Count of Monte Crypto: Accounting-based Defenses for Cross-Chain Bridges

Enze Liu,Elisa Luo,Jian Chen Yan,Katherine Izhikevich,Stewart Grant,Deian Stefan,Geoffrey M Voelker,Stefan Savage
2024-10-02
Abstract:Between 2021 and 2023, crypto assets valued at over \$US2.6 billion were stolen via attacks on "bridges" -- decentralized services designed to allow inter-blockchain exchange. While the individual exploits in each attack vary, a single design flaw underlies them all: the lack of end-to-end value accounting in cross-chain transactions. In this paper, we empirically analyze twenty million transactions used by key bridges during this period. We show that a simple invariant that balances cross-chain inflows and outflows is compatible with legitimate use, yet precisely identifies every known attack (and several likely attacks) in this data. Further, we show that this approach is not only sufficient for post-hoc audits, but can be implemented in-line in existing bridge designs to provide generic protection against a broad array of bridge vulnerabilities.
Cryptography and Security
What problem does this paper attempt to address?
The problem that this paper attempts to solve is the security vulnerabilities existing in cross - chain bridges (cross - chain bridges), especially that more than $2.6 billion worth of crypto - assets were stolen by attacking these bridges between 2021 and 2023. Specifically, the authors have discovered a common design flaw: the lack of end - to - end value accounting in cross - chain transactions. This problem has led to various attacks because transactions can be "unbalanced", that is, the outflow of funds can exceed the inflow of funds minus costs. ### Core Problem of the Paper The main objective of the paper is to identify and prevent these attacks in cross - chain bridges by introducing a simple balance invariant, namely: \[ \text{outflow} = \text{inflow} - \text{costs} \] This formula indicates that in a legitimate cross - chain transaction, the outflow of funds should be equal to the inflow of funds minus the transaction cost. If this equation does not hold, there may be fraudulent behavior. ### Specific Problem Description 1. **Lack of Explicit Accounting**: There is no explicit mechanism in the existing cross - chain bridge designs to ensure the balance of cross - chain transactions. This enables attackers to carry out attacks through various means (such as contract vulnerabilities, relay key theft, etc.). 2. **Review of Historical Attacks**: By analyzing the data of more than 20 million transactions between 2021 and 2023, the authors have found that all known attacks can be identified by checking this balance invariant. 3. **Need for Real - Time Auditing**: In order to prevent future attacks, a method is required that can detect and block unbalanced transactions in real - time when the transactions occur. ### Solutions The paper makes three main contributions: 1. **Balance Invariant**: The above - mentioned simple balance invariant is introduced and it is proven that it can be automatically calculated from the transaction formats of existing bridges. 2. **Retrospective Verification**: Through the empirical audit of the past 20 million transactions, the effectiveness of this invariant has been verified. It can identify all known attacks with almost no false positives. 3. **Real - Time Auditing**: It is shown that this method is not only applicable to retrospective analysis but also can be used for real - time auditing of bridge transactions to detect new attacks. In addition, a new bridge architecture "announce - then - execute" is proposed, which directly integrates the auditing mechanism into the transaction process, thereby preventing malicious transactions from being completed. ### Conclusion By ensuring the value balance in cross - chain transactions, a large class of existing cross - chain bridge attacks can be effectively prevented. This method is simple and independent of the specific details of smart contracts, and has wide applicability and practicality.