Bridging attacks will still pose a major challenge for DeFi in 2023: Security experts
Security has been a critical challenge for decentralized finance (DeFi) and its evolution. Between 2020 and 2022, hackers stole over $2.5 billion through cross-chain bridge vulnerabilities, Token Terminal data shows. Compared to other security breaches, this is a significant amount.
Problems with bridges have a root cause: Everyone has an “inherent vulnerability,” Theo Gauthier, founder and CEO of Toposware, told Cointelegraph. According to Gauthier, no matter how secure a bridge is on its own, it is “entirely dependent on the security of the chains it connects”, meaning that any break or failure in one of the two bridged chains makes the bridge overall vulnerable.
In short, bridges are used to connect different blockchains and aim to address the lack of standards between protocols. Interoperability between blockchains is considered to be a critical goal for improving the end-user experience and promoting broader crypto adoption.
Solutions for interoperability and security in the crypto industry are gaining ground despite the bear market. One of the key technologies available is zero-knowledge conversations (ZKPs), which allow data to be verified and proven accurate without revealing additional information, unlike typical interoperability solutions that require networks to reveal status.
Related: Industry High on DeFi Adoption Despite Security Flaws
Through ZKPs, it is also possible to create a ZK-powered Ethereum Virtual Machine (EVM), noted Polygon’s Chief Information Security Officer Mudit Gupta, which allows developers to launch scalable and fully private Ethereum-compatible smart contracts. Gupta also noted that:
“We believe in the old crypto adage of ‘don’t trust, verify.’ With ZK-powered solutions, this is absolutely possible. ZkEVM has shown that it can maintain privacy, decentralization, speed and scalability. With this, there is no need to sacrifice anything that has made the crypto space what it is, and actually improves it.”
For bridges, the solution will be auditing and real-time monitoring standards, noted Gustavo Gonzalez, solution developer at Open Zeppelin. Bridge’s smart contracts “should be audited, ideally by multiple third parties, before being released ‘into the wild.'” New audits should occur whenever updates are made, and all results should be shared openly with the community.”
Machine learning technology can also be used to flag potentially suspicious patterns of activity with advanced security monitoring, detecting an attack before it actually happens, Gonzalez said.
Combining security software solutions with blockchain protocols can make the whole space safer for users and investors. A Bitcoin (BTC) maximalist will say “Just use Bitcoin and you won’t have these problems at all.” While smart contracts for Bitcoin are in the works, DeFi players will be tasked with building trust within their respective ecosystems amid ongoing security concerns.
