Multichain Security Model & Mechanism
Multichain has always put security as its top priority. This article aims to demystify our security model and the measures adopted by Multichain to achieve this. The security design both provides effective resilience to hacks and also ensures a solid and robust base model for future development.
The last few years have witnessed DeFi growing in adoption and complexity as the multi-chain ecosystem takes shape, which has only driven further explosive growth of the cross-chain field. Cross-chain bridges do seem however to be the new attack vectors in DeFi. Around ten hacks happened in the year 2021. This year, 2022 is no exception, with four major attacks on bridges including Qubit bridge, Wormhole, Meter.io and Multichain already. There has never been a greater need for awareness of bridge security. It is essential that everyone understands the issues, including the advancements currently underway. This article serves as an introduction to this topic.
Open source: Cross-Chain Router Protocol (CRP)
Multichain, the Cross-Chain Router Protocol (CRP) is an open source protocol. It is free to access and use by anyone (the code and its development are available at Github).
We believe it is essential for Multichain to be open-source. It is generally acknowledged that compared to closed source code bases, with the open source model any security concerns can be examined, leading to the kind of transparency necessary to alleviate any security concerns. We admit that open source code isn’t always perfect, but no software is. Being open source can even allow hackers to understand how to mount an attack, but conversely open source code will eventually become bullet proof — tested in the most fiery forge. What we can guarantee is that any security issues of Multichain CRP are disclosed and patched immediately. We’ve set the Bug Bounty scheme to encourage code review and vulnerability disclosure. Thanks to the community, we were alerted to the contract vulnerabilities in the January incident and fixed the issues immediately as well as managed to rescue 50% of the losses.
Multichain CRP has a large and seasoned developer community who are incorporating the code and who increasingly trust it. The code is tested by many developers, which in turn makes it more reliable. These same developers are full of ideas and their suggestions are often added to our core libraries (thank you to them all). Also in the community developers and users discuss CRP and provide expert guidance to new projects that join with us. That is the beauty of our open source world, where the whole is greater than the sum of the parts. So far over 30 applications have integrated Multichain CRP, and more than 20 are on their way to integration. These include DEXes, CEXes, wallets, aggregators, launchpads and index providers. Some examples are a DAO represented by Sushiswap, Spiritswap, Spookyswap and Tokenpocket. We look forward to jointly promoting the CRP with more developers.
Multichain SMPC network
- Underpinning technology based on a frontier security theory
Secure Multi-Party Computation (SMPC), the core technology underpinning Multichain, originated from a theory put forward and validated by some of the world’s leading cryptographers. The key algorithm implemented at the heart of Multichain’s cross-chain bridge and router is the Threshold Signature Scheme (TSS).
TSS was derived from the groundbreaking research paper — “UC Non-Interactive, Proactive, Threshold ECDSA with Identifiable Aborts (or GG20). The paper was published in 2020 at the Conference on Computer and Communications Security (CCS) which is one of the most authoritative events in the industry.
CCS is an annual flagship conference of the Special Interest Group on Security, Audit, and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results.
GG20 was reviewed, validated, and revered for its reliability by numerous experienced cryptographers at CCS.
It is worth noting that all current projects for distributed signatures are basically based on the GG20 theory. Multichain is one of the first to realize this theory.
- Multichain applied TSS into its cross-chain solutions
To realize the cross-chain interaction of digital assets, an MPC Network is required. This is a distributed network that processes cross-chain requests in real time between chains. It essentially comprises a trigger mechanism, where the status on the original chain is detected in real time and then translated into the behavior on the target chain. What happens on the target chain is a reflection of what happened on the source chain. The current MPC Network is a decentralized network. Each node independently verifies the status of the origin chain, and uses a threshold distributed signature algorithm between all nodes to reach a consensus on the verification results.
This method, which is based on a cryptographic algorithm, can lead to a powerful consensus. It either produces consistent correct results or no results. This ensures that Multichain’s MPC Network can accurately process cross-chain requests in real time with no risk of single point of failure.
Multichain has its own cryptography research capabilities. In addition to the integration of TSS into the cross chain solutions, Multichain developed SM2 and Schnorr signatures and hence formed the final Multichain SMPC network. It supports over 96% of blockchain cross-chain interactions. Moreover Multichain’s solution is universally compatible, which makes it particularly friendly to non-EVM chains such as the BTC chain and the XRP Ledger.
It is certainly acknowledged that Multichain has run into security incidents, but Multichain has also learned lessons and grown stronger as a result and we are always dedicated to providing the best cross-chain solutions. Looking back, we’d like everyone to see that both previous security incidents were not related to the cryptographic theory that Multichain relies on, or the underlying SMPC network, but were due to other causes. The SMPC schemes and Multichain’s network that are employed have not been breached.
Actions that were taken to further strengthen Multichain security
In every failure there are valuable lessons on security to draw upon that cannot be learned even in a hundred attack simulations. To further strengthen the security level, Multichain also takes a series of governance measures.
- Regular external and internal audits
The external security audit cycle has been shortened to less than three months, which means higher frequency of security checks. The latest audit was conducted by Trail of Bits, and the development team of Multichain has upgraded the products as recommended. The audit report will soon be released. Meanwhile, Multichain has reached out to another security audit service provider PeckShield. Their audit is in progress and is estimated to be completed very soon.
Internal audits are also being performed. A special security risk control team has been built for this purpose, and cross functional technical audits are conducted with a higher frequency.
- MULTI Security Fund
Multichain has initiated a governance proposal for a security fund. The fund would be used to underpin security and every possible rescue measure for assets that could be lost to potential vulnerabilities in the Multichain’s system and service. The proposal is for 10% of the monthly cross-chain fee to be taken and added to the security fund.
- Bug bounty program
Multichain encourages the community to continue to review its code and security. We are working with Immunefi on the Bug Bounty program. This program is set to recognize the value of independent security researchers and teams. We believe in the importance of making honest contributors motivated and making sure that they know they are appreciated.The team will reward up to $2,000,000 for discovering and submitting vulnerabilities.
- Security Academic Alliance
Cryptography is an evolving discipline and guarding against security attacks is a never-ending task. Multichain is closely monitoring the advancements of relevant new technologies and investing generously in technological innovation and cyber security. Multichain is building an academic alliance with global cryptography experts specializing in threshold signature algorithms and MPC, to stay up to date with the latest developments in relevant technologies and push technological innovation.
- Strengthened risk supervision and control system
The team has introduced reliable risk control measures to improve the ability to detect unusual transactions and send early security warnings.
Meanwhile, we are working on the further decentralization of the SMPC network. At present, SMPC nodes are run together by the Multichain team and trusted members of our community. It’s expected to be opened to partners and then further promoted to untrusted networks.
Multichain was born as Anyswap on the 20th July 2020 to service the clear needs of different and diverse blockchains to communicate with each other. As a cross-chain infrastructure, Multichain facilitates interoperability across different networks and enables seamless transfers of assets and values. With a constantly growing family of non-EVM and EVM chains (now 36), Multichain is the leader in the cross-chain field. Its sustained daily volume of more than $200 million, its Total Value Locked in excess of $6 billion and its thousands of daily users are testament to its popularity and security.