Vitalik laid out his thesis earlier this month.
It turned out to be a prophecy.
It may be too soon to tell if he’ll be proven right in the long term, but at the very least, the huge technical challenges of securing a cross-chain future have been laid bare: in what amounted to the second largest Decentralized Finance (DeFi) hack to date, an exploit on the Wormhole saw the perpetrators make off with US$320 million worth of assets.
- What is Wormhole?
- Is cross-chain bridging too risky?
- WTF happened?
- What’s next?
What is Wormhole?
First, let’s take a look at the protocol in question.
Wormhole is a multi-chain bridge allowing users to move crypto assets between networks. An example might be needing to move UST from your TerraStation wallet, and ending up with USDC in your Solana-based Phantom wallet.
One option could be to send UST from TerraStation to KuCoin, swap the UST for USDC, then send it to your Phantom wallet.
A second option could be to harness Wormhole and bridge tokens directly from Terra to the Solana network.
The UST ends up on the Solana network in wrapped form: a protocol such as Saber could then be used to swap the UST to USDC.
Is cross-chain risky?
Yes. For now, at least.
This can’t be stressed enough, anything cross-chain presents a huge technical challenge!
Cross-chain transactions allow users to move crypto assets from one Layer-1 blockchain to another by wrapping assets into a form that can be received by a different network.
This relies on bridges to, quoting Vitalik, ‘hop across multiple zones of sovereignty’. And given the amount of money moving across them, these bridges need to be trusted. However, the security profile of your ETH, now wrapped ETH (wETH), changes significantly when using a cross-chain bridge to move it between two different Layer-1 protocols.
These risks are inherent.
A bridge suspends tokens in smart contracts. If that bridge suffers 51% attack (when an individual or group of bad actors gain control of the hash power) the funds are vulnerable. In the case of a 51% on Ethereum itself, 100 ETH remains 100 ETH. But if you bridged 100 ETH onto Solana, only for the bridge to fall victim to a 51% attack, then your 100 Solana-wETH, which is no longer fully backed, could now be worth 60 ETH.
So, that’s a problem. Meanwhile, any open source protocol is vulnerable to being exploited: hackers will scour every line of the code to discover vulnerabilities. Which is precisely what went down with Wormhole.
What went down
The hackers uncovered a vulnerability in the code that could be exploited during the bridging process. It was a program hack, and this fantastic thread from samczsun explains it in detail.
To summarize: Wormhole was using a version of the Solana program that failed to perform a ‘sysvar’ check when issuing an instruction.
The function to issue the instruction looked like this:
But it should have looked like this::
Don’t worry if that looks like gibberish to you, here’s the point: the attacker was able to issue an instruction to create an account, spoof the guardian signature, mint 120,000 wETH on Solana to their SOL wallet, before bridging the funds back to ETH on the Ethereum network.
According to Alex Svenson, and confirmed on GitHub, the vulnerability was first identified on 16 January, but the developers didn’t roll the patch. Instead, an emergency patch was performed in the early hours of this morning, 3 February.
By then it was too late, as the hacker(s) had made off with the goods.
Wormhole quickly offered a US$10M bounty to the hackers in return for the stolen assets.
But in the absence of any potential negotiation with the ‘not-a-white-hat’ hacker, Wormhole announced a bailout just a few hours before the time of publication, courtesy of Jump Capital, who had merged with Certus One in August 2021, as well as the support of Sam Bankman-Fried (SBF). Certus One had played an instrumental role in the development of the Wormhole bridge. So perhaps they felt responsible. And perhaps SBF was keen to donate his money to good causes as he always promises (or was he just stepping in to protect the interests of FTX..?).
This wasn’t a Solana problem, it was a bridging problem. Vitalik told us, and his thesis turned out to be a prophecy, even down to the Solana-wETH contract he used as an example!
Bridges may be necessary for cross-chain transactions, but there’s no way to spin it: currently, it’s safer to hold Ethereum native assets on Ethereum, and Solana native assets on Solana. And in this context, Ethereum refers not just to the base chain, but also to Layer-2s. Which brings in the Layer-2 narrative we’ve already spoken about.
In a way, this is also a vote for Ethereum Layer-2. How? Aren’t you always bridging ETH from Ethereum to Matic? Well no, not really. As Vitalik explained in the prophetic blog post, if Ethereum gets a 51% attack and reverts, all the Layer-2’s will also hold that state. So there’s no way you can reverse Ethereum and not reverse Arbitrum or Optimism. We believe the bridge narrative will continue, in spite of the inevitable exploits. We also believe the Layer-2 narrative is still a major play for the year ahead!