DOMANI Concept Explainer - Bridge Risk Explainer

(DOMANI is an oracle-less Digital Asset Management platform that enables users to create, mint and manage ETF-style tokenized funds. The views expressed in the article below should not be taken as investment advice. Always do your own research.)

Bridges are convenient. They allow for assets to be interchanged between blockchains in a seamless manner by creating synthetic derivatives that represent an asset from another blockchain. Wrapped tokens deriving from bridges are common, widely used and accepted within DeFi, so much so that over $32 billion in assets are held by bridges. But, should you trust your assets held in bridges? Should $32 billion in assets be held by third parties? Let’s take a look at some examples where bridged assets were not secured as they should have been. 

Just today (August 2nd, 2022) we saw the Nomad cross-chain bridge being hacked for $190m. This is not an isolated event in the world of DeFi, as bridge exploits have cost DeFi users well over $1 billion in stolen assets in 2022 alone. Whilst $190m is considerable size, it only puts the Nomad hack in the third largest bridge hack of 2022. In February of this year, the Wormhole hack saw attackers exploit a smart contract code to mint themselves $320m in wrapped Ether without posting the required collateral. Just a month later, in March, the Axie Infinite Ronin bridge hack resulted in over $625m in stolen crypto currencies through a months-long phishing campaign to acquire private keys associated with its multisig wallet. 

Interestingly, all top bridge hacks this year have been exploited in different ways. In the case of Nomad, it was an error on the part of the protocol’s developers as they accidentally pushed a routie upgrade which told the protocol to process any transaction with the default root hash of “0x00”, where usually blockchain networks require a unique root as proof that the transaction is valid. In essence, this meant that Nomad would approve any transaction submitted to the protocol. After an initial attacker realized and initiated the bulk of the illicit transfers, other users copy-pasted the attacker’s transaction script and replaced the receiver address with their own, essentially allowing users with no knowledge of the Ethereum programming language, Solidity, to take funds from the exploit. Whilst the top three bridge hacks were all different in how they were conducted, they showcase how fragile the system built upon them really is.

It must be said that DeFi bridges are not all inherently flawed with regards to their smart contract risk, as not all bridges are built the same, but the fact that three bridge hacks in 2022 alone have caused over $1 billion of users' funds to be stolen is not a good sign. It’s also not a good sign that Vitalik Buterin, one of the founders of Ethereum, is strongly against cross-chain bridges exactly because of bridge risk and makes a strong distinction between cross-chain and multi-chain solutions due to the risk associated with bridges stating that “it is safer to hold native assets on the same blockchain on which they were created”. Multi-chain can exist without the use of bridges, cross-chain cannot.  

Whilst smart contract risk can be audited and limited to a considerable extent, it’s also important to note that bridges are moving away from a trustless form of verification as they require a third party to be trusted in keeping the locked assets safe from a potential exploit. These assets must also be locked in a centralized manner in order to operate. These two factors in conjunction, mean that bridges contradict the very essence of blockchain which should be decentralized and trustless.

DOMANI believes in a multi-chain future. Since our native launch on Ethereum, we’ve gone on to launch on Avalanche mainnet as well as Algorand and zkSync testnet. The DOMANI protocol’s native token, $DEXTF is native to Ethereum and is also available on Avalanche through the Multichain (Anyswap) bridge. Taking into consideration the potential risks associated with bridges, we are currently reconsidering our previous approach of expanding $DEXTF through third party bridges and we will have some exciting announcements to make in the coming months. 

About DOMANI Protocol

DOMANI Protocol is an asset management protocol that facilitates portfolio tokenization, rebalancing, and a multiswap DEX to trade a multi-token position in a single transaction.