Are crypto bridges the most dangerous place in DeFi?

Almost every course on investing in DeFi starts with the basic concepts of the sphere and an explanation that decentralized finance is less vulnerable than a fiat currency in a bank account. However, unfortunately, few people talk about all the risks and vulnerabilities, and that’s why many people have the wrong idea about DeFi.

This year, the funds of crypto investors have been severely affected by hacks and fraud. One of the main reasons is that cybercriminals have found an uncomplicated way to get to other people's money: crypto bridges.

What are crypto bridges?

Why are they needed?

Turn on your imagination and imagine two different states: they speak different languages there, people differ physically, and laws, in some manifestations, are antagonists. State A and B are separated by a spacious river - therefore, a bridge was created for an important trade connection.

Such states can be called blockchains, on which different assets are located. A crypto bridge is needed in order to transfer them from one blockchain to another.

Mechanism of operation

When using a crypto bridge, the user deposits tokens into a smart contract (a piece of code in the blockchain that allows carrying out transactions and controlling their execution automatically, without human intervention).

In the intermediate blockchain, the cryptocurrency is recorded as a reverse token, which is an application for ownership of the original coin.

After this algorithm, the cryptocurrency can be used on another blockchain.

Vulnerability

The biggest event in the DeF world was the theft of $615 million from the Ronin crypto bridge, which supported the Axie Infinity P2E game with NFTs that allow players to earn money while playing.

There can be many reasons for this: carelessness of developers, a clutter of code, poor testing, and so on.

For example, the latest high-profile incident is the hacking of the BSC Token HUB bridge. There was an exploit introduced into the system (malicious code that finds vulnerabilities in software and computer systems). Further, due to the ten storeys of the bridge code, there was a vulnerability exploited by attackers.

The main problem of crypto bridges is the complexity of the written code. You should agree that the simply written code in the form of the equation: A + B = C is unrealistic to hack. In this case, the probability of making mistakes and weaknesses is extremely small. Therefore, DEX, the code of which is much simpler, is hacked much less often than bridges.

In the case of hacking the Nomad bot, criminals were able to enter any value into the system and then withdraw funds, even if there were no tokens in the bridge blockchain. The case is shocking because cybercriminals did not even need programming skills, and the exploits they used gave birth to new imitators.

What should I do?

According to Chainalysis, since the beginning of 2022, $1.4 billion has been stolen as a result of hacking crypto bridges. This is more than the annual income of some states.

Bridges are a necessary tool for investors in DeFi, but every year we become convinced of the danger of using them. It is hoped that programmers will be able to solve the problem and come up with a “simple” and high-quality code for the crypto bridge. However, you should think about the safety of your funds now, we have already advised earlier:

1. Do not use bridges from the main wallet.

2. Disable the wallet after using crypto services from all sites and platforms.

3. Do not keep all assets in one wallet.

4. Diversify.

Take care of yourself and your assets!