Most bridges ‘absolutely not secure’: Chainlink co-founder
Bridges need to have multiple decentralized networks while ensuring that risk parameters are appropriately managed, Sergey Nazarov says
A Daily Odyssey/Shutterstock modified by Blockworks
As Chainlink looks to aggressively enter the cross-chain bridge space, co-founder Sergey Nazarov claimed that most bridges are “absolutely not secure.”
In an interview with Blockworks, Nazarov said the crypto industry has a pattern of investing money into projects that do not have the capability to secure the ecosystem.
“The systems that are built in this industry promise a lot of things, but then they’re not able to secure the value one way or another,” he said. “Creating real security is not so simple.”
Bridge infrastructure has been particularly difficult to decentralize, Nazarov explained. This is because unlike forked blockchains, where developers can benefit from inventions around security research, bridges themselves are not blockchain-based systems.
“They’re a new invention, and so far no one has invented a secure way to do bridging,” he said. “Most bridges are a single server that transmits information and value between two chains, which is absolutely not secure.”
Because simple bridging itself is not secure, entities may begin to create what he characterized as a false appearance of decentralization by providing multiple servers — false decentralization because it is still under the control of one single entity.
To move on from this “decentralized theater,” bridges may turn toward creating “one monolithic network.” In this instance, multiple nodes — run by independent entities — will operate on one single network.
The problem with network architecture, however, is that if anything were to happen to the network, then all the nodes would shut down.
“It’s not scalable because you cannot pass all the transactions across all chains to one network, just like you cannot pass all blockchain transactions in the world through one chain,” he said.
As an alternative, Nazarov envisions a cross-chain communication platform that would be run by multiple separate networks that can also dynamically respond to risk.
Drawing on the example of Chainlink’s own Cross-Chain Interoperability Protocol (CCIP), Nazarov notes that the protocol comprises three different networks on every bridge.
Read more: Chainlink rallies hardest since May 2021 after CCIP release
“There are two networks that validate and execute every transaction, then there’s a third network called the Risk Management Network, which doesn’t execute the transactions but approves or denies transactions based on risk parameters,” he said.
This means that the bridge creator — the bank or the decentralized app that relies on the bridge — can introduce and set risk parameters without ever needing to sign transactions or be involved in touching the value.
“That risk management layer can continue to evolve, so that when risks appear, community and application developers can adapt to those situations extremely quickly and keep how they manage risk updated,” Nazarov said.
Since its launch at ETH cc in Paris, CCIP has drawn the attention of various banks and financial institutions across the globe. Most recently, it has worked with banking partners such as BNP Paribas, BNY Mellon and ANZ, among others, to experiment with transacting tokenized assets across blockchains.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: Unpacking crypto and the markets.
- Empire: Crypto news and analysis to start your day.
- Forward Guidance: The intersection of crypto, macro and policy.
- 0xResearch: Alpha directly in your inbox.
- Lightspeed: All things Solana.
- The Drop: Apps, games, memes and more.
- Supply Shock: Bitcoin, bitcoin, bitcoin.
