The CEO of Chainlink raises concerns over security vulnerabilities in crypto bridges
Sergey Nazarov, the CEO of Chainlink, recently expressed concerns about the security vulnerabilities of most bridges in the crypto space. In an interview with Blockworks, Nazarov highlighted a worrying trend in the crypto industry: investing in projects without the ability to strengthen their ecosystems. Unlike forked blockchains that inherit proven security protocols, bridges do not have this advantage because they are not based on blockchain systems. Nazarov emphasized the rudimentary nature of most bridges, comparing them to single servers that facilitate the transfer of data and value between two chains – a system he deems ‘absolutely insecure.’
‘The systems built in this sector promise a lot, but they are unable to secure value in any way. Creating real security is not that simple.’
The illusion of decentralization and its pitfalls
To circumvent these obvious vulnerabilities, many entities have resorted to creating multiple servers, giving a false impression of decentralization. However, Nazarov refers to this as ‘decentralized theater,’ as these multiple servers remain under the control of a single entity. One proposed alternative involves creating a ‘monolithic network,’ powered by numerous nodes operated by distinct entities on a cohesive network. But this framework is not without problems – if the network fails, all nodes would be compromised simultaneously. Additionally, Nazarov believes this structure is inherently non-scalable. He noted, ‘It is not scalable because you cannot route all transactions from all chains to a single network.’
Chainlink’s visionary alternative: CCIP
Sergey Nazarov envisions a future with a dynamically inter-chain communication platform driven by multiple autonomous networks. Citing Chainlink’s Cross-Chain Interoperability Protocol (CCIP) as a model, Nazarov unveiled his tri-network system: two networks that authenticate and process each transaction, and a third – the Risk Management Network – dedicated to verifying transactions based on established risk parameters. This structure gives bridge creators, such as decentralized applications, the ability to introduce and refine risk parameters, ensuring the adaptability of the bridge to evolving threats. Since its launch at ETHCC in Paris, CCIP has garnered global interest, collaborating with prominent financial institutions such as BNP Paribas, BNY Mellon, and ANZ to pilot the transfer of tokenized assets between blockchains.