SoK: Cross-Chain Bridging Architectural Design Flaws and Mitigations

TL;DR

This paper analyzes cross-chain bridge architectures, identifies vulnerabilities, and proposes mitigation strategies to enhance security and prevent exploits, based on a comprehensive review of recent bridge designs and attacks.

Contribution

It provides a systematic analysis of 60 bridges, linking architectural components to vulnerabilities, and offers guidelines for designing more secure cross-chain bridges.

Findings

Identified 13 architectural components of bridges.

Linked components to 8 types of vulnerabilities.

Proposed 11 impact reduction measures.

Abstract

Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and there is next to no notion of how different architectures and their components are related to different vulnerabilities. Throughout this study, we have analysed 60 different bridges and 34 bridge exploits in the last three years (2021-2023). Our analyses identified 13 architectural components of the bridges. We linked the components to eight types of vulnerabilities, also called design flaws. We identified prevention measures and proposed 11 impact reduction measures based on the existing and possible countermeasures to address the imminent exploits of the design flaws. The results are meant to be used as guidelines for designing and implementing secure cross-chain bridge architectures, preventing design flaws, and mitigating the negative impacts of exploits.