First Mover Asia: Why Bridges Are So Vulnerable to Exploit; Bitcoin Falls Under $19K
One crypto developer says that centralization and reliance on private key holders are to blame, not the inherent technology and logic behind the bridges themselves.
Good morning. Here’s what’s happening:
Prices: Bitcoin dropped below its bottom support of $19K.
Insights: Why have bridges been so vulnerable to exploits?
Catch the latest episodes of CoinDesk TV for insightful interviews with crypto industry leaders and analysis. And sign up for First Mover, our daily newsletter putting the latest moves in crypto markets in context.
Bitcoin Holds Over $19K
By James Rubin
Bitcoin and ether continued their recent stationary ways, albeit more to the red, while several decentralized finance (DeFi) tokens declined later in the day after rising early, as investors fretted anew over new housing data and ongoing macroeconomic uncertainty.
Bitcoin (BTC) was recently trading just under $19,000, off 1.5% and just below the lower end of the $19,000 to $21,000 range that the largest cryptocurrency by market capitalization has occupied for more than a month. Bitcoin continued to trail its 20-day moving average, clear evidence of the bear market’s resiliency.
Ether’s (ETH) was recently changing hands at $1,273, down 2.4% from Tuesday, same time, and beneath its $1,300 bottom support for much of the past month. Ether has also continued its recent trend of trading below its 20-day average.
Other altcoins were recently down with XRP, ADA and CRO all off well over 2% from a day earlier. Even UNI, which jumped 3.5% at one point and was up 9.5% over the past seven days, was in the red later in the day (U.S. ET).
On Oct. 13, Uniswap, the decentralized exchange behind the token, announced that it had raised $165 million in a Series B funding round led by Polychain Capital. "The fresh round of funding will support expanding Uniswap's product lines, which might include NFT trading in the near future," noted Katie Talati, director of research at digital asset manager Arca, in an email.
The CoinDesk Market Index (CMI), a broad-based market index that measures the performance of a basket of cryptocurrencies, was relatively flat, recently falling 1.6%.
Traditional financial markets declined on Wednesday, with the tech-heavy Nasdaq, Dow Jones Industrial Average (DJIA) and S&P 500 each falling by a few fractions of a percentage point.
In major macroeconomic data, U.S. housing starts plunged 8.1% to 1.439 million in September, falling slightly short of the consensus estimate but reflecting a sagging of the once-torrid housing market. However, September housing permits, an indicator of future construction, rose by 1.4% over August.
Global inflation continued to tick higher, with Great Britain (10.1%) and Canada (6.9%) each reporting higher increases in prices than expected. Both countries recently increased their key interest rates by 0.50% and 0.75%, respectively. Hotter-than-expected inflation increased the likelihood that both countries would raise interest rates aggressively, similar to the U.S., where the Federal Reserve’s Federal Open Markets Committee (FOMC) is expected to approve a fourth consecutive 75 basis point rate hike in November.
In commodities, Brent crude oil, a measure of energy markets, was recently trading slightly down but still hovering well over $90 per barrel, up more than 15% from the start of the year. Safe-haven gold declined 1.4%.
|Cosmos||ATOM||−6.4%||Smart Contract Platform|
|Avalanche||AVAX||−5.1%||Smart Contract Platform|
Why Bridges Are Crypto’s Sinking Titanic
By Shaurya Malwa
A key part of the crypto ecosystem has repeatedly received harsh criticism in the past several months because of their importance and yet fragile architecture, which has led to an estimated $2 billion in losses this year alone.
Bridges, or blockchain-based tools that connect different networks, are essential for the movement of liquidity in the crypto ecosystem. Bridges allow users to transfer tokens and other digital assets, such as non-fungible tokens (NFT), between various chains – solving what was previously a difficult problem.
But the security for bridges is still in developing mode. February saw Wormhole’s $375 million exploit, followed by a $625 million exploit of Ronin Bridge next month. Then in August, Nomad Bridge was attacked for $190 million.
But what makes bridge attacks so common?
Crypto developer Hart Lambur says that centralization and reliance on private key holders are to blame, rather than the inherent technology and logic behind the bridges themselves.
“Multisig exploits clearly demonstrate why it’s essential for the ecosystem to have decentralized bridges that rely not on keyholders, but instead on dispute resolution in which anyone can dispute data or behavior that appears to be incorrect or malicious,” Lambur, the co-founder and CEO of Risk Labs, the foundation and team behind UMA, told CoinDesk in a recent interview.
By controlling a majority of the votes, the attacker can approve any transfers. In the Ronin Network hack, for example, five of the bridge’s nine validators were compromised in this way.
Insisting on decentralized bridges
“It’s extremely dangerous to put control of those funds in the hands of a few people. Users should demand and insist on using decentralized bridges to protect their funds,” Lambur added.
“Decentralized bridges are few and far between, but we are making progress and developing optimistic design patterns in bridges that reduce the risk of exploits. An optimistic design pattern means that transactions can proceed ‘optimistically’ unless someone – anyone – disputes a transaction or piece of data.”
“Addressing the security of cross-chain bridges should also include regular tests or audits, due diligence on networks, and chain integrations,” Lambur said
Lambur and others say security should be a constant process, rather than a set-it-and-forget-it system.
“Builders should always take the time to consider edge cases where systems may fail, simulating and patching these issues to spot any weaknesses,” he explained. “Alongside this, you need robust systems in place for constant monitoring which ensures the team can act swiftly if needs be.”
“Audits that check contracts for complexities or vulnerabilities are imperative to ensure your bridge has been sufficiently stress-tested,” he further stated. But is anyone listening?
8:30 a.m. HKT/SGT(12:30 a.m. UTC) Australia's Unemployment Rate September
7:00 a.m. HKT/SGT(11:00 p.m. UTC) Gfk Group Consumer Confidence (Oct)
7:30 a.m. HKT/SGT(11:30 p.m. UTC) Japan's National Consumer Price Index (YoY) (Sept)
In case you missed it, here is the most recent episode of "First Mover" on CoinDesk TV:
What is the outlook for bitcoin, crypto markets and venture capital investments? "First Mover" continued its live coverage of CoinDesk's Investing in Digital Enterprises and Assets Summit (I.D.E.A.S.) in New York City with "Unchained" podcast host Laura Shin, Pantera Capital Partner Lauren Stephanian and Two Sigma Ventures Principal Andy Kangpan.
JPMorgan Appoints Former Celsius Exec as Crypto Regulatory Policy Head, Bloomberg Reports: Aaron Iovine spent eight months earlier this year as head of policy and regulatory affairs for crypto lender Celsius Network.
Will Censorship Fork Ethereum?: Disagreement around how to handle sanctions on Ethereum may soon force the chain to split into two: one chain censored, one not.
French Lawmakers Approve New Boss for Finance Watchdog: Former bank lobbyist Marie-Anne Barbat-Layani’s hearings contained a warning for the likes of Binance and Crypto.com setting up in the budding crypto hub.
Brazil’s Largest Digital Lender Nubank to Roll Out Own Token to 70M Users in 2023: Named Nucoin, the new token will be used to offer discounts and perks to customers.
Aptos Token Plunges in Trading Debut: FTX, Coinbase and Binance were among the first exchanges to list the buzzy new layer 1 token.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.