The Wormhole Bridge Attack Explained
Are the security risks of cross-chain bridges something to worry about? What should HNIs and Institutions look out for?
On the 2nd of February 2022, a hacker exploited a signature verification vulnerability in the Wormhole network to mint 120,000 Wormhole-wrapped Ether on Solana. These tokens were not backed by Ether deposits on the Ethereum side of the Portal bridge. The attacker then bridged 93,750 of these tokens to Ethereum, withdrawing over $300 million in current prices.
Wormhole reached out to the hacker via a blockchain message, offering them $10 million in cash in return for the stolen funds and an explanation of how they conducted the exploit. While previous hacks such as the one on Poly Network last August resulted in the funds being returned, it is unlikely this hacker will.
Wormhole is a decentralized, cross-chain message passing protocol. It enables applications to send messages from one chain to another. The network is operated by a decentralized group of nineteen Guardians who sign each transmitted message to attest to its authenticity. The protocol uses a multi-party signature system where a message is treated as authentic if two-third of the Guardians have signed it. These Guardians are also responsible for governing the Wormhole network. Any upgrades to the protocol and contracts require a two-third supermajority vote of Guardians.
The recent Wormhole attack makes it one of the largest DeFi attacks in recent history. Other large attacks include a $611 million attack on Poly Network in August 2021, Cream Finance and BadgerDAO.
A blockchain developer on twitter - @samczsun - in a thread tried to reverse engineer the exploit after Wormhole made a security patch and shared on his timeline.
With an exploit of such size, and with current market volatility, one would usually expect mass panic in the market for wETH, as the backing for the token has just taken a $322 million hit. Surprisingly, the wETH to ETH price has remained fairly stable. Shortly after the hack, the Wormhole team came on Twitter to confirm the exploit and also to say funds were being added back to the bridge to return the wETH backing to a 1:1 ratio with ETH, alleviating people’s fears.
Even though the stolen funds have been recapitalized, the worst may still be yet to come. What the hacker decides to do with such huge amount of remains to be seen. As it is becoming increasingly more difficult to cash out a large sums of crypto without an explanation of where it came from, hackers are more likely to use the funds to manipulate markets so they can wash these cash through price movement on other accounts.
What are cross-chain bridges?
One of the biggest problems of blockchain was the inability to work together. While fluid and somewhat efficient as single entities, each blockchain is limited by the walls of its own domain. Most often this can lead to high transaction costs and congestion.
A blockchain bridge, otherwise known as a cross-chain bridge, connects two blockchains and allows users to send cryptocurrency from one chain to the other. Basically, if you have bitcoin but want to spend it like Ethereum, you can do that through the bridge.
Blockchain bridges attempt to solve this problem by enabling token transfers, smart contracts and data exchange, and other feedback and instructions between two independent platforms.
Cross-chain bridge limitations
There have been criticisms on the security of cross-chain bridges and most significantly and recently by the co-founder of Ethereum, Vitalik Buterin. Vitalik argues that security limitations are the main reasons cross-chain bridges will not succeed.
In his argument, Vitalik highlighted the “fundamental security limits of bridges” as the key reason for his disapproval of a cross-chain environment. In his explanation, Vitalik mentioned that he disagrees with the mentality that all security mechanisms fail if and when a blockchain suffers a 51% attack. The objective of a 51% attack is to manipulate the integrity of the transactions being registered in a blockchain by controlling more than 50% of the network’s mining hash rate or computing power.
Vitalik went on to explain that the same principle applies to any Layer 2 that is built on the Ethereum main chain. In this regard, he said:
“If Ethereum gets 51% attacked and reverts, Arbitrum and Optimism revert too, and so “cross-rollup” applications that hold state on Arbitrum and Optimism are guaranteed to remain consistent even if Ethereum gets 51% attacked. And if Ethereum does not get 51% attacked, there’s no way to 51% attack Arbitrum and Optimism separately.”
Vitalik concluded by saying that he does not expect these problems to appear quickly, but as the volume of cryptocurrency held in bridges increases, so will the incentives to attack them.
This brings us to ask the following questions on the security of cross-chain bridges:
How safe are the deposited assets with the custodians? Can their identities be stolen? Can the location of the assets be breached?
A Cross-chain bridge allows users to swap assets from one chain to another. It’s a pair of two contracts at two different chains. One contract accepts a selected asset at the first chain and freezes it. At the same time, this contract emits a signal for the second contract to create the same quantity of “wrapped” tokens at the second chain.
The problem here is that contracts can not transfer data from one chain to another, and there must be a relay that will take the signal from one contract and deliver it to another, telling it that some action needs to be performed.
The gatekeeper contract does not verify transactions on chain but blindly trust a keeper’s signatures as proof that the transactions have happened on the source chain. This means that anyone successfully impersonates keeper can trick the contract into executing whatever functions they want as was the case in the Poly Network attack.
How safe is information transfer from Chain A to Chain B? Can it be intercepted and then used for further attacks?
A typical bridge designates an address on Chain A for users to deposit their assets. The bridge then mints wrapped versions of the tokens on Chain B and issues them to the users’ accounts of choice. To withdraw, users send the wrapped tokens back to an address on Chain B for the bridge to collect and burn. The bridge then releases the locked tokens on Chain A back to users.
How accurate is the verification function? Can it be manipulated? Can identities be stolen?
The current cross-chain methods do not maintain the security of the original blockchain. They either depend on a less secure third-party system or a less secure method. This makes the cross-chain interaction less secure than the original blockchains (the security downgrade issues), or the cross-chain interaction can be done even if the paired blockchain does not exist (the blockchain invisible issue). Thus, leaving loopholes for manipulation and identity theft.
Can people be wrongly incentivized to carry out fraud? What controls are in place against collusion?
There are two blockchains, blockchain 1 and 2, which interact through an intermediate system. Security downgrade issue may occur during the cross-chain interaction if:
the intermediate system is less secure than blockchain 1 or blockchain 2, or (
the method to fetch and validate the data from one blockchain (for example blockchain 1) is less secure than that blockchain (blockchain 1)
The third-party agency is either not a blockchain system, or a blockchain system that has less secure methods. Blockchain systems are affected by those less secure factors. We call this the security downgrade issue. This can be incentivized to carry out fraud and there are little controls against collusion in place.
Can the wrong persons trigger minting and burning?
The model that is commonly used in Cross-chain Bridge is Lock-Mint-Burn.
The lock-mint-burn model operates as follows:
Step 1: Users will deposit assets in chain A to the bridge.
Step 2: This bridge will now act like a bank, minting the wrapped version of the assets on chain B for the chosen wallet address when it receives the user’s assets.
Step 3: When the user needs to withdraw assets, the wrapped number is returned to the bridge.
Step 4: Those assets will be burnt, and the bridge will grant users access to assets on chain A.
Users will be relying on third parties, they have full rights to use the sender’s assets leaving a loophole for an attacker to trigger a ming and or burn.
Even though there is currently a saturation of bridges in the market, we cannot say for sure we have a solid cross-chain bridge. Firstly, Most bridges are still not generalized solutions —each chain has to build its own custom-fit cross-chain bridge, with inconsistent stability and APIs.
Secondly, because most cross-chain bridges use the lock-mint-burn model, liquidity is very fragmented, and confusing naming schemas can lead to an unclear understanding of what each token actually represents. Most importantly, a number of these bridges are simply not safe enough for users to entrust their funds with, as the recent hacks have shown.
What should HNIs and Institutions look out for?
High net worth investors and institutional entities are all growing increasingly aware of the issues posed by chain maximalism, the risks of Balkanisation, and of the overall “rug pulls” inherent in most blockchain networks.
HNIs or institutions with large cryptocurrency or Decentralized Finance (DeFi) portfolios can protect their downside against instances of these events by doing the following:
Insurance: DeFi insurance refers to insuring your institution, or ‘buying coverage’, against losses caused by events in the DeFi industry. Cryptocurrency has come to stay and so do the risks associated with it. Institutions dealing frequently in cryptocurrency would do well to obtain insurance cover against smart contracts failure & exchange hacks from firms like NXM, Bridge Mutual, Solace, etc.
Smart Contract Audits & Blockchain Security Checks: A smart contract audit is an extensive methodical examination and analysis of a smart contract’s code that is used to interact with a cryptocurrency or blockchain. This process is conducted to discover errors, issues and security vulnerabilities in the code in order to suggest improvements and ways to fix them.
Smart contract audits and blockchain security checks are necessary, because most of the contracts deal with financial assets and/or valuable items. Blockchain is growing up. Gone are the early days of loosely connected individuals and the absence of established actors, institutions and brands. The services of firms like Solidified, Hacken, ConsenSys Diligence, Certik, PWC Switzerland (former Chainsecurity), etc offer these services.
In conclusion, as a HNI or Institution, when you do a cost analysis of losing a sizeable chunk of your portfolio to these attacks and vulnerabilities to having to expend on these precautionary measures, you realise these are very much worth it. It also gives your investors the trust-boost they may just have been looking for when doing their due diligence.
ICYMI
El Salvador Finance Minister: Bitcoin bonds to be issued as soon as March 15. Link
The Central Bank of Kenya is seeking feedback about a potential CBDC. Link
Amid CBN cryptocurrency ban, Russia set to legalize Bitcoin. Link
Decentraland, FTX ETPs Launch in Switzerland. Link
 | A guest post by
|