📝 SummarXiv

Abstract

Cross-chain bridges are a type of middleware for blockchain interoperability that supports the transfer of assets and data across blockchains. However, several of these bridges have vulnerabilities that have caused 3.2 billion dollars in losses since May 2021. Some studies have revealed the existence of these vulnerabilities, but there is little quantitative research available, and there are no safeguard mechanisms to protect bridges from such attacks. Furthermore, no studies are available on the practices of cross-chain bridges that can cause financial losses. We propose \toolName~(Cross-Chain Watcher), a modular and extensible logic-driven anomaly detector for cross-chain bridges. It operates in three main phases: (1) decoding events and transactions from multiple blockchains, (2) building logic relations from the extracted data, and (3) evaluating these relations against a set of detection rules. Using \toolName, we analyze data from two previously attacked bridges: the Ronin and Nomad bridges. \toolName~was able to successfully identify the transactions that led to losses of \$611M and \$190M (USD) and surpassed the results obtained by a reputable security firm in the latter. We not only uncover successful attacks, but also reveal other anomalies, such as 37 cross-chain transactions (\CCTX) that these bridges should not have accepted, failed attempts to exploit Nomad, over \$7.8M worth of tokens locked on one chain but never released on Ethereum, and \$200K lost by users due to inadequate interaction with bridges. We provide the first open dataset of 81,000 \CCTXS~across three blockchains, capturing more than \$4.2B in token transfers.