Cross-chain-bridges allow the ability totransfer assets across different blockchain networks. Today, we're going todelve into one of the key mechanisms behind this technology: the Burn and Mintmechanism.
This mechanism is an elegant solution,allowing assets to move seamlessly from one blockchain, as example Ethereum<-> Avalanche.
First of all, we need to mention that thereare different mechanisms employed by bridges, such as locking tokens in a smartcontract and minting wrapped tokens on the source chain. However, today we willfocus on protocols which employ the burn and mint mechanism.
Step 1: Initiating the transfer on Ethereum
Whenever a user decides to transfer theirtokens to another blockchain, this is achieved by calling a specific functionin a smart contract designed for this purpose. This contract then burns thedesired amount of tokens and triggers an off-chain mechanism.
Step 2: Triggering the off-chain mechanism
Now, this is where the magic happens. Oncethe tokens are burned, an off-chain mechanism kicks in. This might involveevent listeners that are keenly monitoring these burn events. Think of it as avigilant sentry that, upon noticing the burn event, initiates the next criticalstep in the transfer process. This off-chain approach plays a pivotal role incommunicating between different blockchains, which, by their nature, don'tnatively talk to each other.
Step 3: Triggering the release on thetarget blockchain
In our example, the target blockchain isAvalanche. The off-chain mechanism detected the burn event on Ethereum and nowtriggers a corresponding smart contract function call on Avalanche.
Step 4: Minting Tokens on Avalanche
Upon receiving the trigger, the smartcontract on Avalanche is invoked and mints the same amount of tokens that wereburned on Ethereum. This ensures that the total supply of tokens remainsconstant, preserving the economic stability of the token across both networks.
This was basically it, as trivial as itsounds it is, on a high-level.
However, now let's come to the dark side ofbridges. Billions of dollars have been hacked from various bridges.
Most common vulnerabilities:
Key compromise: Often funds are hold by amultisig, which can result in a total loss, if compromised.
Example: Multichain bridge
Off-Chain implementation vulnerability:Risk of compromise in the systems monitoring on-chain events, leading tounauthorized actions.
Example: Non-public (confidential)
SC vulnerabilities: Flaws in contract codethat can result in the following issues:
- Unprivileged minting
- Unprivileged trigger in off-chainimplementation
- Draining of locked funds
- Unlimited approval spending.
Nomad bridge: Lack of input validation
BNB bridge: Unprivileged minting
Bungee/Socket: Unlimited approval spending
