A half of all DeFi exploits occur on cross-chain bridges and a staggering £2.2 billion has been stolen from them by hackers in the past two years.
The latest figures come from a new report by crypto data aggregator Token Terminal and stand out as enormous in comparison to other DeFi security breaches.
In the same period, hackers netted only £635 million from DeFi lending hacks and a comparatively meagre £320 million from decentralised exchange exploits.
Cross-chain bridges are designed to solve multi-chain scaling issues by allowing users to transfer digital assets from one chain to another.
However, they are incredibly complex to build and maintain which, along with the massive amount of funds locked in their smart contracts, has attracted plenty of attention from hackets.
Vitalik Buterin, the frontman of Ethereum, has criticised cross-chain bridges due to “fundamental limits” to their security because they hop across multiple zones of sovereignty.
Speaking of Ethereum, most cross-chain exploits that have occurred so far have been on Ethereum Virtual Machine (EVM) blockchains. This includes some of 2022’s most severe hacks, such as the Ronin bridge hack affecting Axie Infinity and the “free-for-all” Nomad bridge exploit.
Immunefi CEO and security expert Mitchell Amador explained that some developers in the DeFi space lack the necessary knowledge to keep such complex mechanisms secure:
“Many developers launch projects by simply copying and pasting code from other projects. When one of these projects has a vulnerability, others usually have that vulnerability as well. Open-source smart contracts, being visible and accessible to all, can easily attract blackhats who study them, discover where they’re vulnerable, and exploit them.”
Want to learn more about blockchain from industry leaders? Check out Blockchain Expo taking place in Amsterdam, California and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.