Why the future can still be cross-chain with Connext leading the way in making cross-chain transfers as trustless & secure as possible

dfmines Cryptocurrency News February 3, 2022 | 0

A lot of users are asking about today's @wormholecrypto hack and whether Connext is vulnerable to a similar type of exploit.

This post will take this opportunity to clarify Connext's security model as well as how bridge security works more generally. 👇🧵

1 ) FIRST AND FOREMOST

Today's hack was the result of a contract bug, not an economic exploit.

Any contract has the potential to contain security vulnerabilities. This attack could also have happened to a rollup.

2 ) How does Connext mitigate contract security risks?

Through a combination of:

That said, no protocol implementation can ever be *100% safe.*

3 ) What about the secondary risks introduced by utilizing wormhole assets in Solana DeFi?

Does Connext create the same style of systemic risk? This is where things get interesting.

4 ) Bridges work in one of two ways:

In the former case, the holder of wrapped asset (user) assumes the risk of the bridge. In the latter case, the LP does.

Connext uses (2).

While today's exploit was not an economic attack, using external validators introduces economic vulnerabilities.

Connext, OTOH, uses a locally verified mechanism. Even if every router in our network colluded, your funds are safe.

The consequence of 5 ) & 6 ) is:

Connext users don't make new trust assumptions beyond those of the underlying chain/asset.

7 ) So what happens if the underlying canonical asset is insecure?

This is certainly a problem and why Connext is working closely with @nomadxyz_.

Nomad relies on fraud proofs (like ORUs) instead of validators. It's the best option for minting assets across chains.

8 ) Crosschain/rollup communication is an incredibly hard problem.

Connext has been researching L2 and interop for *years*, and we're still only scratching the surface.

If you want to help build a long-term, trust-minimized solution, hit us up!