Grant Request: Connext - Cross Chain Bridge to Harmony

Hi sorry for the late reply, a lot has happened in the last month and didn’t have time to come back to you till now.

There are two points that I want to come back to:

  1. 3rd party means there is another entity apart from the 2 blockchains that is in charge of validating transactions. While a truly totally trustless bridge is impossible (learn why on our latest R&D piece) we need to minimized the trust required as much as possible.

Who is in charge of coordinating this 3rd party?

If there is a number of diversified entities that is lower than the players coordinating a specific blockchain, you are creating a less secure attack vector.
If the economic security ( = cost to attack this 3rd party) is less than what it would cost to attack a single blockchain, you are creating an attack vector.

This is the case for externally validated bridges. Are they more secure than Ethereum, Avalanche, Cosmos, …? Will they be in the next foreseeable future? No.

If the bridge holds $1B on tokens assets, and all it takes is $50m, $100m, $500m to buy the necessary tokens (even including slippage, even including locked tokes), it then becomes a math exercise to decide WHEN to attack, not if or how.

  1. If the token used to secure the system is also used to refund the victims in case of an attack, you can see how this ends up in a recursive bad spiral when something bad happens.
    the token is sold to pay for the attack, but this reduces the security of the system making an attack more likely, meaning in the future more likely that someone will be able to accumulate enough token to perform an economic attack which will need to be refunded with the token that will be sold…

I would encourage you to listen to all the Burning Bridges episodes, a Twitter Spaces series that analyses and breaks out the weaknesses of the different bridges architectures:

Happy (safe) bridging!