User Controls

Hacking Blockchain Bridges

  1. #1
    Misterigh Houston
    Does anyone know anything about this or have any POC/tutorials? Specifically trustless bridges.
  2. #2
    Sophie Pedophile Tech Support
    Blockchain Bridges were a bad idea from the start, not least of all because the more chains you bridge the more complexity you inherit. The way trustless bridges work in simple terms is by making a smart contract that sets aside N amount of X coins in order to mint N amount of Y coins as wrapped X coins right? Even with a trustless bridge there needs to be a way to validate the requested action as legitimate right? The key to that would be in the fine details of how the underlying software works. I suppose if you could find a way to maliciously validate any such action you could in theory make the crypto printer go brrrr.

    From what i understand the Ronin bridge incident seems to have been caused by the attackers compromising servers that were hosting hot wallets, thereby gaining access to private keys that were used to create a signature set which was then used to validate the malicious transaction.

    In any case i'm not too well versed in this subject, but it is pretty interesting to me. Also, i don't think anyone is just going to give you a PoC that could potentially make them millions.
  3. #3
    Misterigh Houston
    Originally posted by Sophie Also, i don't think anyone is just going to give you a PoC that could potentially make them millions.

    lol, yeah I was joking about that part. I think it's just a newer subject that hasn't really been explored much but the profits could be massive.
  4. #4
    Sophie Pedophile Tech Support
    Originally posted by Misterigh lol, yeah I was joking about that part. I think it's just a newer subject that hasn't really been explored much but the profits could be massive.

    The profits are massive. Best bet is to have a team go over every last line of source in case of trustless bridges to ascertain whether there are any vulns in whichever bridging protocol you're looking at.
    The following users say it would be alright if the author of this post didn't die in a fire!
  5. #5
    Migh Houston
    Originally posted by Sophie The profits are massive. Best bet is to have a team go over every last line of source in case of trustless bridges to ascertain whether there are any vulns in whichever bridging protocol you're looking at.

    Or a person...
  6. #6
    Sophie Pedophile Tech Support
    Originally posted by Migh Or a person…

    Potentially.
Jump to Top