DeFi Bridging Explored: Trusted vs Trustless
Trusted bridges and trustless bridges are two different approaches to connecting different blockchain networks. Recently our work on Centauri has caught the attention of different ecosystems, researchers, and DeFi supporters such as VanEck, a global investment manager with $68.0 billion in assets under management, and Maven 11, a global blockchain and digital asset investment firm and supporter of Composable Finance (“Composable”). We encourage readers to check out their blogs as they dive deep into the topics of DeFi bridges.
This blog aims to provide potential new users with a higher-level understanding of DeFi bridges. Additionally, we explore why, historically, trusted bridges and trusted architectures have been more prevalent leading to a plethora of vulnerabilities and hacks. We also explore the narrative of a trustless DeFi future and how we plan to enable it via Centauri, our very own trustless bridging hub powered by the Inter-Blockchain Communications (IBC) protocol.
A world without bridges: the silos of DeFi
Due to the abundance of ecosystems and chains that house all the different protocols, DeFi has a natural inclination to isolate solutions and services to chains and ecosystems. This silo dilemma ultimately creates barriers to the mass adoption of the technology and concept. Users can have difficulties accessing and utilizing blockchain-based services and applications when different networks and platforms are not connected. Siloed DeFi limits the potential user base and hinders the growth of DeFi as a whole.
At its core, bridging infrastructure is crucial for achieving mass adoption of blockchain technology, by connecting different blockchain ecosystems users can easily access and utilize a wide range of blockchain-based services and applications. This increased accessibility and interoperability may lead to a larger user base, which in turn may drive the growth and development of the entire industry.
Additionally, the ability to share and access data across different platforms can encourage collaboration and innovation, leading to more advanced and user-friendly blockchain-based solutions. Ultimately, bridging infrastructure plays a critical role in making blockchain technology more accessible and easy to use for a wide range of users, which is crucial for achieving mass adoption.
Trusted vs trustless DeFi bridges:
A trusted bridge is a type of connection between two blockchain networks that relies on a third party to facilitate the transfer of assets between the two networks. This third party is responsible for ensuring the security and reliability of the bridge, and users must trust this party to properly handle their transactions.
On the other hand, a trustless bridge is a connection between two blockchain networks that does not require the use of a third party. Instead, trustless bridges use cryptographic techniques to ensure the security and reliability of the connection (trust in code), allowing users to transfer assets between the two networks without needing to trust a third party.
The historical dilemma of ownership and why trusted bridges have led the way for adoption
One key difference between these two types of bridges is that trusted bridges are typically faster, more sustainable, and generally easier and more convenient for users to use. However, this also means that users must place their trust in a third party, which may be a disadvantage for those who value decentralization and security.
Before utilizing a trusted bridge, users should be asking themselves:
- What really happens with my assets when they pass through the central authority of a trusted bridge?
- Are my assets secure in the transfer process?
- Is the central authority that controls the bridge a good or bad actor?
The majority of users don’t realize that the architecture they are using and expecting to be fully decentralized is in actuality supplemented by trusted architecture. Thus, while the users are attracted to certain solutions for their simplicity they might not realize that this simplicity comes at the expense of their own asset security and transparency. To put it simply, trusted bridges work until they don’t.
In contrast, current trustless bridging solutions offer a higher degree of security and decentralization by removing third-party intermediaries, but most are not extensible across ecosystems or often sacrifice speed or UX in the process. At Composable Finance we are diligently working towards optimizing and extending trustless communication to offer users all the benefits of current trustless bridging solutions without sacrificing speed or UX. Overall, the choice between trusted and trustless bridges will depend on the specific needs and priorities of the user or organization, but at Composable, we believe that trustless architecture is DeFi’s future.
Exploring alternative bridging architecture
For the purpose of this article, we will explore three other bridging protocols, each with various degrees of decentralization. Every protocol makes certain tradeoffs, with the best architecture being an ongoing discussion.
Relies on the assumption that the relayer and oracle will work together to ensure the safety of the protocol. If one of these actors is malicious, transactions will fail or simply not be submitted. However, if both are malicious, user funds can effectively be rugged even though the contracts are not in their control. This has been criticized as being effectively a 2/2 multisig, and is therefore considered a trusted bridge.
Optimistic bridges such as Nomad utilize smart contracts and off-chain relayers for the transfer of tokens between networks. While optimistic bridges are an improvement over trusted solutions, the risk of smart contracts which hold large amounts of user tokens being exploited is an inherent risk of this architecture.
Within Polkadot and Kusama, the cross-consensus messaging framework (XCM) is utilized for the passing of information between sovereign blockchains connected to the same Relay Chain. The downside of this approach is that while it is trustless, it is not extensible beyond the DotSama ecosystem.
How we built Centauri to make the IBC Protocol an adoptable standard for cross-ecosystem communication
When designing Centauri, we intended to build a bridging hub in line with DeFi’s founding principles of transparency, decentralization, and sovereignty. To accomplish this, we decided to focus on extending the reach of Cosmos’ Inter-Blockchain Communication (IBC) Protocol.
Why have we decided to implement and expand the reach of IBC?
IBC is the native communication protocol of the Cosmos ecosystem, it allows for trustless communication to occur between any blockchains built using the Cosmos SDK which have the IBC module enabled. Light clients are then able to verify that the content within a given message is valid by verifying the state of the origin blockchain. A summary of how this works can be found below, extracted from a Coinbase article on IBC:
“A key feature of IBC is that the connected blockchains do not need to communicate with each other directly. Instead, they are able to send packets of information via dedicated channels, which use smart contract modules that include a light client for trustlessly verifying that the state sent by the other blockchain is valid. The trustless and permissionless nature of IBC means that any party can operate a relayer and the participating blockchains do not need to trust the parties that transfer the information.” Coinbase.com
IBC has been rolled out and integrated by multiple app chains in the past years showing how it had product market fit, and at the same time proving to be a reliable and secure protocol to exchange data and assets. In the meantime, the protocol has been enhanced to allow developers to easily add any features they need (through middleware), such as packet forwarding or rate limiting.
Another key feature of IBC is how it has been able to become chain agnostic throughout its entire stack, from the way it models proofs to how relayers integrate multiple chains within the same design.
Ultimately, having a protocol that’s able to rapidly evolve and integrate the demands of a growing and fast-evolving community, while still ensuring robustness and security has made Composable believe that IBC had to be taken to all ecosystems. And we have been working hard in order to achieve this vision by:
- Extending ibc-rs to become no std in order to be used by Substrate chains
- Create pallet-ibc, the first non-cosmos fully working IBC stack
- Create hyperspace, which is the first chain agnostic relayer that’s able to support NEAR, Cosmos and Polkadot ecosystems.
Centauri’s IBC implementations
In order to facilitate communication between disparate ecosystems, infrastructure-level changes must be made to accommodate IBC within non-Cosmos ecosystems such as Polkadot and NEAR. To achieve this, the Composable team has constructed the following infrastructure which comes together to enable trustless cross-ecosystem communication via Centauri:
- GRANDPA light client
- ICS-8 WASM client
- Hyperspace Relayer
- Pallet IBC
You can read more about this infrastructure and Centauri’s various implementations in our updated vision article. A visualization of this infrastructure can be seen below:
Trustless bridging without sacrifice
Ultimately, these efforts culminate in a user experience comparable to that which is seen in trusted alternatives, without the third-party risk. IBC allows for communication that is fast, low in cost, and free from middlemen. As outlined above, the extension of IBC to new ecosystems can require protocol-level changes which is a lot of work that many have been unwilling to take on as of yet. However, this change is necessary considering that trusted bridges are unreliable and costly. Thus, they do not offer long-term solutions.
As such, Composable and our partners view the extension of IBC to as many ecosystems as possible as fundamental to the future of DeFi. You can track our progress by following us across our social media channels, and read our Centauri testnet article for more information on some of our partners along with a sneak peek at what some of the first inter-ecosystem applications might look like.
About Composable & Picasso:
Composable Finance (“Composable”) is dedicated to improving the accessibility, quality, transparency, efficiency, and security of decentralized finance (DeFi). We aim to do this by pioneering innovative Web3 user experiences in a trustless, non-custodial, and decentralized manner. Composable’s technology stack enables and combines key services across different DeFi ecosystems and protocols, such as Ethereum, Polkadot, Kusama, Cosmos, and the NEAR Protocol.
Picasso is our layer 1 blockchain acting as an infrastructure layer to pioneer interoperable DeFi solutions, with a native token named $PICA which is available at the Pablo DEX. Picasso is equipped with a robust set of novel DeFi primitives that are built as modular pallets. These pallets are designed to attract liquidity from the broader DeFi landscape whilst promoting interoperability between various ecosystems.
For more information about Composable and how it is architecting the unified DeFi landscape of the future, check out these useful Links: