Security of crypto bridges: with this new technology, hacks will be a bad memory

The crypto bridge interoperability trilemma needs to be rethought. The data journalist, Daniel C. Parkpresents the projects aimed at preventing bridge piracy.

Nomad is currently working on a whole new type of crypto bridges (bridges) aimed at reducing the risk of hacking. However, the project sacrifices latency to achieve security, a choice that seems rather sensible when you consider how much hacks have cost bridges this quarter.

The successful QBridge ($80 million), Wormhole ($326 million), and Ronin ($624 million) attacks remind us that the trilemma of bridge interoperability needs to be completely rethought. Indeed, users of crypto bridges understand the need for anti-fraud features more than ever. It is from this observation that Nomad was born.

On Covalent’s Application Programming Interface (API), we can see how much Ethereum and Moonbeam bridge users are interested in Nomad’s security features. Additionally, post-launch figures for the platform, including total unique addresses and TVL per user, point to a promising outlook for the Optimistic protocols.

Is cross-chain bridge technology deadlocked?

Nomad wants to challenge the idea that cross-chain bridges, despite their great economic utility, have become too vulnerable to attack. Indeed, even a 51% attack on a small-cap blockchain can compromise interconnected chains. This, due to the superposition of derivatives.

Tweet by Vitalik Buterin on cross-chains (Twitter)

In January, Vitalik Buterin was one of the first to launch the debate on this subject. Besides “the security limitations of bridges,” the Ethereum founder believes that cross-chain bridges should be used as an interim solution to scale blockchain interoperability.

However, Nomad’s innovative features, such as Optimistic protocol verification, contradict this idea that crypto bridge technology is at an impasse.

Sacrificing latency for absolute security

Developers must make tough choices to solve the scalability trilemma. The situation is similar for crypto bridges, which must also give up at least one of their three advantages: trust minimization, generalizability (the ability to transfer arbitrary data), and scalability (across as many blockchains as heterogeneous).

The Interoperability Trilemma (Connext)

Faced with this trilemma, Nomad decided to break the codes by sacrificing latency to achieve a security-focused interoperability solution. Based on optimistic rollups, Nomad minimizes the visibility of the on-chain attestation and recognizes it as valid within an anti-fraud verification time of approximately 30 minutes.

Crypto Bridge Security: How Nomad Prevents Hacks?

During this process, Nomad’s data is essentially exchanged between an “Updater”, which signs and sends the data to the original channel; and a “Watcher”, which detects and processes erroneous certificates.

Interestingly, unlike typical Optimistic protocols, Nomad requires the Updater to post a warranty on the original channel. This ensures that the latter does not turn a blind eye to any fraud.

Crypto bridges
Nomad Architecture

In the event that a Watcher detects fraud, the line of communication between the originating channel and the receiving channel is immediately cut. Then, the funds deposited as collateral by the Updater are transferred to the Watcher.

This means that the bridge will be closed to prevent users from losing their funds. Of course, if no fraud is detected, the data is sent to the destination channel.

How are hackers misled?

Rainbow Bridge and NEAR are already benefiting from the potential of Optimistic designs, which allowed them to fend off an attack early in this month.

Indeed, the security of Nomad bridges follows a single honest verifier hypothesis, and requires only one actor out of “n” to validate transactions. In contrast, externally verified bridges are usually based on an honest majority assumption, where “m out of n participant(s)” oversee the validation scheme.

Thus, enabling unauthorized watchers, which can be deployed by any Nomad user, prevents hackers from knowing if there is not at least one watcher monitoring every transaction.

In this way, Optimistic systems make it possible to increase the costs spent by malicious actors (gas costs and the guarantee deposited by the Updater) to attack their targets. All with very few guarantees.

How is Nomad’s security proposition attractive to crypto bridge users?

The technology used by Nomad has already proven itself. Looking at Covalent’s Unified API, we see that Nomad delivers on its promise and continues to grow its user base.

TVL per user – Nomad vs Avalanche (Covalent).

Another interesting point: in comparison to the bridge of Avalanche, which is more commercially mature, the TVL/user of Nomad is higher. As of March 2022, this has reached between $30,000 and $40,000 per user per day, while Avalanche’s ranges between $20,000 and $30,000.

This disparity demonstrates that Nomad’s anti-fraud features have been successful in earning user trust.

The total number of unique addresses on Nomad (Covalent)

Since the beginning of the current month, 5,000 new addresses have been created on Nomad. This is exponential growth, given that it took Nomad three months to reach 3,000 unique addresses. It can therefore be concluded that the security promises of the platform attract many users of crypto bridges.

Use Connext to Troubleshoot Nomad Latency Issues

The latency of around 30 minutes remains a major drawback of this bridge, however. That’s why Nomad has partnered with Connext, an Ethereum-based layer 2 cross-chain liquidity network that offers much higher speed.

Crypto bridges
How Nomad and Connext work together? (Connect).

The modularity offered by the combination between Nomad and Connext is also a radical solution to the trilemma mentioned above. Indeed, Connext sufficiently closes the speed gap that Nomad was forced to give up.

Thus, this dual and harmonious system dynamically routes and modulates transactions. This, depending on the size of the transferred asset and the liquidity pool corresponding to this asset.

Crypto bridge security evolves with “stackable” bridges

As their synergy improves, Nomad can focus more on institutional clients, while Connext can handle smaller retail transactions.

The security offered by Nomad and its remarkable growth mark an important moment in the history of cross-chain crypto bridges.

Nomad aims to fight against major bridge attacks, which slow down the evolution of blockchain interoperability.

About the Author

In 2019, Daniel C. Park began his adventure in the world of Web3 with Starling Lab, Stanford, where he worked on researching the usefulness of blockchain in humanitarian affairs. Currently, he holds the position of data journalist at Covalent.

Disclaimer

All information on our website is published in good faith and for general information purposes only. Any action taken by the reader based on information found on our website is entirely at their own risk.

Leave a Comment