DLT Interoperability and More ⛓️#10 ⛓️ — Xscope: Hunting for Cross-Chain Bridge Attacks

In this series, we analyze papers on blockchain and interoperability (and both).

This edition covers a recent paper on cross-chain security.

Photo by Nicolai Dürbaum on Unsplash

➡️ Title: Xscope: Hunting for Cross-Chain Bridge Attacks
➡️ Authors: Jiashuo Zhang, Jianbo Gao, Yue Li, Ziming Chen, Zhi Guan, Zhong Chen

➡️ Paper source: https://arxiv.org/abs/2208.07119

➡️ Contributions:

• The authors contribute to the field of cross-chain security by 1) identifying the classes of bugs in cross-chain bridges; 2) designing security properties for cross-chain bridges, and 3) proposing a tool that can identify bugs in cross-chain bridges.

💪 Strong points:

• The proposed exposure of cross-chain bugs and the respective security models is simple yet effective.
• The work is timely and of practical implications.

😞 Limitations:

• Unfortunately, the tool only supports the formalization and analysis of cross-chain bridges, and not general-purpose cross-chain use cases. We discuss general cross-chain interoperability formalization here.
• There are no implementation details or code, nor a robust evaluation. It is difficult to assess how exactly the ideas are realized.
• The proposed tool can prevent invalid unlocking of assets (although not clear how in practice), and analyze the history of bridges to detect attacks.

🔥 Points of interest:

• The authors do very important and initial work on cross-chain security. This is needed due to the recurring, systematic attacks. We believe real-time monitoring of cross-chain use cases is essential. Eventual attacks could be mitigated via a fail-switch and programmed actions to act upon a suspicious activity (if hack is detected, freeze the bridge). Interestingly, we also believe this kind of work can be generalized to arbitrary cross-chain use cases.
• “First, managing various assets with inconsistent contract interfaces on heterogeneous blockchains introduces bug-prone on-chain logic” — this is a recurrent problem that has been partially addressed by the blockchain community via blockchain-specific protocols (such as IBC) or generic (although focused on asset transfers) protocols, such as the SATP protocol.
• There are three kinds of security bugs in bridges: inconsistencies of deposits, where the router contract emits an event that does not correspond to the real amount of locked tokens; inconsistent event parsing, where the relayer does not correctly interpret the events generated by the router contract, and unauthorized unlocking, when the relayer is bypassed, allowing to emit unlock events that do not correspond to the locked tokens.

🚀 How does it relate to our work at Técnico Lisboa, INESC-ID, and Blockdaemon? (views are my own and do not necessarily reflect the opinions of my employer)

• Enabling secure, scalable interoperability is an important part of what we do at Blockdaemon. Studying cross-chain security allows a better understanding of the technology, and therefore more secure implementations of protocols.
• We implemented a general-purpose, open-source cross-chain model generator that learns automatically from a given cross-chain use case.

🚀 What are the implications for our work?

• This work helps us build more secure blockchain interoperability middleware.