Cross-chain bridge hacks accounted for 69% of all crypto stolen in 2022, amounting to $2 billion in losses, according to a new report.
The report comes from blockchain analytics firm Chainalysis on August 2, noting that there are 13 separate token bridges. hacks this year – the most recent being the $190 million Nomad Bridge operation.
Q1 2022 was by far the quarter that saw the largest amount of crypto stolen since 2021, mainly due to the Ronin Bridge Attack at the end of March, which saw $624 million in Ether (ETH) and Circle USD (USDC) stolen.
After last night’s Nomad Bridge feat, an estimated $2 billion has been stolen from cross-chain bridges so far in 2022. Read our blog to learn what makes these protocols vulnerable and what the industry can do about it. https://t.co/WLo62H6NFe pic.twitter.com/CZRnqrPikh
— Chain Analysis (@chainanalysis) 2 August 2022
Cross-chain bridges, also known as blockchain bridges, are designed to transfer cryptocurrencies from one blockchain network to another.
Chainalysis explains that while bridge designs vary, users typically deposit their tokens from one chain to the bridge protocol which are then locked into a contract. The user is then issued the equivalent of a parallel token in another chain.
According to the Chainalysis report, bridges are often targets because they “have a central storage point of funds that support the ‘bridged’ assets on the receiving blockchain.”
“Regardless of how those funds are stored — locked up in a smart contract or with a centralized custodian — that storage point becomes a target.”
According to some experts, effective bridge design is still in its early stages of development, and some developers still have relatively little understanding of security protocols, making their protocols vulnerable to exploitation by hackers.
In a July 22 clip posted Twitteralmost two weeks before the recent attack, Nomad founder James Prestwich says it will be “at least another year or two before there is enough familiarity across chain security models to build defenses as a standard.”
“In cross-chain systems, we haven’t built that kind of attack expertise yet, people don’t know what the common attacks are, and so they don’t defend against them.”
Centralized exchanges were once a favorite target of hackers, but advances in security protocols have seen a decline in successful cyber attacks, according to Chainalysis.
The blockchain analytics firm stressed that crypto services, including bridges, should start investing in security updates and training sooner rather than later.
“A valuable first step to address such issues could be for extremely rigorous code reviews to become the gold standard of DeFi, both for those building protocols and for the investors evaluating them. Over time, the strongest, most secure smart contracts can serve as templates for developers to build.”