How do cross-chain-bridges work why are these the most vulnerable spots?

Cross-chain-bridges allow the ability to transfer assets across different blockchain networks. Today, we're going to delve into one of the key mechanisms behind this technology: the Burn and Mint mechanism.

This mechanism is an elegant solution, allowing assets to move seamlessly from one blockchain, as example Ethereum <-> Avalanche.

First of all, we need to mention that there are different mechanisms employed by bridges, such as locking tokens in a smart contract and minting wrapped tokens on the source chain. However, today we will focus on protocols which employ the burn and mint mechanism.

Step 1: Initiating the transfer on Ethereum

Whenever a user decides to transfer their tokens to another blockchain, this is achieved by calling a specific function in a smart contract designed for this purpose. This contract then burns the desired amount of tokens and triggers an off-chain mechanism.

Step 2: Triggering the off-chain mechanism

Now, this is where the magic happens. Once the tokens are burned, an off-chain mechanism kicks in. This might involve event listeners that are keenly monitoring these burn events. Think of it as a vigilant sentry that, upon noticing the burn event, initiates the next critical step in the transfer process. This off-chain approach plays a pivotal role in communicating between different blockchains, which, by their nature, don't natively talk to each other.

Step 3: Triggering the release on the target blockchain

In our example, the target blockchain is Avalanche. The off-chain mechanism detected the burn event on Ethereum and now triggers a corresponding smart contract function call on Avalanche.

Step 4: Minting Tokens on Avalanche

Upon receiving the trigger, the smart contract on Avalanche is invoked and mints the same amount of tokens that were burned on Ethereum. This ensures that the total supply of tokens remains constant, preserving the economic stability of the token across both networks.

This was basically it, as trivial as it sounds it is, on a high-level.

However, now let's come to the dark side of bridges. Billions of dollars have been hacked from various bridges.

Most common vulnerabilities:

Key compromise: Often funds are hold by a multisig, which can result in a total loss, if compromised.

Example: Multichain bridge

Off-Chain implementation vulnerability: Risk of compromise in the systems monitoring on-chain events, leading to unauthorized actions.

Example: Non-public (confidential)

SC vulnerabilities: Flaws in contract code that can result in the following issues:

- Unprivileged minting

- Unprivileged trigger in off-chain implementation

- Draining of locked funds

- Unlimited approval spending.


Nomad bridge: Lack of input validation

BNB bridge: Unprivileged minting

Bungee/Socket: Unlimited approval spending

Please retweet if you found this useful!