Blockchain bridging fundamentally transforms the decentralized finance (DeFi) ecosystem, enabling seamless interoperability between protocols.
Bridges allow users to move digital assets between networks, revealing the power and potential of DeFi.
However, with great power…
Bridges have become the easiest target for high-profile hacking attacks in the crypto industry, with a loss of $2 billion in 2022.
What can we learn from past blockchain bridge hacks and what can developers do to reduce the risks?
Blockchain bridging hacks
Below are notable bridge hacks that have resulted in significant losses.
The hack carried out on the Ronin Bridge is not only the most significant bridge attack, but also the largest crypto attack of all time. It was orchestrated against a bridge built by Sky Mavis, a developer of play-to-own game Axie Infinity, to connect Axie Infinity’s EVM-based sidechain, Ronin Network, to Ethereum (ETC).
Through social engineering, the hackers compromised one of the company’s engineers and gained access to private keys. The hackers posed as recruiters and offered jobs to select Axie Infinity developers, one of whom took the bait.
After a series of interviews, the developer – a senior engineer – was offered the job and received a PDF file with full compensation details. By downloading the spyware-filled document, the hackers gained access to four of nine validators (responsible for verifying transactions on the network).
Since they had not yet gained control of the 50% of validators to successfully sign transactions, they exploited a backdoor that remained open when Axie Sky’s Decentralized Autonomous Organization (DAO) gave Mavis the right to act on their behalf to sign in order to carry out transactions with high user volumes.
This allowed the hackers to steal over $600 million worth of crypto assets. Specifically, the exploit resulted in the loss of 173.6k ETH and 25.5 million USDC tokens. The attack was linked to the Lazarus Group, one of the North Korean government-sponsored hacking groups that have allegedly stolen more than $2 billion in crypto assets in recent years.
Another major bridge hack was the Binance bridge hack, which resulted in the loss of over $570 million worth of crypto assets. The Binance Bridge connects and enables the transfer of assets from Binance’s BNB Chain and BNB Smart Chain to Ethereum and back.
According to Immunefi, a Web3 and crypto bug bounty and security services platform, the hackers exploited a flaw in the Binance bridge’s transaction proof. The hacker managed to obtain a message that proved the validity of a transaction and fooled the contract logic into thinking the message was actually valid, even though the hacker had no claim to the funds.
This caused the Token Hub to cash out the transaction, resulting in the outflow of two million BNB tokens, worth around $570 million at the time of the attack. While the remaining funds were frozen on the chain, the hackers were able to transfer $137 million to other chains.
Using the stolen BNB as collateral to borrow various stablecoins, the majority of the money was laundered through Venus and Geist, while the remaining money went through Uniswap, PancakeSwap, Curve Finance and Platypus Finance.
In 2022, there was another blockchain bridge hack with Wormhole, which connects Solana to other major blockchains such as Ethereum. The attack exploited an outdated function in the code to bypass signature verification.
Based on open source code commits, the code to fix this vulnerability was created back in January and published to the Wormhole GitHub repository on the day of the attack in February.
The hacker only discovered the vulnerability hours later, possibly after seeing the commits made to the code, indicating that the production application had not yet received the fixes. This allowed them to forge a valid signature for a transaction that allowed them to freely mint 120,000 Ethereum (wETH).
Unlike other bridges that have native blockchains and validators, Nomad is generally a bridge that allows users to transfer assets and data across various blockchains such as Ethereum and Moonbeam.
This cross-chain bridge is more cost-effective than others because it uses on-chain smart contracts to collect and distribute bridged funds and off-chain agents to route and verify messages between different blockchains, reducing overhead.
The hack involved a total of 960 transactions with 1,175 individual withdrawals from the bridge. The exploit was made possible by a misconfiguration of the project’s main smart contract, which allowed anyone with a basic understanding of the code to authorize withdrawals for themselves.
According to Nomad, an implementation error caused the replica contract to fail to properly authenticate messages. This problem meant that any message could be forged as long as it had not yet been processed.
As a result, contracts that relied on the replica to authenticate incoming messages were exposed to security flaws. This authentication failure resulted in fraudulent messages being forwarded to the Nomad BridgeRouter contract, allowing withdrawals.
In total, $190 million worth of cryptocurrencies were withdrawn from the bridge in the form of USDC and wETH. Following this hack, Nomad offered a bounty in which attackers could keep 10% of their funds and avoid legal consequences provided the remaining 90% was returned, in addition to a non-fungible whitehat token (NFT) as a token of appreciation. Ultimately, however, only $36 million was recovered.
The crypto industry suffered a $100 million loss from a blockchain bridge attack that targeted the Horizon Bridge of the Harmony Layer 1 blockchain. The bridge facilitates the transfer of assets between Harmony and the BNB Smart Chain and Ethereum blockchains.
Although it is not known how the hackers accessed the private keys, it was determined that the exploit was facilitated by their compromise. These keys were used to authorize a transaction and initiate the transfer of funds.
However, Harmony’s Horizon Bridge only required two of the five private keys to sign off on a transaction. After the hacker stole the two keys, he approved a transaction worth $100 million.
The hack was linked to the Lazarus Group, which laundered the funds into Tornado Cash despite being offered a $1 million bounty.
According to Chainalysis, blockchain bridges are more vulnerable to crypto hacks than blockchain networks. In 2022, bridge hacks were responsible for over 52% of all crypto losses and 64% of all Defi protocol losses.
Bridges are more vulnerable because despite their decentralized environment, they have a central point where they store all collateral for bridged assets. This makes the bridge an easier target regardless of the method of storing the assets, be it a smart contract or with a central custodian.
Furthermore, despite the development and testing of numerous new models, successful bridge construction remains a technical difficulty. These designs provide new points of attack that malicious actors could exploit over time, even as best practices improve.
Some bridge projects also publish their source codes as open source to promote openness and transparency. While open source codes promote trust, they make it easier for hackers to examine, duplicate, or find vulnerabilities in a bridge’s software.
Improving Blockchain Bridge Security
The security of the blockchain bridge can be compromised by technical approaches such as finding holes in the code or by manipulating people with privileged access to the bridge through techniques such as social engineering.
Therefore, attempts to improve bridge safety must take both vulnerabilities into account. On a technical level, developers must:
Use multi-signature technology
Multi-Sig is an approach that requires multiple approvals or signatures before a transaction is made and funds are transferred. This prevents a single party from having absolute power, creating a single point of failure.
Since multiple signatures are required, the single point of failure is eliminated and makes it harder for a hacker to get approval to complete a transaction. While the method has been used in the crypto industry for many years, many have had to increase the minimum required signatures or the total number of signatories to provide additional layers of security.
Code was also found to be a source of vulnerabilities on Bridges. Hackers can find loopholes and exploit them for assets by examining the code. Therefore, bridges must undergo comprehensive inspections and audits to identify vulnerable codes in a safer environment.
Third-party testing is also recommended, such as Trails of Bits, Solidified, Ackee Report, Halborn or Code4rena.
These audits should also be extended to newly written code before it is merged into production code to identify potential vulnerabilities that could arise as a result of the changes made.
In this approach, a bridge assumes that all transactions are valid and instead uses third-party participants to flag suspicious transactions before they are executed in exchange for rewards.
Therefore, the bridge relies on validators to detect suspicious transactions and challenge them for further investigation, resulting in a more secure bridge. However, security comes at the expense of the speed of transaction execution, as it is necessary to wait for the challenge period to expire, during which third parties can flag a transaction.
When it comes to people and their interactions with platforms, bridge owners can work to educate their developers and those with privileged access on how to identify and avoid social engineering and phishing scams.
These people should also stay up to date with the latest trends and hacks to learn how hackers are scamming developers with information that could compromise the bridge.
Undoubtedly, the increase in blockchain bridges has also led to an increase in losses incurred. This inevitably impacted the market, leading to a drop in asset prices or lower transaction volumes, albeit temporarily.
Hackers are continually developing their techniques and approaches. Fortunately, developers and platforms are also strengthening the security of the bridges and being more vigilant in securing the platform.
Additionally, the sector could eventually be regulated through the introduction of standards and frameworks to ensure the overall safety of the sector. This will make the DeFi landscape, albeit slow, safer and less at risk of hacks. This will promote and increase investor confidence, which will lead to growth in the sector.
Learn Crypto Trading, Yield Farms, Income strategies and more at CrytoAnswers