To play multi-chain DeFi, you need to know about cross-chain bridges
Recently, with the rise of Ethereum layer1 challenger and layer2 DeFi, players are no stranger to the frequently used “Cross chain bridge development”. When we use CEX to transfer encrypted assets (such as transferring assets on the Ethereum chain to coins) An exchange, and then transferred to the BSC chain in the way of BEP20), in fact, it is also using a “bridge”. There are many ways to transfer assets between different chains. The bridge is a fundamental component that is often overlooked, but is critical to assessing the security of our funds.
Additionally, thanks to the cross-chain bridge, we can use off-chain protocols to scale the network, allowing most transactions to move from blockchain layer1 to off-chain systems, thus avoiding layer1 network fees and latency issues.
What is a cross-chain bridge?
The cross-chain bridge is responsible for keeping assets on layer1 while releasing the assets on another (and external) service. It defines who will escrow the funds and the conditions that must be met for the asset to be unlocked.
In short, bridges are required whenever a layer1 blockchain like Ethereum is to connect to any other system. All bridges have similar operations:
Deposits , users can deposit funds into the bridge, and the (tokens) representing the assets will be issued on other systems;
Update the account balance , the bridge is notified of the new account balance information, which can be used to facilitate withdrawals;
Withdrawals , users can withdraw assets from the bridge based on their balances on another system, where the tokens issued will be burned.
The most common type of bridge (which people use often without realizing it is a bridge) is the single-organisation bridge:
Most cryptocurrency exchanges offer a single-organization bridge
If we only consider bridges and nothing else, then a cryptocurrency exchange can be said to be an off-chain protocol. Users can lock funds in exchanges, bypass network fees and delays when transacting, and eventually withdraw funds back to the layer1 blockchain through withdrawals.
In addition to single-organization bridges, there are two other types of bridges that rely on a set of custodians:
Multi-organization Bridge Smart Contract Development Services, a set of fixed independent parties (K/N) to keep the locked funds.
A cryptoeconomic bridge , where a dynamic set of parties (determined by their asset weights) holds custody of funds.
All three bridges on the Layer 1 blockchain are unable to verify that account balances from other systems are correct (or that other systems’ liabilities exceed the bridge’s assets). It is up to this set of custodians to verify that all withdrawals are processed according to another system. They ultimately decide whether the funds can be released, and who should receive them.
Sidechains and bridges are independent
So far, with bridges, we have mostly thought of custodial services like cryptocurrency exchanges. An increasingly popular use case for bridges is to connect one blockchain to another (this is where the term sidechain originated, by the way).
Bridge and sidechain security are separate
There are several examples of bridges:
WBTC : A single-organization bridge that brings BTC to Ethereum.
Liquid network or RSK: A multi-organizational bridge where a consortium of parties owning an HSM locks/unlocks funds from BTC to another blockchain.
Polygon Bridge . A cryptoeconomic bridge in which the 2/3 + 1 stake locked in the bridge periodically agrees on the account balances of all users on Polygon, which users can use to withdraw their funds on Ethereum (in fact, polygon eventually is controlled by a small multisig contract, but this example focuses on its long-term goals).
Rainbow Bridge . A cryptoeconomic bridge, where the bridge contract is a light client that can verify the progress of other blockchains. It does not check the validity of other blockchains, and the security of funds ultimately depends on the continued progress of other blockchains (guaranteed by cryptoeconomic rules).
Crucially, each bridge has its own security model, which is independent of the blockchain network. We can take a simple case WBTC to further illustrate:
BitGo Trust hosts the funds locked in Bitcoin, and they are responsible for issuing the same amount of WBTC on Ethereum. A smart contract on Ethereum keeps track of account balances for all WBTC transfers. Trustworthy, BitGo respects account balances recorded in smart contracts.
In the case of WBTC, there are several aspects to consider:
single custodian . WBTC’s bridge relies on a single custodian to guarantee its integrity. They can issue more WBTC on Ethereum than locked in Bitcoin, and they can decide not to cash out any WBTC withdrawal to Bitcoin.
Standalone Safe Mode . Ethereum has its own security model, independent of Bitcoin. The bridge has its own security model, Build a token bridge independent of the two blockchain networks.
Ethereum is a sidechain . Transactions have moved from Bitcoin to Ethereum’s on-chain.
What all three bridges have in common is that they do not check the integrity of the sidechain, and there is no self-enforcing contingency plan to protect funds if the custodian (or sidechain) goes offline. They only look at their own security model without considering the security of the layer1 blockchain that the bridge is on.
Layer2 protocol
The promise of Layer 2 scalability is to move transaction throughput from one layer to another off-chain system. A bridge is required to hold funds issued on another system.
However, unlike the other bridge types discussed in this article, the Layer 2 protocol strives to protect funds with the same security as a Layer 1 blockchain, and it cannot rely on custodians (or other off-chain systems) to protect funds.
It requires a new type of bridge:
Layer2 bridge. The first-layer blockchain has custody of the funds, and the bridge must ensure that the second-layer protocol cannot be compromised. In the worst case, the bridge will self-enforce the validity of the Layer 2 protocol until all funds have been withdrawn.
Layer2 bridges are the most powerful of all cross-chain bridges.
It does not rely on custodians to protect funds. Instead, the bridge has to make sure that everything works off-chain before the funds are released. If for some reason the bridge is convinced that the off-chain system is broken, the bridge can simply bypass the other network entirely.
A project focused on the layer2 bridge
That’s why the Layer 2 protocol is so exciting, and it took startups several years to come up with a solution. The race to be the first to bring the Layer2 protocol to market has largely focused on how to implement a secure layer2 bridge (and not necessarily how to implement other blockchain networks).
This is a good opportunity to further explore technical issues and definitions. We explicitly stated that the bridge must ensure that the layer2 protocol is not broken, in 4 aspects:
Data availability . How can the bridge be confident that all data from another blockchain network is public so that users can independently recompute the layer2 database?
Integrity of state transitions . How can I convince the bridge that all state transitions of the layer2 network are well-formed and valid?
Withdrawal guarantee . If the Layer2 network is compromised, how does the bridge guarantee that all honest users’ funds can be withdrawn?
Agreement validity . If the Layer2 protocol is stalled or offline, how can the bridge guarantee that the transaction can still be executed?
Of course, the above issues must be addressed, although bridge contracts require significantly less computational resources than off-chain systems, so bridges cannot re-execute all transactions in real-time. Otherwise, it’s not a scalable solution.
Solving the above problems gets us into trouble. This is the world of on-chain challenges, fraud proofs, validity proofs, publishing transaction data to layer1 blockchains (rollups) and on-chain escapes.
This article does not focus on solutions, but it is emphasized here that all solutions are not the same. Some upcoming layer2 protocols will not be able to meet the above security goals. Due to the lack of layer2 bridges, they cannot be said to be layer2 protocols.
Summarize
As mentioned above, there are four types of bridges that allow funds to be locked in one blockchain and reflected in another off-chain system (most likely another blockchain).
Custodian bridges . The first three bridges (single-organization, multi-organization, cryptoeconomy) focus on which group of custodians has control over locked funds. The role of the custodian is to verify that the off-chain system is correct before allowing funds to be withdrawn from the bridge. Assuming that the integrity of the off-chain system is the client’s problem, the custodian has enough computing resources to handle it. Although there are measures to restrict the authority of custodians, Build a cross chain bridge as well as cryptoeconomic incentives to encourage custodians to comply with the protocol, the bridge protocol does not completely restrict custodians. There are many examples of bridges losing user funds (like MtGo) because the integrity of bridges ultimately relies on trust between people.
Layer2 bridge . Bridges take over the role of custodians for custody of funds and for checking the integrity of off-chain systems. The core of the problem is that the bridge must be confident that the off-chain system has not been broken, while it lacks the computational resources to independently check each transaction (otherwise it would not be a scalable solution). Aside from the technical challenges, it’s not free either. Convincing the layer1 blockchain that off-chain systems are structurally complete and sound requires ongoing financial costs. However, the bridge has ultimate custody of the funds, not the off-chain system operator.
Overall, the jury is still out on whether users really care about Layer 2 bridges , and whether we should extend Ethereum’s security model to off-chain systems. It is possible that all 4 bridges will remain in the future, and they are critical to user adoption.
Users beware, which protocols you prefer, what type of bridges they use, and it’s important to better understand how your funds are protected from breaches.
0