IBC Security - Thyborg
Thyborg covers the security of the IBC protocol and key concepts around that.
Disclaimer - This is part of our outside perspective series. Curious Cosmonaut Research is not the author we are simply highlighting some good threads and perspectives on the Cosmos ecosystem. We also, therefore, do not guarantee their accuracy.
Author: Thyborg
Source: Twitter Thread
Date: August 2, 2022
Could IBC ever be hacked like @nomadxyz_ yesterday, @harmonyprotocol in June, @AxieInfinity in March?
While it's early to claim anything in crypto is bullet-proof, let's review why IBC is as secure as an cross-chain protocol can get 🧵
For a basic idea of how IBC works, I recommend giving the thread below a quick read
If you were looking for the best way to easily understand how IBC works, look no further than @adi_r_r's postal analogy:
— Thyborg (@Thyborg_) July 20, 2022
IBC transport layer: Postal service
IBC packets: Letter
IBC application layer: Recipient
More details on crypto's most powerful cross-chain protocol 🧵
On the surface, IBC works like other bridges:
- the user locks an asset in the source chain
- a relayer picks up the receipt & delivers to the destination chain
- the destination chain verifies the receipt
- the destination chain mints a representation of the asset
The address holding the assets on the source chain is called the escrow wallet, and I wrote a thread about the Osmosis escrow address for the Cosmos Hub here
Wallet n°8 of the recent Cosmos whales thread had me quite perplexed: who would leave 6.5M $ATOM un-staked since genesis, leaving on the table 3 years of staking rewards?
— Thyborg (@Thyborg_) July 1, 2022
Here's how I got my answer and learned a few interesting IBC things in the process 🧵
That address currently holds 5.5M $ATOM or $56M
So the question is, can that address & the other IBC escrow addresses on every IBC-enabled chain, be compromised?
In short, that's a tall order
That's b/c escrow addresses are controlled by the IBC Go module
cosmosThe module has been thoroughly audited by @informalinc in January 2021 and is now used in production by 49 Cosmos chains
informalsystemsHackers won't be able to gain access to the IBC escrow addresses by socially engineering the multi-sig devs
That was the issue with the Harmony and Ronin hacks
1/ On Thursday June 23rd, the Horizon bridge was exploited by one or more individuals, draining the bridge of approximately $100MM worth of Ethereum tokens.
— stephen tse 💙 s.1 🌉 stse.eth (@stse) June 25, 2022
Our investigation team is working 24x7 to assist with identifying the culprits responsible, and the methods they used.
Hackers also won't have a lot of opportunities to exploit errors post "routine upgrade", since we're talking about a complete chain upgrade approved by governance
That was the issue with the Nomad hack
12/ tl;dr a routine upgrade marked the zero hash as a valid root, which had the effect of allowing messages to be spoofed on Nomad. Attackers abused this to copy/paste transactions and quickly drained the bridge in a frenzied free-for-all
— this is now a shitpost account (@samczsun) August 2, 2022
While a software bug is always possible, the fact that 50 sovereign chains are already using the Cosmos stack means that hundreds of devs should have their eyes on the SDK changes
The best part is, IBC is not just for the Cosmos ecosystem:
In theory, every chain is able to implement the light clients that verify the receipts
IBC light-client implementations are already ongoing for the Polkadot, Near & Avalanche ecosystems
While Ethereum is a different beast b/c of the sheer # of validators & lack of single-slot finality, the Merge and the following upgrades are all steps in the right direction
Vitalik talked about focusing development on light-clients at EthCC. Could the IBC light client be on the Ethereum roadmap? pic.twitter.com/yHn9RX6Apb
— Thyborg (@Thyborg_) July 22, 2022
If you want to keep up-to-date with IBC and the entire Cosmos ecosystem, know that I'm covering it through educative & digestible threads on governance, airdrops, tokens, teams & projects ; you may consider retweeting the first tweet & giving me a follow
@Thyborg_ ✌️
