In the last two years, hackers have stolen over $2.5 billion by exploiting vulnerabilities in cross-chain bridges.
Decentralized finance (DeFi) and its evolution have faced significant security challenges. According to Token Terminal data, hackers stole over $2.5 billion between 2020 and 2022 by exploiting vulnerabilities on cross-chain bridges. When compared to other security breaches, this is a sizable sum.
Bridge problems have a common cause: they all have a “inherent vulnerability,” according to Theo Gauthier, founder and CEO of Toposware. According to Gauthier, regardless of how secure a bridge is on its own, it is “entirely reliant on the security of the chains it connects,” which means that any breach or bug within one of the two bridged chains renders the overall bridge vulnerable.
Bridges, in a nutshell, are used to connect different blockchains and address the lack of standards between protocols. Interoperability between blockchains is regarded as a critical goal for improving end-user experience and promoting wider crypto adoption.
Despite the bear market, solutions for interoperability and security in the crypto industry are gaining traction. One of the most important technologies available is zero-knowledge proofs (ZKPs), which allow data to be verified and proven as accurate without revealing additional information, in contrast to traditional interoperability solutions, which require networks to disclose their states.
It is also possible to create a ZK-powered Ethereum Virtual Machine (EVM) using ZKPs, according to Mudit Gupta, Polygon’s chief information security officer. This would enable developers to create scalable, entirely private Ethereum-compatible smart contracts. “We believe in the old crypto adage of ‘don’t trust, verify,'” Gupta added. This is entirely possible with ZK-powered solutions. The zkEVM has demonstrated the ability to maintain privacy, decentralization, speed, and scalability. There is no need to give up anything that has made the crypto space what it is, and it actually improves it.”
The solution for bridges would be auditing and real-time monitoring standards, according to Gustavo Gonzalez, solutions developer at Open Zeppelin. Bridges’ smart contracts “should be audited, ideally by multiple third parties, before they are released ‘in the wild.'” When updates are made, new audits should be performed, and all results should be transparently shared with the community. ” Machine learning technology could also be used with advanced security monitoring to flag potentially suspicious patterns of activity, detecting an attack before it occurs,” Gonzalez said.
Combining security software with blockchain protocols has the potential to make the entire space more secure for users and investors. “Just use Bitcoin, and you won’t have these issues at all,” a Bitcoin (BTC) maximalist would say. While Bitcoin smart contracts are being developed, DeFi players will be tasked with building trust within their respective ecosystems in the face of ongoing security concerns.
