Out of all blockchain attacks, cross-chain bridges are one of the most targetted ones. Just last week, Binance lost $570 million as a result of an exploit on Binance Smart Chain’s Token Hub Bridge. Even Binance, one of the world’s secure and reputable cryptocurrency platforms, fell victim to a cross-chain bridge hack. This brings us to an important question: why do cross-chain bridges keep getting hacked, and why do people still use them despite its security risk?
Why Do People Use Cross-Chain Bridges?
One of the biggest limitations of blockchains has been their inability to work together. Each blockchain has its own protocols or smart contracts that are not compatible with other blockchains on a programmable level. As a result, you cannot spend Bitcoin in the Ethereum network, for example. This is where cross-chain bridges come in to provide interoperability.
A cross-chain bridge connects two blockchains, enabling users to transfer data and liquidity from one chain to the other. It also allows users to access new protocols on other chains, making it so that developers from different blockchain communities can collaborate together. Moreover, with Lego-like composability of decentralized finance (DeFi) applications, cross-chain bridges can potentially open up a whole new world of efficient and creative financial services and products for users.
Without cross-chain bridges, the crypto industry would be bottlenecked by network congestions, since there is no bridge to off-load data and transaction executions.
Why are Cross-Chain Bridges Vulnerable?
When you bridge an asset to another blockchain, it is not exactly “sent.” Instead, through smart contract execution, the assets are first deposited, locked, or burned on one blockchain. Afterwards, they are then credited, unlocked, or minted on the other blockchain in the form of a wrapped token.
However, this asset conversion is not guaranteed. This is because cross-chain bridges are independent entities that do not belong to any blockchain. This means that no blockchain can verify that any asset is bridged, since they cannot access off-chain information. The bridging process mainly relies on two parties to ensure successful transfer:
- Third-party oracles who interpret off-chain data for on-chain use.
- Validators or custodians (DAO or smart contract) who safekeep the original asset and release the wrapped asset.
As you can see, there are several layers of trust, not just during the token swap but throughout the entire bridging process. Users must additionally continue to trust that they will be able to bridge the wrapped token back in the future on a 1:1 basis. Herein lies the vulnerability of cross-chain bridges: with multiple processes and third-party involvements, there is a brief window of time where hackers can target any one of these actions in isolation, not to mention possible bugs or flaws in the smart contract coding in which hackers can exploit.
How are Cross-Chain Bridges Hacked?
A successful cross-chain bridge hack typically ends up with tokens being minted on one blockchain without a corresponding deposit on the other. There are three types of exploits to achieve this:
During the bridging process, each deposit has to be validated before allowing a transfer to go through. If a hacker can create a fake deposit that validates as a real one, they can trick the system into minting free tokens without putting in any money.
This mostly happens due to a flaw in the logic of the smart contract coding, where both tokens share the same proof of event. This would allow the attacker to call the function to deposit one token with fake data that can generate proof to withdraw the other token on the other blockchain.
This is what happened to Binance when the attacker managed to forge proof messages of non-existent tokens that were then accepted by the BSC Token Hub bridge.
Signature Verification Bypass
A digital signature is a process to verify transactions, using the private key to sign the transaction and its corresponding public key to authorize the sender. However, if the smart contract uses an outdated function, it may not be able to verify the correctness of certain instructions. As a result, an attacker could create an input account with malicious data to spoof previously valid digital signatures. This would allow them to bypass the verification step and generate proof messages to mint free tokens.
The Wormhole hack is an example of this attack, where the hacker bypassed the verification step by injecting a spoofed SYSVAR account, enabling them to freely mint 120,000 wETH (worth $326 million at the time).
Validator Majority Attack
Some cross-chain bridges have validators that vote whether or not to approve certain transfers. Similar to a 51% attack, if an attacker controls a majority of the validators, they can approve any transaction, allowing them to withdraw free money. An infamous case of this is the Ronin Network hack, where the attacker took control five of the nine validator nodes and stole $620 million.