Cross-chain bridge hacks accounted for 69% of total crypto stolen in 2022, amounting to $2 billion in losses, according to a new report.
The report comes out Tuesday from blockchain analytics firm Chainalysis, noting that there have been 13 separate token bridge hacks this year — the most recent being the $190 million Nomad Bridge exploit.
Q1 2022 was by far the quarter in which most cryptocurrencies were stolen since 2021, mainly as a result of the Ronin Bridge Attack in late March, which saw $624 million worth of Ether (ETH) and USD Coin (USDC) stolen.
After the operation of the Nomad Bridge last night, an estimated $2 billion has been stolen from cross-chain bridges so far in 2022. Read our blog to learn what makes these protocols vulnerable and what the industry can do about it. https://t.co/WLo62H6NFe pic.twitter.com/CZRnqrPikh
— Chain analysis (@chainanalysis) August 2, 2022
Cross-chain bridges, also known as blockchain bridges, are designed to transfer cryptocurrencies from one blockchain network to another.
Chainalysis explains that while bridge designs vary, users typically deposit their tokens from one chain to the bridge protocol, which are then locked into a contract. The user then gets the equivalent of a parallel token in another chain.
Bridging vulnerabilities
According to the Chainalysis report, bridges are often targeted because they “have a central repository for funds that support the ‘bridged’ assets on the receiving blockchain:”
“Regardless of how those funds are stored — locked into a smart contract or with a centralized custodian — that storage point becomes a target.”
According to some experts, effective bridge design is still in its infancy and some developers have relatively little understanding of security protocols, leaving their protocols vulnerable to abuse by hackers.
In a clip from July 22 Posted on Twitter, nearly two weeks before the recent attack, Nomad founder James Prestwich says it will be “at least another year or two before there is enough familiarity between chain security models to build basic defenses:”
“In cross-chain systems, we haven’t built up that much expertise about attacks yet, people don’t know what the usual attacks are, so they don’t defend against them.”
Centralized exchanges were once the favorite target of hackers, but according to Chainalysis, the number of successful cyberattacks has decreased due to advances in security protocols.
The blockchain analytics firm has emphasized that cryptocurrency services, including bridges, should start investing in security upgrades and training sooner rather than later:
“A valuable first step to addressing issues like this could be for extremely rigorous code audits to become DeFi’s gold standard, both for those who build protocols and for the investors who evaluate them. Over time, the strongest, most secure smart contracts can serve as templates for developers to build from.
