Opinion: Prudent Selection of Bridges Essential for Defi Creators

Disclaimer: The opinions expressed in this article are solely those of the author and do not reflect the views and opinions of the editorial team at crypto.news.

Last year, KyberSwap, a DEX aggregator, fell victim to a hack that resulted in the loss of $47 million. The incident severely impacted the protocol and caused the funds of its liquidity providers to vanish. In an unusual twist, the mysterious hacker made a demand: he would only return the stolen funds if the entire executive team resigned and appointed him as the CEO. Naturally, this demand was rejected, and the hacker proceeded to transfer the stolen funds to Ethereum using the Synapse protocol.

KyberSwap managed to survive the hack, albeit with significant consequences. The incident forced the company to reduce its workforce by half, and its total value locked decreased by 68 percent. While this hack is unfortunate, there is a silver lining to be found.

Compared to the early days of the crypto winter, the value lost in DeFi hacks has decreased by 64 percent in 2023, according to data from Chainalysis. Furthermore, the median loss per hack has declined by 7.5 percent. These statistics indicate positive progress in the security of the DeFi space. Bridges, which are blockchain protocols that enable cross-chain interoperability, have played a significant role in expanding the capabilities of DeFi and facilitating the flow of assets.

Bridges also foster innovation by providing developers with opportunities to explore new ways of utilizing cross-chain capabilities. This has led to the creation of new financial products, improved scalability, enhanced privacy features, easier collaboration, and flexible risk management.

However, despite the decline in security breaches and the rise of bridge-based DeFi innovation, blockchain interoperability is still limited. Each cross-chain protocol or bridge establishes a connection between two blockchain networks, meaning universal interoperability would require a complex web of protocols linking every blockchain together. This presents security challenges, as hackers are constantly searching for vulnerabilities to exploit in protocols and smart contracts. Since most bridges rely on smart contracts, these contracts become a prime target for hackers.

Security challenges are difficult to eliminate, especially on unregulated bridges. Bridges that interact with external systems are susceptible to hacking and manipulation. Users who transfer assets between different blockchain networks using trusted or trustless bridges must consider the serious security risks involved.

Trusted bridges, like Binance Bridge, offer simplicity and compliance but sacrifice decentralization by relying on a third-party entity. Trustless bridges prioritize decentralization, security, and permissionless access, but their reliance on smart contracts makes them vulnerable to attacks.

Both types of bridges have been exploited, and the lack of KYC and AML protocols among most bridges makes them an attractive option for hackers looking to launder stolen funds. Since bridges are the primary mechanism for connecting isolated blockchains, DeFi developers and users must exercise caution when using cross-chain protocols.

The choice between trustless and trusted bridges depends on the specific use case and the trade-offs that developers or users are willing to accept. While trusted bridges may be preferred for simplicity and lower fees, trustless bridges offer complete control within a decentralized environment. However, the security factor is often overlooked when bridging assets.

The KyberSwap hack serves as an example of the implications of security risks. If the Synapse protocol had implemented a compliance layer, the hacker would not have been able to transfer the assets into an Ethereum-based wallet. Risk-mitigation platforms with compliance modules can prevent problematic transactions, such as moving stolen funds.

Risk mitigation is no longer an optional feature. As regulatory bodies consider comprehensive laws, compliance becomes increasingly important, especially as traditional financial institutions explore DeFi services.

Adding a compliance layer to decentralized protocols is not about censorship or opposing the core ethos of crypto. It is solely about protecting user assets from criminals and bad actors. Compliance mechanisms are crucial for broader adoption in the crypto world. With evolving attack vectors in DeFi, security breaches will continue to threaten the industry and hinder mainstream adoption.

While bridges do not enable universal interoperability, proper compliance can reduce risks for users and developers and safeguard the progress of DeFi. Developers should consider a bridge’s compliance standards when engaging in cross-chain transactions.