The co-founder of Ethereum points to the basic security flaws in bridges as the main justification for his opposition.
Vitalik Buterin, the co-founder of Ethereum, detailed serious security issues involving cross-chain bridges in the blockchain ecosystem in a Reddit post on Friday. According to Buterin, there is some protection from 51% of attacks by holding native assets directly-chain (such as Ethereum on Ethereum, Solana on Solana, etc.). Even if hackers are successful in blocking or reversing transactions, they are unable to propose blocks that would remove a user’s cryptocurrency.
The Ethereum application is also subject to the rule. The end state stays invariant, i.e., the investor would always receive either 100 ETH or 320,000 DAI, even if hackers execute a 51% attack (by controlling 51% of all circulating ETH supply), for instance.
Buterin went on to say that cross-chain bridges are exempt from the same level of security restrictions. In the scenario he gave, if a hacker used their ETH to buy Solana-wrapped Ether (WETH) and immediately reversed the transaction on the Ethereum side after the Solana side had confirmed it, it would cause catastrophic losses to other users whose tokens are locked in the SOL-WETH contract because the wrapped tokens are no longer backed by the original on a 1:1 ratio.
Buterin continued to explain how adding more bridges to a cross-chain network may negatively escalate the security exploit. A 51% attack on one chain, especially a small-cap one, can spread throughout the entire network in a theoretical network with 100 chains due to the high degree of interdependency and overlapping derivatives. A 51% attack vector against the Ethereum network can cost hackers as much as $1.78 million per hour, according to Crypto 51. For blockchains like Bitcoin Cash, the cost can be as low as $13,846 per hour.