Watertight Blockchain Bridge Security Critical for Cross-Chain Interoperability
Trustless blockchain bridges will play an important role in cross-chain interoperability and in reducing the risk of hacks in the blockchain industry. This problem was brought to the fore earlier this year with a couple of major attacks on blockchain bridges—the $320 million hack on the Solana Wormhole bridge in February and the theft of $540 million of Ethereum and USDC stablecoin from the Ronin network in March. The Ronin bridge was made seriously vulnerable by its lack of a trustless, decentralised system. The theft was carried out by the North Korea-based Lazarus Group, which hacked the “validator nodes” of the Ronin bridge. Funds could be moved out if five of the nine validators approved it. The attacker got hold of the private cryptographic keys belonging to five of the validators, which enabled the theft. Ronin’s audit on the attack concluded: “All evidence points to this attack being socially engineered, rather than a technical flaw”. Despite the Ronin attack not being a result of technical shortcomings, it illustrates how crypto interoperability and DeFi are fundamentally undermined by the security issues associated with more centralised bridging solutions.