Bridge solutions have been the target of several high-profile hacks recently — see here and here, for example.
This raises the question, will BTP be any safer when it launches?
While the proof will be in the pudding, of course, there is reason to believe that yes, BTP will offer a more secure interoperability solution than existing bridging solutions. Or at least ones that rely on trusted verifiers.
As BTP Intern said on Twitter:
“Trustless bridging is the only way forward… Solutions like BTP’s on-chain light clients remove the risk compromised “trusted” parties.”
And:
“Any bridge using off-chain, “trusted” parties pose an unacceptable security risk. On-chain light clients are the way.”
We asked around for explanations as to what makes BTP safe from the hacks that have bedeviled some other bridging solutions. Referring to the most recent hack of Harmony’s Horizon Bridge, Digitaldave.eth — one of the ICON community’s best communicators of all things tech — put it this way, pointing to chapter 2 of the BTP Litepaper:
“Harmony’s Horizon Bridge seemingly uses a form of Proof-Of-Authority Consensus, meaning that the bridge relies on signatures by permissioned validators to confirm to the destination chain that a transaction occurred on the source chain. This is a trusted bridging solution. Because validators are assumed to be trustworthy, verification is unnecessary. (this method is more or less confirmed in the Horizon Bridge FAQ.
It seems likely that in this particular hack, access to trustworthy validators was gained by the hacker. Using their signature power to drain the bridge smart contracts of the funds stored within.
Now we can take a look at BTP and figure out if the same (hacking) risks apply to this bridging solution.
ICON’s BTP uses On-chain Light Clients. Very simply put, small pieces of partner blockchains will run on top of the ICON blockchain. This way, a cross-chain transaction can travel from its origin to its destination, without ever leaving the confined safety that the underlying blockchain offers. Note that this so-called ‘Hub Architecture’ is much better explained in chapter 3 of the BTP Litepaper, with chapter 5.2 even offering an example cross-chain transaction with all its components involved. Based on these examples, we can derive the following:
- With BTP, no user funds are stored in bridge smart contracts
- With BTP, atomicity applies. This means that a cross-chain transaction is successful if and only if all transaction components have been completed. Otherwise the cross-chain transaction is rejected, the process backs out and user funds remain intact at the origin
- BTP transaction is as safe as the blockchains it is being performed on. Without the need for trusted validators or off-chain oracles.”
It should be noted that Digitaldave.eth’s explanation applies to BTP — as spelled out in the litepaper — and not necessarily to ICON Bridge, the permissioned “lite” version of BTP.