In a Reddit post on Friday, Vitalik Buterin, the co-founder of Ethereum (ETH), outlined the critical security concerns surrounding cross-chain bridges in the blockchain ecosystem. According to Buterin, storing native assets directly in the chain (Ethereum on Ethereum, Solana on Solana, etc.) offers a certain immunity to 51% attacks. Even if hackers manage to censor or reverse transactions, they cannot propose bans to steal someone’s cryptocurrencies.
This rule also applies to the Ethereum application. For example, if hackers launch a 51% attack (which controls 51% of the total ETH supply in circulation) while an investor swaps 100 ETH for 320,000 DAI stablecoin, the final state will remain unchanged. This means that the investor would always receive either 100 ETH or 320,000 DAI.
However, Buterin went on to say that the same level of security does not apply to chain bridges. In the example you mentioned, it would have devastating consequences if an attacker deposited their own ETH on a Solana (SOL) bridge in order to receive Solana-wrapped Ether (WETH) and then reversed this transaction on the Ethereum side as soon as the Solana side has confirmed this, losses of other users whose tokens are blocked in the SOL-WETH contract, as the packaged tokens are no longer backed in a 1: 1 ratio of the original.
Buterin went on to explain how the vulnerability could escalate negatively as more bridges are added to a cross-chain network. In a theoretical network of 100 chains, the high degree of derivative dependency and overlap would mean that a 51% attack on a chain, especially a small-cap chain, can cause contagion throughout the system. According to Crypto 51, it costs hackers up to $ 1.78 million per hour to build a 51% attack vector against the Ethereum network. For blockchains like Bitcoin Cash, however, the cost drops to just $ 13,846 per hour.
My argument for why the future will be * multi-chain * but not * cross-chain *: There are fundamental limits to the safety of bridges that hop across several “zones of sovereignty”. From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
– vitalik.eth (@VitalikButerin) January 7, 2022
My argument as to why the future will be * multi-chain * but not * crossover *: There are fundamentally limits to the security of bridges over several “zones of sovereignty”.