Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SoK: Cross-Chain Bridging Architectural Design Flaws and Mitigations

Jakob Svennevik Notland, Jinguye Li, Mariusz Nowostawski, Peter Halland Haro

TL;DR

Cross-chain bridges enable interoperability across heterogeneous blockchains but incur security risks that have caused multi-billion-dollar losses. The authors conduct a systematic, component-based analysis of 60 bridges and 34 exploits from 2021–2023, structuring architectures with the Cross-Chain Risk Framework and triangulating sources to map vulnerabilities to components. They identify 13 architectural components and 8 vulnerability types, linking each vulnerability to its component and proposing 11 impact reduction measures. The work provides a practical security checklist and highlights key issues such as private key management and cross-domain MEV, offering guidance for designing more secure, resilient bridges and outlining directions for future research.

Abstract

Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and there is next to no notion of how different architectures and their components are related to different vulnerabilities. Throughout this study, we have analysed 60 different bridges and 34 bridge exploits in the last three years (2021-2023). Our analyses identified 13 architectural components of the bridges. We linked the components to eight types of vulnerabilities, also called design flaws. We identified prevention measures and proposed 11 impact reduction measures based on the existing and possible countermeasures to address the imminent exploits of the design flaws. The results are meant to be used as guidelines for designing and implementing secure cross-chain bridge architectures, preventing design flaws, and mitigating the negative impacts of exploits.

SoK: Cross-Chain Bridging Architectural Design Flaws and Mitigations

TL;DR

Cross-chain bridges enable interoperability across heterogeneous blockchains but incur security risks that have caused multi-billion-dollar losses. The authors conduct a systematic, component-based analysis of 60 bridges and 34 exploits from 2021–2023, structuring architectures with the Cross-Chain Risk Framework and triangulating sources to map vulnerabilities to components. They identify 13 architectural components and 8 vulnerability types, linking each vulnerability to its component and proposing 11 impact reduction measures. The work provides a practical security checklist and highlights key issues such as private key management and cross-domain MEV, offering guidance for designing more secure, resilient bridges and outlining directions for future research.

Abstract

Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and there is next to no notion of how different architectures and their components are related to different vulnerabilities. Throughout this study, we have analysed 60 different bridges and 34 bridge exploits in the last three years (2021-2023). Our analyses identified 13 architectural components of the bridges. We linked the components to eight types of vulnerabilities, also called design flaws. We identified prevention measures and proposed 11 impact reduction measures based on the existing and possible countermeasures to address the imminent exploits of the design flaws. The results are meant to be used as guidelines for designing and implementing secure cross-chain bridge architectures, preventing design flaws, and mitigating the negative impacts of exploits.
Paper Structure (46 sections, 7 figures, 4 tables)

This paper contains 46 sections, 7 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Blockchain bridges
  3. Research implementation
  4. RQ1: Bridge components
  5. Trust assumption
  6. Relayer
  7. Attester
  8. Custodian
  9. Token interface
  10. Debt issuer
  11. Deployer
  12. Watchers
  13. Liquidity pool
  14. Price calculation
  15. Bridge application frontend, backend and DNS
  16. ...and 31 more sections

Figures (7)

  • Figure 1: Layers of Crosschain Communication Protocols, retrieved from crosschainriskframework.
  • Figure 2: Cross-chain aggregated path from Odos odos. Path finding and single-chain swaps are considered out of scope, while the cross-chain transfers of USDT and BTCB to WBTC are in scope.
  • Figure 3: Shows the relation between the Cross-Chain Communication Protocol and components identified in the study.
  • Figure 4: The Sankey diagram shows the exploited vulnerabilities and related components.
  • Figure 5: Categorisation of different bridges and their status of being exploited. Three kinds of borders indicate whether the bridges have been exploited: 1) Bridges with a solid red frame have been exploited. 2) Bridges with a dashed cyan frame had known vulnerabilities that were fixed before being exploited. 3) Bridge exploits with a pink dotted frame have are out of scope.
  • ...and 2 more figures