Jiajing Wu,Kaixin Lin,Dan Lin,Bozhao Zhang,Zhiying Wu,Jianzhong Su

2024-10-18

Abstract:Cross-chain bridges are essential decentralized applications (DApps) to facilitate interoperability between different blockchain networks. Unlike regular DApps, the functionality of cross-chain bridges relies on the collaboration of information both on and off the chain, which exposes them to a wider risk of attacks. According to our statistics, attacks on cross-chain bridges have resulted in losses of nearly 4.3 billion dollars since 2021. Therefore, it is particularly necessary to understand and detect attacks on cross-chain bridges. In this paper, we collect the largest number of cross-chain bridge attack incidents to date, including 49 attacks that occurred between June 2021 and September 2024. Our analysis reveal that attacks against cross-chain business logic cause significantly more damage than those that do not. These cross-chain attacks exhibit different patterns compared to normal transactions in terms of call structure, which effectively indicates potential attack behaviors. Given the significant losses in these cases and the scarcity of related research, this paper aims to detect attacks against cross-chain business logic, and propose the BridgeGuard tool. Specifically, BridgeGuard models cross-chain transactions from a graph perspective, and employs a two-stage detection framework comprising global and local graph mining to identify attack patterns in cross-chain transactions. We conduct multiple experiments on the datasets with 203 attack transactions and 40,000 normal cross-chain transactions. The results show that BridgeGuard's reported recall score is 36.32\% higher than that of state-of-the-art tools and can detect unknown attack transactions.

Cryptography and Security

Jiashuo Zhang,Jianbo Gao,Yue Li,Ziming Chen,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.48550/arXiv.2208.07119

2022-08-15

Software Engineering

Abstract:Cross-Chain bridges have become the most popular solution to support asset interoperability between heterogeneous blockchains. However, while providing efficient and flexible cross-chain asset transfer, the complex workflow involving both on-chain smart contracts and off-chain programs causes emerging security issues. In the past year, there have been more than ten severe attacks against cross-chain bridges, causing billions of loss. With few studies focusing on the security of cross-chain bridges, the community still lacks the knowledge and tools to mitigate this significant threat. To bridge the gap, we conduct the first study on the security of cross-chain bridges. We document three new classes of security bugs and propose a set of security properties and patterns to characterize them. Based on those patterns, we design Xscope, an automatic tool to find security violations in cross-chain bridges and detect real-world attacks. We evaluate Xscope on four popular cross-chain bridges. It successfully detects all known attacks and finds suspicious attacks unreported before. A video of Xscope is available at https://youtu.be/vMRO_qOqtXY.

Enze Liu,Elisa Luo,Jian Chen Yan,Katherine Izhikevich,Stewart Grant,Deian Stefan,Geoffrey M Voelker,Stefan Savage

2024-10-02

Abstract:Between 2021 and 2023, crypto assets valued at over \$US2.6 billion were stolen via attacks on "bridges" -- decentralized services designed to allow inter-blockchain exchange. While the individual exploits in each attack vary, a single design flaw underlies them all: the lack of end-to-end value accounting in cross-chain transactions. In this paper, we empirically analyze twenty million transactions used by key bridges during this period. We show that a simple invariant that balances cross-chain inflows and outflows is compatible with legitimate use, yet precisely identifies every known attack (and several likely attacks) in this data. Further, we show that this approach is not only sufficient for post-hoc audits, but can be implemented in-line in existing bridge designs to provide generic protection against a broad array of bridge vulnerabilities.

Cryptography and Security

Mengya Zhang,Xiaokuan Zhang,Josh Barbee,Yinqian Zhang,Zhiqiang Lin

2023-12-20

Abstract:Cross-chain bridges are used to facilitate token and data exchanges across blockchains. Although bridges are becoming increasingly popular, they are still in their infancy and have been attacked multiple times recently, causing significant financial loss. Although there are numerous reports online explaining each of the incidents on cross-chain bridges, they are scattered over the Internet, and there is no work that analyzes the security landscape of cross-chain bridges in a holistic manner. To fill the gap, in this paper, we performed a systematic study of cross-chain bridge security issues. First, we summarize the characteristics of existing cross-chain bridges, including their usages, verification mechanisms, communication models, and three categorizations. Based on these characteristics, we identify 12 potential attack vectors that attackers may exploit. Next, we introduce a taxonomy that categorizes cross-chain attacks in the past two years into 10 distinct types, and then provide explanations for each vulnerability type, accompanied by Solidity code examples. We also discuss existing and potential defenses, as well as open questions and future research directions on cross-chain bridges. We believe that this systematization can shed light on designing and implementing cross-chain bridges with higher security and, more importantly, facilitating future research on building a better cross-chain bridge ecosystem.

Cryptography and Security

Ke Wang,Yue Li,Che Wang,Jianbo Gao,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1145/3663529.3663809

2024-01-01

Abstract:Crosschain bridges have become a key solution for connecting independent blockchains and enabling the transfer of assets and information between them. However, recent bridge hacks have exposed severe security issues, and these bridges provide new strategic weapons for malicious activities. Thus, it is crucial to fully understand and identify the security issues of crosschain bridges in the real world. To address this, we define a novel abstraction called inconsistency behavior to comprehensively summarize the crosschain security issues. Then, we further develop XGuard, a static analyzer to find the inconsistency behavior of cross-chain bridges in the real world. Specifically, XGuard first extracts the crosschain semantic information in the bridge contract on both the source chain and destination chain, and then identifies inconsistency behaviors that occur on multiple blockchains. Our results show that XGuard can successfully identify vulnerable crosschain bridges in the real world. The demonstration of the tool is available at https://youtu.be/UMASWldZHgg, the online service is available at https://xguard.sh/, and the related code is available at https://github.com/seccross/xguard.

Zeqin Liao,Yuhong Nan,Henglong Liang,Sicheng Hao,Juan Zhai,Jiajing Wu,Zibin Zheng

DOI: https://doi.org/10.1145/3643738

2024-06-23

Abstract:With the increasing popularity of blockchain, different blockchain platforms coexist in the ecosystem (e.g., Ethereum, BNB, EOSIO, etc.), which prompts the high demand for cross-chain communication. Cross-chain bridge is a specific type of decentralized application for asset exchange across different blockchain platforms. Securing the smart contracts of cross-chain bridges is in urgent need, as there are a number of recent security incidents with heavy financial losses caused by vulnerabilities in bridge smart contracts, as we call them Cross-Chain Vulnerabilities (CCVs). However, automatically identifying CCVs in smart contracts poses several unique challenges. Particularly, it is non-trivial to (1) identify application-specific access control constraints needed for cross-bridge asset exchange, and (2) identify inconsistent cross-chain semantics between the two sides of the bridge. In this paper, we propose SmartAxe, a new framework to identify vulnerabilities in cross-chain bridge smart contracts. Particularly, to locate vulnerable functions that have access control incompleteness, SmartAxe models the heterogeneous implementations of access control and finds necessary security checks in smart contracts through probabilistic pattern inference. Besides, SmartAxe constructs cross-chain control-flow graph (xCFG) and data-flow graph (xDFG), which help to find semantic inconsistency during cross-chain data communication. To evaluate SmartAxe, we collect and label a dataset of 88 CCVs from real-attacks cross-chain bridge contracts. Evaluation results show that SmartAxe achieves a precision of 84.95% and a recall of 89.77%. In addition, SmartAxe successfully identifies 232 new/unknown CCVs from 129 real-world cross-chain bridge applications (i.e., from 1,703 smart contracts). These identified CCVs affect a total amount of digital assets worth 1,885,250 USD.

Software Engineering

Qianrui Zhao,Yinan Wang,Bo Yang,Ke Shang,Ming Sun,Haijun Wang,Zijiang Yang,Xin He

DOI: https://doi.org/10.22541/au.169760541.13864334/v1

2023-01-01

Abstract:Cross-chain bridges are crucial mechanisms for facilitating interoperation between different blockchains, allowing the flow of assets and information across various chains. Their pivotal role and the vast value of assets they handle make them highly attractive to attackers. Major security incidents involving cross-chain bridge projects have been occurring frequently, resulting in losses of several billion due to cyber attacks. The diversity of vulnerability exploitation methods by hackers is vast, but not entirely untraceable. There are scarce research outcomes studying cross-chain bridge cyber incidents, and we have conducted a study based on the most recent cross-chain bridge security incidents. We introduce the working principles, components, and architecture of cross-chain bridges, explain the categorization mechanisms of the trust layer in cross-chain bridges, summarize four categories of hacker vulnerability exploitation techniques from real cases, and propose preventative measures for cross-chain bridge security.

Siwei Wu,Zhou Yu,Dabao Wang,Yajin Zhou,Lei Wu,Haoyu Wang,Xingliang Yuan

DOI: https://doi.org/10.1109/tdsc.2023.3346888

2024-01-01

Abstract:The rapid growth of Decentralized Finance (DeFi) boosts the blockchain ecosystem. At the same time, attacks on DeFi applications (apps) are increasing. However, to the best of our knowledge, existing smart contract vulnerability detection tools cannot directly detect DeFi attacks. That's because they lack the capability to recover and understand high-level DeFi semantics, e.g., a user trades a token pair X and Y in a Decentralized EXchange (DEX). In this work, we focus on the detection of two new types of price manipulation attacks. To this end, we propose a platform-independent method to identify high-level DeFi semantics. Specifically, we first construct the Cash Flow Tree (CFT) from a raw transaction and then lifting the low-level semantics to high-level ones, including five advanced DeFi actions. Finally, we use patterns expressed with the recovered DeFi semantics to detect price manipulation attacks. We implemented a prototype named DeFiRanger that detected 14 zero-day security incidents. These findings were reported to affected parties or/and the community for the first time. Furthermore, the backtest experiment discovered 15 unknown historical security incidents. We further performed an attack analysis to shed light on the root causes of vulnerabilities incurring price manipulation attacks.

Jakob Svennevik Notland,Jinguye Li,Mariusz Nowostawski,Peter Halland Haro

2024-03-01

Abstract:Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and there is next to no notion of how different architectures and their components are related to different vulnerabilities. Throughout this study, we have analysed 60 different bridges and 34 bridge exploits in the last three years (2021-2023). Our analyses identified 13 architectural components of the bridges. We linked the components to eight types of vulnerabilities, also called design flaws. We identified prevention measures and proposed 11 impact reduction measures based on the existing and possible countermeasures to address the imminent exploits of the design flaws. The results are meant to be used as guidelines for designing and implementing secure cross-chain bridge architectures, preventing design flaws, and mitigating the negative impacts of exploits.

Cryptography and Security

Surisetty Madhuri,Nagalakshmi Vadlamani

DOI: https://doi.org/10.1007/s11042-024-18344-3

IF: 2.577

2024-02-22

Multimedia Tools and Applications

Abstract:The online trading market has been greatly improved by the significance of Cross-Chain (CC) transactions. However, malicious events are the chief threat to offering secure cross-chain transactions; several crypto security models have been executed in the past to enrich the CC transaction process. However, those models cannot provide secure CC data because of malicious harm. So, the current report aimed to implement a novel Elman Neural-based CAST Blockchain Framework (ENbCBF) to gain a secure CC platform. Firstly, the malicious prediction functions were executed to maintain the CC's confidential score. Consequently, the transaction process was begun in the Ethereum blockchain environment. Hence, the planned novel secure CC design is validated in the etherscan Python environment. The User needs to decide the transaction amount types; the Elman neural function continuously afforded the attack recognition process, resulting in less time complexity by avoiding the delay. Hence, the reported high malicious event recognition exactness and less processing time for the transaction and crypto process than conventional studies.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Dan Lin,Jiajing Wu,Yuxin Su,Ziye Zheng,Yuhong Nan,Zibin Zheng

DOI: https://doi.org/10.48550/arXiv.2409.04937

2024-09-08

Abstract:Decentralized bridge applications are important software that connects various blockchains and facilitates cross-chain asset transfer in the decentralized finance (DeFi) ecosystem which currently operates in a multi-chain environment. Cross-chain transaction association identifies and matches unique transactions executed by bridge DApps, which is important research to enhance the traceability of cross-chain bridge DApps. However, existing methods rely entirely on unobservable internal ledgers or APIs, violating the open and decentralized properties of blockchain. In this paper, we analyze the challenges of this issue and then present CONNECTOR, an automated cross-chain transaction association analysis method based on bridge smart contracts. Specifically, CONNECTOR first identifies deposit transactions by extracting distinctive and generic features from the transaction traces of bridge contracts. With the accurate deposit transactions, CONNECTOR mines the execution logs of bridge contracts to achieve withdrawal transaction matching. We conduct real-world experiments on different types of bridges to demonstrate the effectiveness of CONNECTOR. The experiment demonstrates that CONNECTOR successfully identifies 100% deposit transactions, associates 95.81% withdrawal transactions, and surpasses methods for CeFi bridges. Based on the association results, we obtain interesting findings about cross-chain transaction behaviors in DeFi bridges and analyze the tracing abilities of CONNECTOR to assist the DeFi bridge apps.

Software Engineering

Tiancheng Xie,Jiaheng Zhang,Zerui Cheng,Fan Zhang,Yupeng Zhang,Yongzheng Jia,Dan Boneh,Dawn Song

DOI: https://doi.org/10.48550/arXiv.2210.00264

2022-10-01

Cryptography and Security

Abstract:Blockchains have seen growing traction with cryptocurrencies reaching a market cap of over 1 trillion dollars, major institution investors taking interests, and global impacts on governments, businesses, and individuals. Also growing significantly is the heterogeneity of the ecosystem where a variety of blockchains co-exist. Cross-chain bridge is a necessary building block in this multi-chain ecosystem. Existing solutions, however, either suffer from performance issues or rely on trust assumptions of committees that significantly lower the security. Recurring attacks against bridges have cost users more than 1.5 billion USD. In this paper, we introduce zkBridge, an efficient cross-chain bridge that guarantees strong security without external trust assumptions. With succinct proofs, zkBridge not only guarantees correctness, but also significantly reduces on-chain verification cost. We propose novel succinct proof protocols that are orders-of-magnitude faster than existing solutions for workload in zkBridge. With a modular design, zkBridge enables a broad spectrum of use cases and capabilities, including message passing, token transferring, and other computational logic operating on state changes from different chains. To demonstrate the practicality of zkBridge, we implemented a prototype bridge from Cosmos to Ethereum, a particularly challenging direction that involves large proof circuits that existing systems cannot efficiently handle. Our evaluation shows that zkBridge achieves practical performance: proof generation takes less than 20 seconds, while verifying proofs on-chain costs less than 230K gas. For completeness, we also implemented and evaluated the direction from Ethereum to other EVM-compatible chains (such as BSC) which involves smaller circuits and incurs much less overhead.

Ravi Kashyap

DOI: https://doi.org/10.1016/j.frl.2023.104421

2023-09-12

Abstract:We consider the problem of being a cross-chain wealth management platform with deposits, redemptions and investment assets across multiple networks. We discuss the need for blockchain bridges to facilitates fund flows across platforms. We point out several issues with existing bridges. We develop an algorithm - tailored to overcome current constraints - that dynamically changes the utilization of bridge capacities and hence the amounts to be transferred across networks. We illustrate several scenarios using numerical simulations.

General Finance,Computational Engineering, Finance, and Science,Cryptography and Security,Computational Finance

Qingze Hum,Wei Jin Tan,Shi Ying Tey,Latasha Lenus,Ivan Homoliak,Yun Lin,Jun Sun

DOI: https://doi.org/10.48550/arXiv.2006.10280

2020-10-28

Abstract:Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus mechanism. However, cryptocurrencies are a major target for cyber-attacks, as they can be sold on exchanges anonymously and most cryptocurrencies have their codebases publicly available. One particular issue is the prevalence of code clones in cryptocurrencies, which may amplify security threats. If a vulnerability is found in one cryptocurrency, it might be propagated into other cloned cryptocurrencies. In this work, we propose a systematic remedy to this problem, and we propose CoinWatch (CW). Given a reported vulnerability at the input, CW uses the code evolution analysis and a clone detection technique for indication of cryptocurrencies that might be vulnerable. We applied CW on 1094 cryptocurrencies using 4 CVEs and obtained 786 true vulnerabilities present in 384 projects, which were confirmed with developers and successfully reported as CVE extensions.

Cryptography and Security

Lei Wu,Siwei Wu,Yajin Zhou,Runhuai Li,Zhi Wang,Xiapu Luo,Cong Wang,Kui Ren

2020-01-01

Abstract:As one of the representative blockchain platforms, Ethereum has attractedlots of attacks. Due to the existed financial loss, there is a pressing need toperform timely investigation and detect more attack instances. Though multiplesystems have been proposed, they suffer from the scalability issue due to thefollowing reasons. First, the tight coupling between malicious contractdetection and blockchain data importing makes them infeasible to repeatedlydetect different attacks. Second, the coarse-grained archive data makes theminefficient to replay transactions. Third, the separation between maliciouscontract detection and runtime state recovery consumes lots of storage. In this paper, we present the design of a scalable attack detection frameworkon Ethereum. It overcomes the scalability issue by saving the Ethereum stateinto a database and providing an efficient way to locate suspicioustransactions. The saved state is fine-grained to support the replay ofarbitrary transactions. The state is well-designed to avoid saving unnecessarystate to optimize the storage consumption. We implement a prototype namedEthScope and solve three technical challenges, i.e., incomplete Ethereum state,scalability, and extensibility. The performance evaluation shows that oursystem can solve the scalability issue, i.e., efficiently performing alarge-scale analysis on billions of transactions, and a speedup of around2,300x when replaying transactions. It also has lower storage consumptioncompared with existing systems. The result with three different types ofinformation as inputs shows that our system can help an analyst understandattack behaviors and further detect more attacks. To engage the community, wewill release our system and the dataset of detected attacks.

Chaofan Shou,Yuanyu Ke,Yupeng Yang,Qi Su,Or Dadosh,Assaf Eli,David Benchimol,Doudou Lu,Daniel Tong,Dex Chen,Zoey Tan,Jacob Chia,Koushik Sen,Wenke Lee

2024-09-10

Abstract:Billions of dollars have been lost due to vulnerabilities in smart contracts. To counteract this, researchers have proposed attack frontrunning protections designed to preempt malicious transactions by inserting "whitehat" transactions ahead of them to protect the assets. In this paper, we demonstrate that existing frontrunning protections have become ineffective in real-world scenarios. Specifically, we collected 158 recent real-world attack transactions and discovered that 141 of them can bypass state-of-the-art frontrunning protections. We systematically analyze these attacks and show how inherent limitations of existing frontrunning techniques hinder them from protecting valuable assets in the real world. We then propose a new approach involving 1) preemptive hijack, and 2) attack backrunning, which circumvent the existing limitations and can help protect assets before and after an attack. Our approach adapts the exploit used in the attack to the same or similar contracts before and after the attack to safeguard the assets. We conceptualize adapting exploits as a program repair problem and apply established techniques to implement our approach into a full-fledged framework, BACKRUNNER. Running on previous attacks in 2023, BACKRUNNER can successfully rescue more than \$410M. In the real world, it has helped rescue over \$11.2M worth of assets in 28 separate incidents within two months.

Cryptography and Security

Yutong Han,Chundong Wang,Huaibin Wang,Yi Yang,Xi Wang

DOI: https://doi.org/10.1371/journal.pone.0302145

IF: 3.7

2024-06-11

PLoS ONE

Abstract:Blockchain cross-chaining is about interconnectivity and interoperability between chains and involves both physical to virtual digital aspects and cross-chaining between digital networks. During the process, the liquidity transfer of information or assets can increase the use of items with other chains, so it is worth noting that the enhancement of cross-chain liquidity is of great practical importance to cross-chain technology. In this model, Layerzero is used as the primary secure cross-chain facility to build a full-chain identity by unifying NFT-distributed autonomous cross-chain identity IDs; applying super-contract pairs to enhance cross-chain liquidity; and initiating a dynamic transaction node creditworthiness model to increase the security of the cross-chain model and its risk management. Finally, by verifying three important property metrics timeliness is improved by at least 18%, robustness is increased by at least 50.9%, and radius of convergence is reduced by at least 25%. It is verified that the liquidity cross-chain model can eliminate the authentication transition between hierarchies while saving the cross-chain time cost, as a way to truly realize the liquid interoperability between multiple chains of blockchain.

Zhiqi Feng,Yongli Li,Xiaochen Ma

DOI: https://doi.org/10.1186/s40854-023-00490-6

IF: 6.793

2023-01-01

Financial Innovation

Abstract:With the high-speed development of decentralized applications, account-based blockchain platforms have become a hotbed of various financial scams and hacks due to their anonymity and high financial value. Financial security has become a top priority with the sustainable development of blockchain-based platforms because of an increasing number of cyber attacks, which have resulted in a huge loss of crypto assets in recent years. Therefore, it is imperative to study the real-time detection of cyber attacks to facilitate effective supervision and regulation. To this end, this paper proposes the weighted and extended isolation forest algorithms and designs a novel framework for the real-time detection of cyber-attack transactions by thoroughly studying and summarizing real-world examples. Furthermore, this study develops a new detection approach for locating the compromised address of a cyber attack to resolve the data scarcity of hack addresses and reduce time consumption. Moreover, three experiments are carried out not only to apply on different types of cyber attacks but also to compare the proposed approach with the widely used existing methods. The results demonstrate the high efficiency and generality of the proposed approach. Finally, the lower time consumption and robustness of our method were validated through additional experiments. In conclusion, the proposed blockchain-oriented approach in this study can handle real-time detection of cyber attacks and has significant scope for applications.

Na Ruan,Hanyi Sun,Zenan Lou,Jie Li

DOI: https://doi.org/10.1109/tnet.2022.3201493

2023-01-01

IEEE/ACM Transactions on Networking

Abstract:Decentralized cryptocurrency systems have become primary targets for attackers due to substantial profit gain and economic rewards. A number of attack models have been proposed during last few years. However, the evaluation and comparison of those attack models remain problematic due to the lack of systematic framework to analyze them. In this work, we propose a general quantitative analysis framework for attack models in the network and consensus layer of blockchain. We identify the problem statement and evolution process. And we show how to apply our general framework in previous attacks such as selfish mining and bribery attack. We also explained that the framework is suitable for other attacks in blockchain. For further exploration, we simulate the success rate and benefits of different attacks through experiments. We provide several defensive strategies, and study how these strategies against previous attack models.