Gnosis Hashi: Building a More Secure Future

Gnosis Hashi: Building a More Secure Future

We’re excited to announce that Sygma is supporting Gnosis in the implementation of Hashi!

Sygma's cross-chain infrastructure, paired with Gnosis's robust Ethereum-based tools, will contribute to an efficient Hashi implementation, enhancing the interconnectedness of the entire blockchain ecosystem.

First, some context on Sygma and Gnosis and why this work matters.

Sygma is an interoperability layer for building cross-chain applications. Developers can leverage Sygma’s secure cross-chain infrastructure to extend the reach of their applications between EVM, Substrate, and beyond.

Then there’s Gnosis, a major player in creating decentralized and secure technology. Building projects like Gnosis Safe, GnosisDAO, and OmniBridge has cemented their position as some of the leading builders in the space. Gnosis is helping create conditions where user security and trust in the network remain paramount even amidst constant evolution and the introduction of new technologies.

As Gnosis is the driving force behind Hashi, we’re excited to be working with them on solutions that will make the entire space more secure.

The quest for security

As the blockchain ecosystem becomes more interoperable, the security of cross-chain bridges continues to be a critical concern. Last year alone, over $2 billion in digital assets got stolen from bridges, with many of these breaches tracing back to vulnerabilities in multisig security models.

The industry has been exploring trustless bridges (i.e., no federation or centralized entity is involved in data or token transfer) as a potential solution, but these also come with challenges and have been susceptible to compromise.

A common element across many of these security incidents is the use of synthetic asset models, which create significant risks if the bridge is compromised. Despite the perception that trustless and open-source solutions are generally secure, the reality is more complex, and substantial work remains to be done.

Maximizing security

In terms of interoperability solutions, one of the key challenges is the inherent tradeoff between security, cost, and convenience.

A protocol with “high” security may offer top-tier protection, but its complexity could deter users, and its maintenance and deployment could drive up costs or come with other drawbacks. On the other hand, a system that's more cost-effective and user-friendly may have less-than-sufficient security.

This tension presents itself starkly when we discuss cross-chain bridges.

First, different use cases have different security requirements. For example, a bridge facilitating a high-volume trading platform would require more extensive security protocols than one supporting a small-scale, community-driven project. Similarly, a bridge that handles highly sensitive data would need a higher level of security than one that carries less critical information.

Second, the need for a standardized evaluation framework for these bridges complicates matters. Without such a framework, assessing the security of different bridges is not straightforward.

In recognizing these challenges, there are ongoing efforts to bring standardization to the way we evaluate cross-chain bridges. One is L2Beat, an analytics and research platform focused on Layer 2 scaling solutions. Another is the Cross-chain Risk Framework, a project aimed at creating a universal standard for assessing the risk and security of different cross-chain bridges.

Through these standardization efforts, it will become easier to make informed decisions about the security of different bridges, accurately weighing the trade-offs, and making it possible to select a bridge that best aligns with specific needs and risk tolerance. However, standardization is just one piece of the puzzle. There’s more.

Multi-Message Aggregation

As the blockchain space grows and matures, new approaches to security come to the fore. One such strategy is Multi-Message Aggregation (MMA), pioneered by Uniswap following a series of high-profile hacks.

In essence, MMA employs a network of bridge providers to relay governance instructions between different blockchains. This multi-pronged approach enhances security by reducing the system's dependence on a single bridge. It also increases the likelihood of successful instruction relay and enables negotiation of lower fees due to the competitive environment created by multiple providers.

Another challenge that MMA addresses is vendor lock-in. By using multiple bridges, users gain flexibility and freedom to switch between different bridge providers based on their needs, preferences, and performance assessments. Current efforts to implement MMA are being spearheaded by the Stanford Blockchain Club and Gnosis.

Hashi

Similar to MMA, Hashi’s core focus is on enhancing safety. In their words, “Hashi is an EVM Hash Oracle Aggregator, designed to facilitate a principled approach to cross-chain bridge security.” The upshot of Hashi is that users will be able to choose a combination of bridges rather than relying on one mechanism.

In this way, Hashi introduces a critical element of redundancy, empowering the network to utilize multiple independent mechanisms for message validation. Known as RAIHO (Redundant Array of Independent Hash Oracles), this concept significantly enhances network security.

Although Hashi is currently under development, its features are already drawing attention. Hashi empowers users to build custom Oracle adapter contracts and query an Oracle for the hash associated with a specific ID in a given domain.

It also facilitates consensus via a set of oracles for a specified ID in a distinct domain. Despite the increased gas usage and potential latency due to dependency on the slowest oracle in a set, these steps are considered a necessary trade-off to mitigate the severity and frequency of past bridge-related security incidents.

Our contribution to the Hashi repository has already been merged into the main branch, signaling Sygma's integration into the Hashi security model. This PR, appropriately titled "feat: add Sygma adapter #13", introduces a Sygma adapter and header reporter.

Through this collaboration, we're not only supporting an innovative solution like Hashi but also reinforcing Sygma's commitment to security.

The road ahead

There are big things in the works for Gnosis as they plan to revamp their Omnibridge by replacing the existing Arbitrary Messaging Bridge (AMB) mechanisms. The development is already gaining momentum, with ChainSafe achieving a significant breakthrough by successfully testing the Goerli-Gnosis Chain on testnet 1 and establishing a Goerli-Chiado testnet 2. To try it out yourself, go through the docs where you can learn more about the current deployments as well as instructions on how to use Hashi.

This second testnet is crucial as it supports the testing of the light client integration and the Sygma adapter. Upon full establishment of testnet 2, there's an open invitation to developers across the globe to participate in our Contributors Program. This opportunity aims to foster the development of innovative use cases for token bridges or NFT bridges, utilizing the power of the newly released Sygma SDK in conjunction with the Hashi testnet 2.

As we continue working to strengthen security, Sygma recognizes the ever-evolving challenges we must address. The digital realm's dynamism calls for adaptive and aggregated security solutions, the next frontier we're excited to explore.

Want to learn more about what you can do with block hashes? Check out this thread for a deep dive into how you can use them to create storage proofs–a cryptographic method that quickly validates the presence or absence of data.

Adaptive, aggregated security

With Sygma, we strive to find the optimal balance in the security-cost tradeoff for each application. Maximizing security is the primary goal, but achieving it without causing undue burdens in cost or user experience can be a delicate balance. Here, the twin concepts of adaptive and aggregated security come into play.

Adaptive security, as the name suggests, provides developers with an optimal choice of security based on the transaction at hand. A multi-layer approach based on different transport mechanisms and proving systems such as Proof of Authority (PoA), Optimistic transfers, and ZK proofs will enable unparalleled flexibility and provide developers with tailored security.

In concert, adaptive and aggregated security represents an elegant approach to navigating the security-cost tradeoff. Together, they form a strategy designed to ensure not only a secure environment but also an efficient and user-friendly one. Coming soonᵗᵐ.

Contributor Program

Join our program for technical support, incentives, and a library of resources to build your cross-chain vision on Sygma. 👉here.

Community👥

Sygma connects you with the chains you want, making it possible to compose applications that work across EVM, Substrate, and Cosmos.

The strength of our project lies in our builder community. We're always looking for contributors, and Sygma’s modular architecture is designed to foster contributions and extensions.

Check out our documentation or GitHub to get started.

Have a question? Hop into our Discord
👋


Website | Twitter