when there is a lot of one-way traffic.

Third-party network/chain

It can be said that this type of transmission is not considered cross- Instead of a chain bridge, a completely independent chain or network is acting as an intermediate chain. When smart contracts and messaging are incompatible (such as the Bitcoin network), or when cross-chain protocols need to achieve generalization goals (such as cross-chain communication), cross-chain assets in a decentralized manner require a third-party network/chain to act Bookkeeping and the middle layer. Such a network relies on a threshold signature system (node network) on the source chain and the target chain, and each node needs to be motivated to ensure honesty.

Advantages:

Third party network and Chain enables more blockchains to cross-chain in a decentralized manner.

Disadvantages:

These cross-chain bridges A large amount of capital needs to be deployed, one to incentivize nodes on each chain to maintain honesty, and two to establish a liquidity pool that requires continuous injection of funds. These systems are also more architecturally complex, the most famous example being ThorChain, which was hacked three times. Another example is third-party network Synapse, which prevented an $8 million hack in late 2021 after discovering unusual activity in its AMM pool.

Distinguish cross-chain bridges with trust assumptions

In addition to different transport methods, we also need to consider different trust assumptions.

The different levels of credibility can be divided into the following categories:

1. Center Bridge: Binance to Arbitrum

2. Verification/multi-signature bridge: Wormhole, Axelar, Connext.

3. Proof of State Bridge: StarkEx to Ethereum, ZKSync to Ethereum, Nomad, Hop, Axelar and Mina.

4. Protocol-level bridge: Cosmos IBC.

Centralized bridge

Centralized bridges usually rely on one-party signatures to process and control funds flow. For example, when you advance from Arbitrum to Binance, you rely on Binance to credit your account with the funds that exist in the smart contract.

Both Binance and Binance’s Arbitrum smart contract require collateral to facilitate transfers. There is also no automatic failsafe if the operator goes offline.

The centralized bridge solves the short-term demand for fast transfer. However, they are not transparent, scalable or censorship resistant, and thus limited to simple cross-chaining.

Validation/multi-signature bridge

These types of bridges are more secure than centralized bridges, Its trust assumption is weak.

It incentivizes several different types of brokers to act as oracles monitoring activity on both ends of the bridge and reporting ongoing deposits/withdrawals. However, this mechanism requires a certain amount of trust in the centralized validator, and in most cases it is nothing more than a basic multi-signature.

Because collateral is still required on both sides of the bridge, especially for infrequently used cross-chain paths, this will increase costs. Therefore, this solution either requires the support of a large entity, or the liquidity mining plan is expensive.

This is an example of a Connext bridge.

Status proof bridge

and verification Proof-of-state bridges require weaker trust assumptions than state-of-the-art bridges. They prove the state between chains, which means validators don't need to act as oracles (these can be ZK proofs or optimistic proofs). Furthermore, Proof of State bridges do not require trust in any third parties, although relayers may still be required. No collateral is required on either side of the bridge, as these state proof bridges can be used to securely lock assets on the source chain and then “mint” assets on the target chain.

State proof bridges can be slow, especially OP proof bridges like Nomad and Hop. As such, these projects often partner with solutions that provide temporary liquidity while awaiting cross-chain bridge settlement. For example, Nomad works with Connext. Hop's waiting period for OP verification will encourage LP to provide short-term liquidity.

This is the Hop Bridge mechanism.

Protocol level cross-chain bridge

Protocol-level cross-chain bridges are the most friendly to trust assumptions. Probably the most notable example of this is the Interoperable Blockchain Protocol (IBC) in the Cosmos ecosystem. This is indeed a proof-of-state bridge, but it is also a protocol level that can be operated on different chains.

By implementing it at the protocol level, it is possible to:

1. Completely eliminate the Collateral requirements.

2. Make sure all chains have the same assets to mint and burn.

3. Standardize the interface on each chain.

4. Reduce the risk of hacking of cross-chain bridges based on smart contracts.

This is the visual interface of IBC:

< p>In general, all mainstream public chains and ecosystems will use protocol-level cross-chains to maximize the liquidity and security of assets on the chain. Until now, the cross-chain bridge has failed to give a promise of asset security.

This doesn't mean you can't trust the bridge: Although there is a lot of news in the media, hacking is still a small probability event, and the cross-chain bridge helps users Solved the problem of asset circulation between chains, although this process is quite difficult (although rhino.fi is trying to solve this problem with its multi-chain function).

Of course the user needs to do some research too. Before using a bridge, you should look at its type (using our guide above) and find out if it has been hacked in the past. With the continuous development of technology, the safety, availability and convenience of the bridge are higher, and this part of the work is also saved.

Original link

Welcome to join the official BlockBeats community:

Telegram Subscription Group: https://t.me/theblockbeats

Telegram Discussion Group: https://t.me/BlockBeats_App

Official Twitter Account: https://twitter.com/BlockBeatsAsia