Risks and Importances of Ethereum bridge. L2 is not safe

In this episode, I'm going to explain Ethereum Bridge.

Problems solved in this article

  • What is Bridge? Is it important?
  • Is there any problem or danger?
  • What is a famous project?

If you read this article, you can learn the followings.

Things you can learn from this article

  • The meaning of the Ethereum bridge
  • The importance of Ethereum layer2 (L2)
  • The meaning of blockchain trilemma

You can read this article without prior knowledge. It takes just 5 minutes to read this. So let's dive in.

What is the Ethereum bridge?

Please look at the image below.

ethereum-bridge2

You can see three things.

  • (1) Ethereum
  • (2) Layer 2
  • (3) Bridge Node

So I'm going to explain one by one. But I don't explain Ethereum, because probably you already know it.

Why is layer2 important?

Because Ethereum is slow, we need layer2 to speed up Ethereum.

For example, if you want to exchange your coin on Ethereum, it will take 1 to 3 minutes which is too slow. Let me explain this.

Can you create Metaverse on Ethereum?

You can not create it. Because, for example, if you want to exchange some NFTs on the Metaverse, you have to wait 1 to 3 minutes to fix your transaction, which is too slow to enjoy the game.

How does layer2 make Ethereum faster?

We use the technology of "Rollups", which is like below.

  • 1. Transaction execution outside layer1
  • 2. Data or proof-of-transactions is on layer1
  • 3. The data on layer2 is secured by layer1

Simply put, you can understand like below.

  • Layer1 = Execution layer (Ex: Ethereum)
  • Layer2 = Consensus layer (Ex: Optimism, Arbitrum...etc)

For more details, there are two kinds of technology for Rollups. The first is "Optimistic rollups" and the second is "Zero-knowledge rollups." If you want to know more, please visit LAYER 2 ROLLUPS.

What is Bridge Node?

Bridge Node is a system that controls the bridge. And there is so-called "sequencer", which is the system for controlling the order. The sequencer is like the "manager" of the bridge. Look at below.

ethereum-bridge3

The sequencer saves the data and sends the data to Ethereum periodically. If you want to know more about sequencers. Then, please visit Everything you need to know about Optimistic Rollup.

Why don't we speed up Ethereum?

Many people think like below.

kchain bridge, was hacked and stolen for $320 million. You Why don't we speed up the Ethereum? It's simple, and we don't need layer2.

To answer the question, I will explain the "Blockchain Trilemma." Please look at the image below.

ethereum-bridge4

The above is the Blockchain Trilemma. You can see three words, and we can not accomplish these simultaneously.

Blockchain Trilemma: Ethereum ver

ethereum-bridge5

Ethereum focuses on decentralization and security, so that sacrifices scalability. That's why the Ethereum community tries to build layer2.

Blockchain Trilemma: Solana ver

ethereum-bridge6

Solana focuses on scalability and security but sacrifices decentralization.

We need a high spec computer to maintain the node of Solana. Actually, it isn't easy to maintain it for an average user so that the node of Solana is centralized.

Nodes number: Ethereum vs Solana

The results are above. But actually, there is no significant difference, right? One of the problems that Ethereum has is there is no incentive to run the node. So the number is not so big.

The risks of the bridge

We can see many accidents related to the bridges.

  • (1) The hack of Wormhole bridge. Lost $320 million.
  • (2) The bug of Polygon chain. Solved by a white hacker
  • (3) The bug of Optimism. Solved by a white hacker

Why are there so many problems related to bridges? Here is the reason.

ethereum-bridge7

You can see the money on the bridge, which is the reason. If you are a hacker, you will probably target the bridge—good target for a hacker. So let me explain in more detail (1) ~ (3).

(1) The hack of Wormhole bridge. Lost $320 million.

Wormhole, a blockchain bridge, was hacked and stolen for $320 million. You can see the explanation of the white hacker below.

In short, the hacker creates face signatures to steal money caused by the mistake of programming code.

(2) The bug of Polygon chain. Solved by a white hacker

There are two incidents related to the Polygon chain.

  • 2021/12: The bug related to signature code.
  • 2021/10: The bug related to programming code.

The first one, you can see the detail here. But I want to emphasize one thing. Please have a look at the below.

The problem was a "critical" vulnerability in Polygon's proof-of-stake genesis contract, which could have allowed attackers to steal over 9.2 billion MATIC tokens (currently worth over $24 billion). The total supply of MATIC tokens is 10 billion.

This article is from The Block, which says that the hacker can steal 9.2 billion MATIC tokens. The total supply of MATIC tokens is 10 billion.

It is crazy...
If it happens,,, what happens?

Also, I want to say another bug. You can see the detail here, but I cite one sentence.

If I had to guess why the bug happened, I would say it might be due to using someone else’s code and not having a 100% understanding of what it does.

That is the comment from the white hacker who found the problem. Of course, all humans make mistakes, but be careful if you want to use a bridge or layer2.

(3) The bug of Optimism. Solved by a white hacker

Optimism is one of the most famous layer2. But if it's famous, it doesn't matter. There was a critical bug.

The bug of Geth.

Geth is the command-line interface for running an Ethereum nodes Most of the node operators use Geth, which is the most famous product.

If you want to know the detail of the bug, please visit here. But in short, this enables the attacker to have access to all tokens on the Optimism. The total locked value of Optimism is more than $340 million. If Optimism were hacked, the damage would expand to the Ethereum network.

Layer2 is not safe

Sometimes people say, "layer2 has a strong security". But I don't think so.

  • Layer 2 has strong security in theory.
  • In reality, Layer 2 is not yet safe enough.

Vitalik Buterin says, "I am optimistic about a multi-chain blockchain ecosystem," and I agree with that. But this is a story of the future. Not now.

So if you want to use layer2 or bridge, please be careful. However, I'm using DeFi and layer2 pretty much (more than a million-dollar portfolio). So I'm bullish on DeFi and layer2.

Case study for Black Swan

The meaning of Black Swan is an unpredictable event. For example, like below.

This article is from The Block, which says that the hacker can steal 9.2 billion MATIC tokens. The total supply of MATIC tokens is 10 billion.

Polygon is very famous, but what's going to happen next if the hack happens? I think it will cause a hard fork.

A hard fork is like deleting history. There is a hard fork in Ethereum history. We call it The DAO Hack. It happened in 2016.

The DAO project fund rose about $150 million, which was a significant amount at that time. But unfortunately, the money(ETH) was stolen by the hacker.

The $150 million is too big for the Ethereum community at that time. So people talked about the solution and ended up doing a hard fork.

But not all parties agreed with this situation, which caused Ethereum to split into two blockchains. Ethereum and Ethereum Classic.

Hard fork can't save all

Unfortunately, the current situation is more complicated than in 2016. There was only one Ethereum blockchain before, but now we have plenty of many chains connected to each other.

So if a compromised chain chooses a hard fork, a hacker can move the funds to another chain. So in this scenario, a hard fork can't save all.

Resources