Cross-chain bridge hacks are causing big trouble for DeFi users in 2022
On 2nd August, the Nomad token bridge was hacked, resulting in the loss of $190 million worth of ETH and ERC-20 tokens.
Sounds like a pretty big deal, until you realize that this is only the third biggest bridge hack in history.
Furthermore, according to De.Fi research, the Nomad hack makes up just a fraction of the over $1.2 billion of funds lost via bridge hacks so far.
In front of Nomad on the list of biggest bridge hacks is Wormhole, which lost $326 million when it was hacked on 2nd February, and Ronin, which holds the ignominious title of biggest bridge hack in history, after it lost $625 million on 29th March.
All this in the year that JPMorgan christened “the year of the blockchain bridge” in January.
Fortunately, some funds have been recovered, with De.Fi research showing more than $351 million or over 25% of funds returned. For Nomad, this has involved over $37 million or nearly 20% being recovered thus far.
So, why have these hacks occurred and what can users do to protect themselves?
Why have bridge hacks become a problem?
The story of massive cross-chain bridge hacks started with the rise of DeFi and alternative layer one protocols from the Summer of 2020, throughout 2021 and into 2022 (January — June). Of course, that’s not to say that interoperability of blockchains only came about as a result of DeFi but it certainly accelerated the process.
As crypto-natives saw the huge upside potential from yield farming and the opportunities that existed on faster, cheaper blockchain networks than Ethereum, they sought out ways to move their funds. To do this, you need a bridge and the demand from users led to a lot of projects directing their efforts towards this type of solution.
By the Summer of 2021, bridging between networks had become common practice for DeFi yield farmers and NFT buyers.
What makes a bridge vulnerable to attack?
Although bridges can be a way to transfer all kinds of different data across blockchains, the most common use of a bridge is for transferring tokens. Usually, this involves locking up an amount of tokens in a smart contract on one blockchain and then receiving an equivalent amount on another.
The bridge is the mechanism that records what is locked on one blockchain and mints the equivalent amount on the other blockchain. If the user completes what they wanted to do and returns to the original chain, they can use the bridge again to unlock their assets onto the original chain.
There are various ways a bridge could be attacked, including gaining control of smart contract addresses, attacking the contract where assets are locked in order to release them to hackers or minting tokens on one blockchain when no tokens have been locked up on the other.
Whatever the issue, DeFi users to make sure they’re doing all they can to stay safe.
How can you protect yourself from bridge attacks?
As we always say, one of the best ways to stay safe in DeFi is to ‘Do Your Own Research’ and this is also good advice when it comes to understanding the bridges you choose as well.
That doesn’t mean you need to know everything about bridge technology but it does mean that searching for useful, publicly-available information about the one you aim to use is a good idea, as is accessing any related blockchain security tools.
Fortunately, De.Fi has a number of options designed to keep you safe.
De.Fi Shield
When you use De.Fi Shield, you can check whether every asset in your portfolio is safe and not exposed to smart contract risks.
That’s possible because it scans the smart contracts you have interacted with, any token contracts you hold and any approvals you have granted.
De.Fi REKT Database
The REKT Database is the world’s first publicly-available resource for finding all DeFi scams, exploits and hacks.
That means DeFi users can use the ‘exploit’ search to find out if the bridge they are planning to use is registered on the REKT Database for any reason.
De.Fi Audit Database
The De.Fi Audit Database is the world’s most comprehensive database of all smart contract audits performed to date.
Therefore, if you want to dig a little deeper into the audits that your chosen bridge has undertaken and find out what they say, this is the resource you need.
As always, stay safe and DYOR!
For more De.Fi updates you can visit us at:
🌐 Website | 📱 Telegram | 🐦Twitter
Check our Latest guides 👇 :
- The Ultimate Yield Farming Guide For Osmosis [Infographics]
- The Ultimate Yield Farming Guide For Gnosis Chain [Infographics]
- The Ultimate Yield Farming Guide For Cardano [Infographics]
- The Ultimate Investing Guide For Venus Protocol [Infographics]
- Navigating DeFi — a Handy Guide to the New Web3 Decentralized Financial Ecosystem [Infographics]
- The Ultimate Yield Farming Guide For Cosmos [Infographics]
Want more? Check ALL GUIDES!
And join us on twitter and telegram!
Good luck in farming!