Coinbase: Basics, Facts, and Statistics on Cross-Chain Bridges

introduce

Bridges are a newer concept that is starting to catch on in 2021. Bridges allow cryptocurrency holders to “move” (or “bridge”) their assets between different blockchains. This enables them to hop from chain to chain and reach out to other networks.

We found a sharp increase in Ethereum cross-chain activity starting in April 2021. The number of daily deposit activity on the Ethereum Bridge peaked in the summer of 2021, and the highest single-day record for the Ethereum Bridge was over 60,000 transactions on September 12, 2021.

This post aims to explain what bridges are, why bridges are so popular, and why bad actors bridge money across networks.

What is a bridge?

A bridge is an application that uses cross-chain communication technology to support transactions between two or more networks, which can be layer 1, layer 2, or even off-chain services. Simply put, bridges allow cryptocurrency holders to transfer their assets from one network to another. For example, USDC holders on Ethereum may wish to transfer their USDC from Ethereum to Avalanche via the bridge application.

Bridges, however, do not move assets between chains, they link assets on one network to representations (i.e. packaged versions) of assets on another network. Cross-chain transactions are achieved through “locking”, “minting” and “burning”.

Suppose Alice wants to bridge 100 ETH from Ethereum to another network called Network Other (a composed blockchain network) via a bridge application called Bridge:

  • Alice deposits 100 ETH in the Bridge contract of Ethereum;
  • The bridge contract on Ethereum locks the asset and notifies another bridge contract on Network Other; the asset can only be accessed when the user makes a withdrawal request:
  • The bridge contract on Network Other generates (creates) 100 tokens, representing the locked ETH (that is, the packaged ETH);
  • The Bridge contract transfers the newly minted ETH to Alice’s address on Network Other:

1650613639325809

Alice now holds 100 wrapped ETH on Network Other. Later, she received 10 packaged ETH from someone else. Now, her address balance on Network Other has increased to 110 packaged ETH. She decides to withdraw all funds back to Ethereum:

  • On Network Other, Alice sends 110 packed ETH to the bridge contract;
  • The bridge contract on Network Other burns (destroys) 110 packaged ETH and notifies the bridge contract on Ethereum;
  • The Bridge contract on Ethereum verifies the withdrawal request (e.g. does Alice actually own 110 packaged ETH on Network Other). If all checks pass, it unlocks 110 ETH to Alice’s address on Ethereum:

1650613639326031

How and when did bridges become so popular?

Bridge technology starts to take off in 2021. Especially after April 2021, we see an exponential increase in Ethereum’s cross-chain traffic — including the number of transactions per day and unique addresses stored to Ethereum bridges. We believe that this upward trend may be driven by one of the following reasons:

  • An increase in the number of bridge applications. Wormhole launched the Ethereum-solana bridge, Multichain (AnySwap) launched the Ethereum-Fantom bridge and the Ethereum-moonriver bridge, and Celer launched the cBridge in 2021.
  • The number of new networks that can be connected to Ethereum increases. Avalanche, Ronin, Arbitrum One, Optimism and Solana launch in 2021.
  • An increase in the number of decentralized application (dApp) projects launched on chains other than Ethereum has incentivized the use of these systems.

Why do users want to bridge?

Often, users want to connect from one network to another because they need to:

  • Faster and cheaper deals.
  • Use non-web-native assets.
  • Access to a wider range of dApps. Users may wish to connect funds from Ethereum to the Ronin network to access Ronin-specific applications such as their gaming dApps; as some dapps are not deployed on the Ethereum mainnet.
  • Get extra income from incentive programs. Many users choose to bridge because the target network or projects on the target network may send free tokens to their community members.

What has happened since 2021?

A lot has happened in 2021. Between July and November, many new dapps and new networks were launched. Ethereum’s bridging activity peaked during this period. From the fourth quarter of 2021, most bridges will be quiet. However, this is not the case for the Polygon PoS bridge – in terms of deposit transaction numbers throughout 2021, we see strong and stable bridge traffic from Ethereum to the Polygon network, which eventually leads to Polygon PoS in Q1 2022 Dominate cross-chain traffic.

Figure 1 below shows the number of daily deposit transactions for the Ethereum Bridge. Our theory is that the surge around September 11, 2021 was driven by the launch of Arbitrum One.

1650613639326172

Figure 1 Number of transactions deposited into the Ethereum bridge per day since 2021.

Let’s take a look at the bridge dynamics of deposits and withdrawals in USD. Figure 2 below shows daily deposits and withdrawals in USD in Q1 2022. We believe that some of the sharp rises in transaction volume were driven by events (e.g. launching a new project, airdrops, incentive programs, whale activity, bridge bugs, etc.).

  • The top 3 total deposits in the first quarter of 2022 are AnySwap Fantom bridge (green, about $8.4 billion), Avalanche bridge (pink, about $7.8 billion) and Polygon PoS bridge (blue, about $4 billion);
  • The top three total withdrawals in the first quarter of 2022 are Avalanche bridge (pink, about $10.5 billion), AnySwap Fantom bridge (green, about $6 billion) and Polygon PoS bridge (blue, about $3.8 billion);

We also observed a very interesting pattern of funds movement, especially in AnySwap’s Fantom bridge, where large amounts of funds were moved to the Fantom network and then withdrawn to the Ethereum mainnet within a very short period of time.

1650613639329928

1650613639354892

Figure 2 Ethereum Daily Deposits in USD in Q1 2022

How safe is the bridge?

As with most new technologies, there are some risks to consider. For example, there is a risk that a user’s funds could get stuck in the process of depositing and withdrawing, or they could fall victim to cyber theft. When users decide to connect an asset, they should also be aware of potential risks so they can make more risk-driven decisions.

The risk of theft is the most common risk that can result in the loss of some or all of the funds in the bridge contract. Here are some issues that can lead to theft:

  • Vulnerabilities in smart contracts. Programming or logic errors can have serious implications for bridge security, creating opportunities for attackers to steal locked funds from bridge contracts.

The latest example is the Wormhole attack in February 2022. The attacker discovered a vulnerability in the smart contract code, forged 120,000 Solana ETH without bridge approval, and withdrew 80,000 ETH from Ethereum on February 2, 2022. Fortunately, Jump Trading bridged the gap by depositing 120,000 ETH into Ethereum’s bridge contract.

1650613639352698

Figure 3 Daily deposits and withdrawals of the Wormhole bridge in USD.

  • custodian. Today, most bridge applications rely on external authorities to interact with the bridge and withdraw funds. They are the custodians of locked funds – they can be a trusted party (like the AnySwap bridge) or a pool of validators bound by stake (like the Polygon PoS bridge and the Ronin bridge). There is thus a risk that the custodian may compromise or act maliciously.

On March 23, 2022, the Ronin attacker compromised all four validator nodes run by Sky Mavis. Sky Mavis is the company that developed the Axie Infinity game, Ronin Network and Ronin bridge. With the addition of a fifth validator (run by Axie Dao), the attacker controls the majority of validators (5 out of 9 validators).

The attacker then withdrew 173,600 ETH and $25.5 million in USDC from Ethereum’s Ronin bridge without any verification.

1650613639463974

Figure 4 Ronin Bridge daily USD deposits and withdrawals

  • Malicious layer 1 miners/validators. If more than 50% of layer 1 computing power or staking is controlled by malicious miners or validators, they can attack on-chain bridges and steal locked funds. For example, after assets are bridged to another network, they can resume deposit transactions done on Ethereum, which allows attackers to withdraw funds from another network without depositing on Ethereum. Alternatively, they can prevent the bridge contract from getting updates from another network, which can cause significant damage to user funds locked on the bridge.

These scenarios are unlikely, but not impossible. In the worst case, if assets locked on the exploited bridge have been bridged from another network and used in a DeFi application, this could lead to cascading contagion across multiple blockchain networks.

Bridge users should be aware that damage caused by theft is often irreversible.

What can we expect in 2022?

Considering the explosive growth of bridges in 2021, we believe that the popularity of bridges will continue to rise, especially as we expect to see developments in the following areas:

  • bridge needs. As more networks and bridges roll out this year, we see more users looking to build bridges between networks;
  • CEX. By 2022, more centralized exchanges will allow alt-Layer 1 and Layer 2 direct deposits and withdrawals.
  • bridge safety. As more users are willing to bridge, more crypto assets will be locked in bridge contracts – creating a honeypot effect that will increasingly attract hackers.
  • Risk awareness. Currently, many transitional decisions are driven by cost. We believe people have different risk appetites. However, there is a big difference between choosing the risk weight of a bridge and choosing a cheaper bridge just because the fee is low.

It will be interesting to see whether more risk-driven decisions will be made when selecting bridges in the future as more information and discussions about bridge safety emerge.

Total
0
Shares
Leave a Reply
Related Posts