The recent attack on Harmony’s Horizon Bridge revealed the inherent flaws in multisignature administrative keys that leave projects and their users “one small oversight” away from a big problem..
Two cryptocurrency project leaders raised concerns that the expansion of the multi-chain ecosystem could be hampered by the use of multi-sig contracts. due to the dangers they pose with the bridges that keep cryptocurrency funds safe.
The term multisig refers to the requirement that multiple people approve a transaction. The multi-chain ecosystem is the conglomerate of hundreds of blockchains with different consensus algorithms that often interact through token bridges..
Moonbeam blockchain founder Derek Yoo told Cointelegraph that he advocates for new security approaches that aim to remove the element of human error from the equation.. Yoo said that the multi-chain ecosystem is seeing increased use due to the “desire to move assets to different chains” but that it needs much better security measures:
“There are inherent weaknesses in the multi-chain approach that expose you to the risk of piracy. Just a little oversight and you’re in big trouble.”
Cross-chain asset movement often requires token bridges, such as Horizon, which seized some $100 million in crypto assets on June 23.. Horizon was compromised when an attacker discovered two of the keys of its multisig contract signers.
Yoo noted that the multisig approach may be the industry standard today, but it is far from the gold standard. In his opinion, there are much more secure designs that could be implemented to bridge tokens, such as using a separate Proof-Of-Stake (PoS) network for transfers. Consider that while developers have to make trade-offs to reach busy chains:
“Interchain communication at the blockchain level is the spearhead and is the most secure type of bridge.”
Mina Foundation CEO Evan Shapiro – who developed the Mina blockchain – shares Yoo’s mistrust of the multisig approach, given the more advanced measures now available in the industry. He believes that the biggest problem facing the multi-chain ecosystem is its over-reliance on trust. On Thursday he stated to Cointelegraph:
“The obvious problem is based on third-party custodians serving as trusted intermediaries for bridges.”
In your opinion, Ideally, blockchains should verify each other, but he acknowledges that this is infeasible and inefficient. An alternative is to use zero-knowledge proofs that compress and verify the huge amount of data stored on blockchains..
Shapiro distilled the dilemma that token bridging poses to whom or to what entity do users trust when token bridging.. He said it doesn’t matter if the bridge is part one, as is the case with the Horizon Bridge, or part three. “It’s not about code development,” he said:
“He talks about the risks of custody bridges. If you have a guarded bridge, a fixed number of people can compromise it.”
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.