A recent wormhole exploit that saw $326 million worth of ETH and SOL stolen via the Ethereum-Solana token bridge made DFINITY – a technology developer for the Internet Computer blockchain – think of new ways of addressing these kind of problems.
The ramifications of the attack, however, extend far beyond the missing millions.
Coin Rivet spoke to Josh Drake, chief operating officer at DFINITY Foundation who stressed the recent Wormhole exploit wasn’t so much about pointing fingers as it was about ensuring the same thing doesn’t happen again.
“Bridges collateralise user funds on an originating chain and ‘wrap’ them in a corresponding token standard on the destination chain,” he explained.
“This process is often handled by smart contracts, and realistically, if there’s an exploit to be found in the code, someone will find it.
“While bridges have proven invaluable for network interoperability, there’s a lot to be said for moving away from this method. Creating tokenised assets by trusting them to a third party will always lead to issues, even when the company involved is completely honest.”
“The upcoming Bitcoin integration will allow smart contracts on the Internet Computer to receive, hold, and transfer Bitcoin on the Bitcoin network — bypassing risky bridging and wrapping protocols,” he said.
Bridges only as secure as the code they’re built on
Drake explained further how DFINITY can help, adding that if one is not creating wrapped assets, there’s nothing to become uncollateralised.
“This significantly reduces the attack vectors and makes the process as robust and secure as the blockchain it’s running on.
“On the other hand, bridges will only ever be as secure as the code they’re built on, which, as we’ve witnessed, are open to exploit. Bridges introduce a level of human error into the process, and that’s where things can go wrong.”
“So you can expect to see Bitcoin traded on decentralised exchanges, used in gaming, decentralised loans, liquidity pools, prediction markets, and even staked — the sky’s the limit,” he added.
“DeFi desperately needs decentralised solutions, and the current situation with bridges is unsustainable.
“The Internet Computer’s direct Bitcoin integration ensures a more secure multi-chain future.”
In order that such a situation doesn’t repeat itself, Drake said it was important to move away from wrapped assets.
“As long as the process is controlled by third parties and unaudited smart contact code, vulnerabilities will continue to exist,” he said.
“The Internet Computer’s Bitcoin integration will take this out of the equation altogether. The situation can’t repeat if there is no bridge to attack.”
“With direct integration, Internet Computer smart contracts will be able to hold and transfer funds on the Bitcoin network in a trustless manner, with absolutely no other parties involved.”
Drake accentuated the point by utilising Chain Key cryptography. Each IC smart contract (known as canisters) will receive its own Bitcoin ECDSA public key, enabling canisters the ability to hold, send and receive Bitcoin.
“The direct integration with the Internet Computer eliminates the need for insecure and cumbersome third-party bridging and wrapping services that often become exploited,” he concluded.
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.