Vitalik Buterin raised serious security concerns about cross-chain bridges in the blockchain ecosystem in a Reddit post on Friday. He cited “fundamental security limits of bridges” as the key reason for his disapproval.
Buterin claims that putting native assets directly on the blockchain (Ethereum on Ethereum, Solana on Solana, etc.) gives some protection against 51 percent attacks.
Even if hackers are able to censor or reverse transactions, they will not be able to propose blocks that will take one’s cryptocurrency.
The Ethereum application is also subject to the rule. The end state stays invariant if hackers execute a 51 percent attack (controlling 51 percent of total circulating ETH supply) and an investor trades 100 ETH for 320,000 DAI stablecoin. To put it another way, the investor will always receive either 100 ETH or 320,000 DAI.
Buterin went on to say that cross-chain bridges do not have the same level of security. In the example he gave, if an attacker deposited their own ETH onto a Solana (SOL) bridge to obtain Solana-wrapped Ether (WETH), then reverted the transaction on the Ethereum side as soon as the Solana side confirmed it, other users whose tokens are locked in the SOL-WETH contract would suffer catastrophic losses, because the wrapped tokens are no longer backed by the original on a 1:1 ratio.
Reason for the disapproval
Buterin went on to explain how the security flaw may wreak havoc on a cross-chain network as additional bridges are implemented.
Because of the high level of interdependency and overlapping derivatives in a hypothetical network of 100 chains, a 51 percent attack on one chain, especially a small-cap chain, can induce a system-wide epidemic.
According to Crypto 51, a 51 percent attack vector against the Ethereum network can cost as much as $1.78 million per hour. For blockchains like Bitcoin Cash, however, the cost reduces to as low as $13,846 per hour.
My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple “zones of sovereignty”. From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
— vitalik.eth (@VitalikButerin) January 7, 2022
