Cross-chain-bridges allow the ability to transfer assets across different blockchain networks. Today, we're going to delve into one of the key mechanisms behind this technology: the Burn and Mint mechanism.
This mechanism is an elegant solution, allowing assets to move seamlessly from one blockchain, as example Ethereum <-> Avalanche.
First of all, we need to mention that there are different mechanisms employed by bridges, such as locking tokens in a smart contract and minting wrapped tokens on the source chain. However, today we will focus on protocols which employ the burn and mint mechanism.
Step 1: Initiating the transfer on Ethereum
Whenever a user decides to transfer their tokens to another blockchain, this is achieved by calling a specific function in a smart contract designed for this purpose. This contract then burns the desired amount of tokens and triggers an off-chain mechanism.
Step 2: Triggering the off-chain mechanism
Now, this is where the magic happens. Once the tokens are burned, an off-chain mechanism kicks in. This might involve event listeners that are keenly monitoring these burn events. Think of it as a vigilant sentry that, upon noticing the burn event, initiates the next critical step in the transfer process. This off-chain approach plays a pivotal role in communicating between different blockchains, which, by their nature, don't natively talk to each other.
Step 3: Triggering the release on the target blockchain
In our example, the target blockchain is Avalanche. The off-chain mechanism detected the burn event on Ethereum and now triggers a corresponding smart contract function call on Avalanche.
Step 4: Minting Tokens on Avalanche
Upon receiving the trigger, the smart contract on Avalanche is invoked and mints the same amount of tokens that were burned on Ethereum. This ensures that the total supply of tokens remains constant, preserving the economic stability of the token across both networks.
This was basically it, as trivial as it sounds it is, on a high-level.
However, now let's come to the dark side of bridges. Billions of dollars have been hacked from various bridges.
Most common vulnerabilities:
Key compromise: Often funds are hold by a multisig, which can result in a total loss, if compromised.
Example: Multichain bridge
Off-Chain implementation vulnerability: Risk of compromise in the systems monitoring on-chain events, leading to unauthorized actions.
Example: Non-public (confidential)
SC vulnerabilities: Flaws in contract code that can result in the following issues:
- Unprivileged minting
- Unprivileged trigger in off-chain implementation
- Draining of locked funds
- Unlimited approval spending.
Examples:
Nomad bridge: Lack of input validation
BNB bridge: Unprivileged minting
Bungee/Socket: Unlimited approval spending
Please retweet if you found this useful!
This mechanism is an elegant solution, allowing assets to move seamlessly from one blockchain, as example Ethereum <-> Avalanche.
First of all, we need to mention that there are different mechanisms employed by bridges, such as locking tokens in a smart contract and minting wrapped tokens on the source chain. However, today we will focus on protocols which employ the burn and mint mechanism.
Step 1: Initiating the transfer on Ethereum
Whenever a user decides to transfer their tokens to another blockchain, this is achieved by calling a specific function in a smart contract designed for this purpose. This contract then burns the desired amount of tokens and triggers an off-chain mechanism.
Step 2: Triggering the off-chain mechanism
Now, this is where the magic happens. Once the tokens are burned, an off-chain mechanism kicks in. This might involve event listeners that are keenly monitoring these burn events. Think of it as a vigilant sentry that, upon noticing the burn event, initiates the next critical step in the transfer process. This off-chain approach plays a pivotal role in communicating between different blockchains, which, by their nature, don't natively talk to each other.
Step 3: Triggering the release on the target blockchain
In our example, the target blockchain is Avalanche. The off-chain mechanism detected the burn event on Ethereum and now triggers a corresponding smart contract function call on Avalanche.
Step 4: Minting Tokens on Avalanche
Upon receiving the trigger, the smart contract on Avalanche is invoked and mints the same amount of tokens that were burned on Ethereum. This ensures that the total supply of tokens remains constant, preserving the economic stability of the token across both networks.
This was basically it, as trivial as it sounds it is, on a high-level.
However, now let's come to the dark side of bridges. Billions of dollars have been hacked from various bridges.
Most common vulnerabilities:
Key compromise: Often funds are hold by a multisig, which can result in a total loss, if compromised.
Example: Multichain bridge
Off-Chain implementation vulnerability: Risk of compromise in the systems monitoring on-chain events, leading to unauthorized actions.
Example: Non-public (confidential)
SC vulnerabilities: Flaws in contract code that can result in the following issues:
- Unprivileged minting
- Unprivileged trigger in off-chain implementation
- Draining of locked funds
- Unlimited approval spending.
Examples:
Nomad bridge: Lack of input validation
BNB bridge: Unprivileged minting
Bungee/Socket: Unlimited approval spending
Please retweet if you found this useful!
