Understanding Bridge Security by Arjun Bhuptani (Connext)
Spearbit hosted this great presentation from Arjun Bhuptani from Connext about bridge security!
I originally included this talk as additional reading viewing in "The Anti-Ape on what's wrong with bridges" but it really deserves a post on its own.
0:00 Intro
1:34 Background
7:15 Current bridge landscape
13:31 The next thing: Optimistic bridge
20:00 Why 30 minute window ? Non-technical ways to mitigate the risk
26:20 Q&A: Veryfing off chain with more conviction
30:08 Q&A: Centralized wallet integration - transaction valid before the time limit
33:03 Q&A: Complexity comparisson
40:07 Q&A: Standards accross chains
42:14 Q&A: Bridges as fundamental blocks between nation states
44:16 Q&A: Are you just proving the state of the bridge on one side of the other?
45:44 Q&A: Approach for audit orgs
47:32 Q&A: Recommended training curicculum
51:15 Q&A: Type of hacks:
- implementation hacks (ex. Poly Network)
- complexity of dependencies (ex. Wormhole hack)
- compromise root of trust (ex. Ronin)
55:24 Q&A: Technical risks vs social engineering/corparate risks
58:37 Wrap up
Additional viewing
Here is another panel discussion about bridges featuring Connext's Layne Haber @ DeFi Security Summit 2022:
Arjun and his friend have a Twitter account called "Burning Bridges", educating users about bridging architectures, one hack at a time🔥
Photo by Angelo Pantazis on Unsplash