Are you worried about losing all or part of your digital assets overnight or in a few minutes? Know that you are not alone! The number of current thefts or hacks would discourage even the most optimistic cryptophile. And in the perspective of a more or less massive adoption of cryptocurrencies, it is really going to be necessary to solve some security problems to hope to embark the general public in the adventure. Chainalysis and Vitalik Buterin give us the beginning of an answer by putting the finger on one of the main weaknesses of the system: the inter-chain bridges.
Chainalysis and Vitalik Buterin make the same observation
Following the media hacks suffered by Wormhole and Nomad bridge these last months, the Chainalysis team has just published a document on this subject. We learn that nearly 2 billion dollars were stolen during 13 different hacking operations. This represents 69% of the funds stolen in the ecosystem since the beginning of the year. For the record, the report also highlights the appetite of North Korean hackers for this modus operandi. The latter reportedly stole $1 billion in cryptocurrency while the country exports only $89 million in goods. Hacking as a source of GDP growth? But that’s another story, let’s get back to our sheep instead.
The highlighting of this new Achilles heel of the industry follows several developments. First of all, centralized platforms have made enormous progress in the area of security. They have strengthened their protection systems and do not skimp – or no longer – on security. Almost no exchange is hacked anymore, so we have to find another loophole for the thieves. Of course, there is still phishing and individual theft, but this does not yield much and requires a lot of time and effort for little gain. And in an increasingly multi-chain space, the weakness has naturally appeared: bridges.
Interoperability: there’s a problem with bridges
In a discussion on Reddit with the community last January, Vitalik Buterin was already pointing out this weakness. For him, it would even be an obstacle to a future inter-chain where several systems would want to communicate. He imagines a multi-chain environment where each blockchain remains in its corner, but the bridges between different blockchains seemed vulnerable or even dangerous.
To summarize the situation, let’s put ourselves in a situation. You own Ethers and you want to buy NFTs that are on the Solona blockchain. Instead of converting your expensive Ethers, you will use a bridge like Wormhole. The latter will store your ETH in a smart contract and deliver you the equivalent in a new token that is compatible with the Solana blockchain, we talk about “wrapped” token. The problem? The point of storage for these assets becomes a target for hackers because securing these smart contracts is tricky. And the more funds that are “locked up”, the more profitable the attack becomes.
The security audits of each major blockchain are so far sufficient guarantees of security, but the same is not true with the various cross-chain protocols. Yes Solana and Ethereum – to use our example – are robust against attacks, but what about a small protocol that offers you to switch between them? Or online wallets that offer to store your cryptos? New standards need to be defined and the industry will have to look into it quickly to avoid any more such mishaps. In the meantime, Chainalysis will continue to track down stolen funds. The company offers its theft and scam reporting platform called Crypto Incident Response as a temporary solution.