Darwinia Security Design Strategy and Philosophy Update
Darwinia uses a decentralized and light-client-based cross-chain messaging framework and takes its safety very seriously. Although we have considered many security details, we found that there are many different security requirements from the application layer. And from a security design perspective, we think it is better to split the asset security requirements and cross-chain messaging services, which belong to the application layer and the infrastructure layer, respectively, rather than designing various application layer security requirements into the bridge messaging protocol layer, making the bridge messaging framework extremely complex. For example, we consider the asset bridge to be a business that belongs to the application layer, while the cross-chain verification services or frameworks it uses are designed to ultimately better secure the cross-chain process and cross-chain assets. The various cross-chain message verification services or frameworks used by the asset bridge have different security assumptions, and the asset bridge should introduce redundant security mechanisms to minimize these assumptions and provide more security assurance.
Over the past year, with the bridge network growing, bridge safety incidents have occurred frequently in the industry, with each incident resulting in varying degrees of loss of users’ assets. Darwinia has taken these safety issues in the same industry very seriously and has organized several meetings to discuss and analyze the causes of the incidents.
After a long period of exploration and research, Darwinia Bridge Network plans to make some major technical upgrades in terms of security, mainly as follows.
Separate Bridge Messaging Service and Asset Bridge Service
- Darwinia’s bridge messaging service is based on a light-client verification approach, which involves a variety of technologies such as multi-chain consensus, message verification, message monitoring, and delivery. Its implementation is complex. And the management of bridge assets will be more focused on security and the economy.
- With the next security upgrade, Darwinia will focus on handling complex bridge messaging services and not take over any bridge assets. In contrast, Helix, renamed from Wormhole, will no longer handle the underlying complex bridge message delivery services but manage bridge assets only. In another word, it will focus on the secure storage and delivery of assets. It will be separated from Darwinia as part of the Darwinia ecosystem.
- Helix will be more rigorous and careful in the selection of the underlying bridge messaging services, attaching effective security assessments to select secure, reliable, and quality services, including but not limited to the Darwinia bridge network.
- Helix will also uphold an open and cooperative attitude, and strengthen collaboration and security research with partners, upstream and downstream service providers. It will focus on the NFT cross-chain and aggregation of high-quality asset bridge service providers in the early stages and cautiously host user assets.
Redundant Security Enhancement
- Darwinia’s next bridge message framework is generalized so that users can create various forms of programmable cross-chain applications based on it.
- Darwinia will commit to working with each asset bridge to provide a generalized message delivery service based on light-client verification to redundantly enhance security for their bridge.
- Currently, there are far more bridge networks on the market that use external verification than light-client verification, and doing security enhancements through different verification strategies will effectively reduce the risk of bridge networks being breached. By introducing the Darwinia bridge message, asset bridges can add a new kind of cross-chain message redundancy verification, and use multiple channels together to ensure message security.
Helix Guard & Dao
- Helix’s underlying layer will also consider using multiple bridge message channels for security enhancements and will introduce the guard service as another guarantee for asset security.
- At the same time, Helix Dao will ensure that effective measures such as pausing bridge services and rescuing bridge assets are taken in case of emergency and unforeseen situations.
Darwinia Bridge Message Delivery Framework v2.0
- The framework is based on a light-client message verification and delivery service, which is more decentralized than some other schemes such as MPC multi-signature, and its security is consistent with the security level of the bridged chain.
- Add a filter component on the target chain to verify the sender on the source chain to enhance cross-chain message identification security.
- The reliability of message delivery is ensured by the “fee-market” invented by Darwinia, which does not require the participation of a centralized relay, but allows anyone to participate in the message delivery service and receive incentives from it.
- Use Merkle trees to verify messages to ensure security and effectively reduce the cost of message verification.
Ethereum<>Darwinia Bridge 2.0
- As Ethereum 2.0 approaches, Darwinia has been following its development and upgrade progress.
- Considering user’s cost, timeliness, and security perspectives, Ethereum<>Darwinia v2 based on Ethereum 2.0 is being developed and refined. The upgraded version will support Darwinia<>Ethereum-Like cross-chain messaging service.
About Darwinia Network
Follow Us: [Github] [Website] [Medium] [Telegram] [Twitter]
Darwinia Network is a decentralized cross-chain bridge network building on Substrate. It provides a safe and general bridging solution, connects to Polkadot, Ethereum, TRON, and other heterogeneous chains by cross-chain transfer of assets and remote chain calls. The application areas of Darwinia Network include DeFi, cross-chain NFT trading, games, etc.
Darwinia Network has gained a high reputation and recognition along the way to build the decentralized cross-chain bridge protocol. Darwinia was written in Polkadot light-paper as one of the friends of Polkadot and Substrate. And Darwinia was selected to join Substrate Builder Program and Web3.0 Bootcamp, and for the outstanding work in Substrate Builder Program, Darwinia Network was officially awarded the Level 2 badge by Parity. The products and tools developed by Darwinia have been rewarded three W3F Grants.
Darwinia has been contributing to the compatibility and interoperability of the Metaverse.