Hello and welcome to Protocol Fintech. This Monday: Why Crypto Bridges Are Vulnerable, Polygon’s Plan of Attack, and Putin’s New Ban on Digital Asset Payments.
out of the chain
Lindsey Choo, who is leaving us to attend Columbia Journalism School, played a crucial behind-the-scenes role in this newsletter since shortly after our daily appearance. From the outset, Lindsey has been a key contributor, in particular helping to strengthen our coverage of international fintech regulation. In this edit, she shares some of her favorite quotes she picked for Overheard. I have a feeling this won’t be the last time we see Lindsey shaping the conversation.
—Owen Thomas (E-mail | Twitter)
A bridge too far?
One of the challenges for the crypto industry is the number of blockchains and the complexity of traversing them. This has led to the growth of bridges allowing people to send tokens across chains. But these bridging tools have been attacked by hackers, leading to significant losses. Some the biggest DeFi hacks to date have involved bridges.
Jhe future is multi-channel. This means that bridges will only grow in importance.
- Bitcoin is unique: it has a token that is held on a blockchain. But many of the blockchains that followed are designed to support multiple tokens, and many cryptocurrencies aim to use multiple blockchains. USDC trades on eight blockchains, while chains like Solana and Ethereum are designed to support multiple currencies.
- Many in the industry believe it is inevitable that multiple blockchains will develop, each emphasizing different strengths such as video game, tradeNFT, mobile or payments.
- But there is a lot at stake. If crypto disappears from one side of a bridge due to a hack, it could destabilize the system. When the Wormhole Bridge was hacked, its parent company, Jump Trading, replaced the stolen Ether to keep things running.
Bridge attacks are similar to other crypto hacks. Hackers exploit flaws in code or, scarier still, in the fundamental design of a network.
- In the Wormhole incident, the pirates exploited a security issue in the smart contract code to earn $325 million.
- The recent $100 million hack of Harmony’s Horizon Bridge was apparently the result of a engineering to obtain the electronic signatures required to authorize a transaction.
- In the case of Axie Infinity, social engineering played a role, but hackers also exploited a weakness in its validator node system. Four of the five needed to approve a transaction were controlled by Axie’s creator, Sky Mavis, which gave hackers an opening to take control.
While consumers can overcome the trust issues created by hacks, there are other hurdles. Chain crossing is still a UI nightmare, with multiple wallets required and some technical sophistication.
- This can be the ultimate challenge for bridges, even if security ends up being largely solved. Until bridging chains become easier, widespread crypto adoption will be hampered.
- Some Web3 companies are working on ways to make the transition easier. Transak aims to make it transparent for users who hold, for example, ether, to play a game on the Solana blockchain.
There are tradeoffs in how bridges are designed between speed, cost, and safety. More secure bridges may be slow to complete a transaction. In the long run, however, this will mostly be a headache for developers. The ultimate crypto bridge might be one that consumers don’t even know they’ve crossed.
— Tomio Geron (E-mail | Twitter)
A version of this story first appeared on Protocol.com. Read it here.
SPONSORED CONTENT FROM GOOGLE PLAY
Android and Google Play are blank canvases. Developers are the artists who paint on it: Over the past couple of years, there has been a big debate between life and livelihood. Many people had to make a choice between the two. Those who could work from home didn’t have to make that hard choice, because we could have both life and livelihood – and technology was the reason people could have both.
on the money
On protocol: Congressional Democrats want to the EPA to do something about the “disturbing” carbon footprint of the crypto mining industry. They call on the EPA and DOE to use the Clean Air Act to incentivize mining operations to disclose their energy use and carbon emissions as a first step.
Ethereum’s official move to proof-of-stake is expected to take place in September. The Merge, Ethereum’s long-awaited transition from a proof-of-work consensus mechanism to a more energy-efficient proof-of-stake mechanism is now scheduled for September, with still a testnet to do.
Also on Protocol: Antoni Martin, head of business Polygon, thinks the crypto winter is a time to “differentiate between speculation and construction.” He spoke to Protocol on what Polygon could be used for, how the crypto crash eroded consumer trust, and how it is helping shape EU crypto regulation.
Russia bans crypto payments. Russian President Vladimir Putin approved a law on Friday banning the use of digital assets as payment in Russia. The law will also require crypto exchanges and providers to refuse transactions in which digital assets could be considered a form of payment.
A Fed survey shows that 56% of senior banking executives think crypto is not a priority. Over 56% of CFOs at 80 banks think that blockchain technology and crypto are a “low priority” for the growth and development of their businesses, according to the latest results from the Federal Reserve’s survey of senior financial officials.
Heard, the Lindsey Choo edition
Today we have a special edition of special editions – a roundup of my past favorites that will remind you when…
… Ethereum co-founder Vitalik Buterin was on the cover of Time magazineand everyone had something to say on this subject. People took to Twitter to roast the cover and ask “Why […] the richest people have the least drip. The cover is available buy and trade as NFT now.
… FTX CEO Sam Bankman Fried answer questions during a CFTC panel discussion on the company’s derivatives trading proposal. Sean Downeyclearing Chief Compliance Officer and Head of Policy at CME Groupaccidentally (or intentionally?) paraphrase Taylor Swift referring to the crypto crash. “We’ve seen this movie before, and in fact, we’ve seen it very recently,” he said of the proposal.
… Elon Musk tried to convince us that he didn’t understand how influential his “personal backing” of dogecoin was, affirming that he “never said people should invest in crypto.” But as a longtime crypto-skeptic Bill Gates said, “If you have less money than Elon, you should probably be careful.”
Coming
A US House hearing on SEC enforcement is scheduled for Tuesday. The U.S. House of Representatives Committee on Financial Services will hold a audience titled “Oversight of the SEC’s Enforcement Division,” which will include the new Crypto Assets and Cyber Unit.
Truist Financial and Citizens Financial have earnings calls on Tuesday. Average TFC Rating PES is at $1.17, down 5% from the previous quarter. Average estimated CFG PES is $1.02, also down 5% from the previous quarter.
FinTech Festival India 2022 starts on Wednesday. The three days conference will be held in New Delhi, with speakers from the Blockchain Founders Fund, CoinDCX, Ripple, Revolut and others.
Capital One and Blackstone earnings calls will be on Thursday. Estimated average COF PES is at $5.10, down 9% from the previous quarter. Average estimate of BX PES is at $1.47, down 5% from the prior quarter.
SPONSORED CONTENT FROM GOOGLE PLAY
Android and Google Play are blank canvases. Developers are the artists who paint on it: Many people don’t realize the many ways developers benefit from Google Play and the core DNA of Android is open. The minute developers have a creative idea, they have all the tools they need to build the app, understand security policies, launch the app, and gain a global audience.
Thanks for reading – see you tomorrow!