Following the Nomad cross-chain bridge attack this week, Chainalysis estimates that $2 billion in cryptocurrency has been hacked from cross-chain bridges so far this year, with 13 attacks involving cross-chain bridges accounting for the total amount stolen 69% of the total.

This is a significant threat to the establishment of trust in blockchain technology. As more and more value flows across bridges, they become more attractive targets for hackers. Cross-chain bridges are also now a top target for North Korea-linked hackers, who we estimate have stolen roughly $1 billion worth of cryptocurrency so far this year, all from cross-chain bridges and other DeFi protocols.

The good news is that these platforms can take steps to protect themselves. In the event of a hack, they can use the transparency of blockchain technology to investigate the flow of funds and ideally prevent attackers from cashing out their ill-gotten gains.

What is a cross-chain bridge protocol?

The purpose of the cross-chain bridge is to solve the interoperability challenges between different blockchains. The cross-chain bridge protocol allows users to transfer assets from one blockchain to another. For example, Wormhole is a cross-chain bridge protocol that allows users to transfer cryptocurrencies and NFTs between various smart contract blockchains such as Solana and Ethereum.

While cross-chain bridge designs vary, users typically interact with cross-chain bridges by sending funds from their assets to the cross-chain bridge protocol, where the funds are then locked in a contract, and the agreement is issued to users to cross-chain to Equivalent funds of equivalent assets on the chain. In the case of Wormhole, users usually send ETH to the protocol, which is held as collateral and issued on Solana in the form of Wormhole-wrapped ETH, which is locked in the Wormhole contract on Ethereum. support.

Why do cross-chain bridges always have accidents?

Cross-chain bridges are an attractive target because they typically have a central point of storage for funds that support receiving "cross-chain" assets on the blockchain. Regardless of how the funds are stored (locked in a smart contract or via a centralized custodian) this storage point becomes a target for hackers. Furthermore, effective cross-chain bridge design remains an unresolved technical challenge, with many new models being developed and tested. As best practices improve over time, these different designs present new attack vectors that can be exploited by hackers.

What can the crypto industry do?

Just a few years ago, centralized exchanges were the most frequently targeted hacks in the industry. Today, successful attacks on centralized exchanges are rare. This is because the latest and most vulnerable platforms are always on the lookout for attacks.

While not foolproof, a critical first step in addressing this type of problem could be making extremely rigorous code reviews the gold standard in DeFi, both for protocol builders and investors evaluating protocols. Over time, the strongest and most secure smart contracts serve as templates for developers to build upon.

Cryptocurrency services, including cross-chain bridges, should invest in security measures and training. Sophisticated social engineering tactics, which exploit human trust and carelessness to infiltrate corporate networks, have long been a popular attack method for North Korea-linked hackers, for example. Crypto teams should be trained on these risks and warning signs. At the same time, when falling victim to an attack, the speed of response is also critical.

The opinions in this article are for reference only and do not constitute investment advice. The currency circle fluctuates greatly, and investment needs to be rational.

Welcome to follow the author and share your views in the message area!

Sponsored Business Content

"Opportunities are always for those who are prepared." We must be prepared for future opportunities. But how to buy and when to sell? Judging when to buy and when to sell is not something anyone can accurately judge. In this case, how should we make more profits? The author here suggests that you can make money automatically by directly using the intelligent quantitative trading software. If you haven’t learned about quantitative trading, or don’t know which intelligent quantification is better on the market, here I recommend CCR intelligent quantitative robot. CCR intelligent quantitative robot is a fully automatic coin speculation robot suitable for the spot currency market.

CCR intelligent quantitative robot is compatible with international mainstream trading platforms, deeply digs the historical data of major trading platforms around the world, and has built-in core algorithms and technologies to help you in the spot market like a fish in water, and bear and bull can take it all.

Taking the 10,000 USDT position of the official observation account as an example, after starting the CCR robot, the data is tracked every month. The data is true and valid, and observation is supported.

What are the advantages of CCR robots?

1. Compatible with mainstream platforms
Your funds are safe and worry-free on the world's mainstream trading platforms, and you don't have to worry about the safety of your principal.

2. 7*24 hours a day, fully automatic execution
The robot runs 24 hours a day on the cloud server, with constant power and network. After initializing the setting parameters, the robot will automatically trade according to the strategy. Buy or sell automatically when the set conditions are met, without long-term stare at the market.

3. Formulate trading strategies and position allocation
The robot has a variety of built-in trading strategies, from "conservative-" to "aggressive+", to meet different risk types. After the strategy is set, the robot will intelligently allocate the position and conditions of each order, strictly implement the trading strategy and the strategy of replenishing orders, and adjust it in real time according to the current market situation and cloud big data.

4. Monitor multiple trading varieties at the same time
It can support hundreds of trading currencies to run trading strategies at the same time, each product has an independent thread, automatically monitors the quotation depth, strategy calculation, real-time monitoring of trading conditions, and ensures the immediacy of transaction execution.

5. Intelligent tracking and stop profit, let the profit fly for a while
Set the trigger condition, after the profit ratio meets the condition, the robot will automatically trigger the trailing stop profit. When the market quotation keeps rising, the profit ratio continues to break through the highest value; when the price falls, the condition of closing the position is triggered, and the profit is taken out.

6. One-click policy setting, one-click start
Berson has been working hard to reduce the operational difficulty of quantitative trading. In the robot, fill in the position, the number of varieties, and select the risk type, and you can set it up with one click and start it with one click. Newcomers to digital asset trading, easy to get started and quick to use.

7. Track the opening of positions and delay replenishment orders
For the downward trend, it is necessary to pull back 1% before opening a position, that is, if the algorithm’s position opening point is reached, the market continues to fall, and the order will be automatically delayed to make the order as low as possible to make the transaction cost lower.

8. Intelligent anti-waterfall
Within 5 seconds, the market will instantly plummet like a waterfall, that is, the order replenishment will be suspended, making the transaction safer.

9. Avoid the influence of objective emotions and strictly implement strategies
Signals are strictly judged to avoid the influence of artificial subjective emotions, and resolutely do not make up orders, do not trade, and do not close positions if the conditions are not met.

10. Official recommended currency
If you don’t understand coins and don’t know how to filter coins, you can choose the officially recommended coins, don’t worry about returning to zero, don’t worry about air coins, they are all high-quality coins.

11. The perfect combination of artificial intelligence and intelligence
Without manual intervention, fully automatic intelligent transactions, the coins purchased manually by users can be entrusted to the robot to monitor and sell, or manually modify the parameter instructions of the robot according to their own ideas, so as to make higher profits and earn more profits.

12. Grid take profit strategy
The robot monitors the overall strategy and the profit and loss status of each order at the same time. Even if the overall take-profit condition of the strategy is not met, the order can still be profitable. If the market fluctuates near the end order, it may continue to make profits and reduce the burden of holding positions.

I am a teenager, focusing on digital currency quantitative trading, if you are also interested in digital currency, welcome to communicate with: bosen12306