In a Reddit post on Friday, Vitalik Buterin, co-founder of Ethereum (ETH), outlined critical security concerns surrounding cross-chain bridges in the blockchain ecosystem. As stated by Buterin, storing native assets directly on-chain (Ethereum on Ethereum, Solana on Solana, etc.) provides a certain degree of immunity against attacks of 51%. Even if hackers manage to censor or reverse transactions, they cannot propose locks to take away the cryptocurrencies.
The rule also applies to the Ethereum app. For example, if hackers launch a 51% attack (controlling 51% of all circulating ETH supply) while an investor exchanges 100 ETH for 320,000 DAI stablecoins, the end state remains unchanged, that is, the investor always you would get 100 ETH or 320,000. DAI.
However, Buterin continued, the same level of security does not apply to chain bridges. In your example, if an attacker deposited his own ETH in a Solana (SOL) to get Ether wrapped by Solana (WETH) and then reversed that transaction on the Ethereum side as soon as the Solana side confirmed, it would incur devastating losses for other users whose tokens are locked in the SOL-WETH contract, such as wrapped tokens are no longer backed by the original at a 1: 1 ratio.
Buterin further described how the security vulnerability could escalate negatively as more bridges are added on an interchain network. In a theoretical network comprising 100 chains, the high level of interdependence and overlapping derivatives would mean that a 51% attack on one chain, especially a small-cap one, can cause contagion throughout the system. According to Crypto 51, it costs hackers up to $ 1.78 million per hour to mount a 51% attack vector against the Ethereum network. However, the cost comes down to just $ 13,846 per hour for blockchains like Bitcoin Cash.
My argument as to why the future will be * multi-chain *, but not * cross-chain *: There are fundamental limits to the safety of bridges spanning multiple “sovereignty zones”. From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
– vitalik.eth (@VitalikButerin) January 7, 2022
Related: Vitalik proposes a new ‘multi-dimensional’ Ethereum fee structure