In its latest report, a few days after the Nomad hack, Chainalysis highlighted the danger that cross-chain bridges currently present in terms of security for their users. Indeed, it turns out that 2/3 of the total cryptocurrencies stolen since the beginning of the year come from this type of protocols.
Chainalysis points to weakness in cross-chain bridges
According to a new study by Chainalysis, 69% of the total cryptocurrencies stolen since the beginning of the year come from cross-chain bridges.
A cross-chain bridge allows a token to be transferred from one blockchain to another when this is not possible natively. They are often important sources of liquidity, especially when an asset is deposited and traded in its wrapped form. This is for example the case with Wrapped Bitcoin, which requires locking Bitcoin (BTC) to issue its wBTC (Wrapped Bitcoin) equivalent on the Ethereum blockchain (ETH).
Chainalysis argues, with data, that cross-chain bridges can currently be considered a barrier to blockchain adoption. Indeed, they alone have accumulated over $2 billion worth of cryptocurrencies stolen on their protocol since the beginning of the year, which seriously raises the question of how much trust can be placed in them.
Illustration of the amount of cryptocurrencies stolen via bridges (in orange) compared to the total (in blue)
It should be noted that according to the report, of the $2 billion siphoned off, half was stolen by North Korean hackers, notably by the Lazarus group, whose name comes up often, as in the colossal $624 million Ronin sidechain hack last March, which became the largest to date.
Not least because of this attack, the first quarter of 2022 was the heaviest for the industry in terms of losses, although the one we started in July includes the very recent $190m Nomad bridge hack.
What can be done to improve the situation?
According to the report, centralized exchanges are now being abandoned by hackers as the overall focus is on constantly strengthening their security, which is essential given the huge volumes of data that are hosted on them and move around.
In fact, hackers are moving towards decentralised protocols that host the largest amounts of liquidity, which is the case of cross-chain bridges as mentioned above. It is therefore vital that smart contracts developed to be foolproof are implemented in decentralised finance (DeFi).
It would be interesting if the various teams of the multiple projects evolving in this sector decided to collaborate together in order to evaluate how to make cross-chain contracts as secure as possible.
Finally, according to Chainalysis, a second complementary solution would be to implement solutions to instantly trace funds stolen during hacks. Thus, in collaboration with the various actors of the ecosystem, it could for example be possible to freeze the funds concerned or at least mark them as stolen.
