tiprankstipranks
Crypto Hacks and Potential Solutions: Interview with Analog’s Chief Architect Victor Young
Stock Analysis & Ideas

Crypto Hacks and Potential Solutions: Interview with Analog’s Chief Architect Victor Young

Story Highlights

We sat down with Victor Young, the Founder and Chief Architect of Analog – a layer-0 blockchain, to get his perspective on the growing challenge of crypto hacks, why they happen, and what can be done to make blockchains and exchanges safer.

More than $1.9 billion worth of cryptocurrency has been lost in hacks and exploits this year alone, and we still have one more quarter to go. Hackers continuously exploit security vulnerabilities across third-party wallets, hot wallets, exchanges, and cross-chain bridges, among other things.

Within the first six months of 2022, hackers targeted platforms like Crypto.com, Qubit Finance’s QBridge, the Solana-Ethereum bridge Wormhole, the IRA Financial Trust, Cashio, Axie Infinity’s Ronin Bridge, Beanstalk, Fei Protocol, Harmony Bridge, Nomad Bridge, and Solana’s Slope wallet, among others.

What is happening, and why are hackers targeting the crypto ecosystem? We sat down with Victor Young, the Founder and Chief Architect of Analog, a layer-0 blockchain, to get his perspective on the growing challenge of crypto hacks, why they happen, and what can be done to make blockchains and exchanges safer.

In the last few months, we heard about many ‘crypto hacks.’ Can you explain what it means when there’s a hack – what is being hacked, what is being stolen?

Victor: Blockchain technologies are designed to be tamper-proof, immutable, and democratic structures, with no single point of failure when it comes to recording transactions. The technology addresses security concerns through cryptographic primitives and decentralized consensus algorithms.

However, like all technologies out there, blockchain isn’t immune to hacks. For example, an attacker could take over the blockchain ecosystem by controlling most of the hash rate (blockchain’s computational power) in proof-of-work (PoW)-based networks such as Bitcoin and Ethereum in a so-called 51% attack or a double-spending attack (a strategy to transfer the coins to anonymous addresses by spending the same transaction more than once).

Besides 51% attacks and wallet hacks, we’re also witnessing a sharp rise in attacks targeting cross-chain bridges, which have much to do with the growing adoption of decentralized finance (DeFi). While these bridges allow users to transfer assets between heterogeneous chains, their centralized nature means they have a single point of failure with weak trust assumptions.

The most recent hack involved a “cross-chain bridge” – can you explain what this bridge is and why it’s so vulnerable to exploits? 

Victor: A cross-chain bridge is an interoperability protocol that enables different heterogeneous chains to communicate with each other. Cross-chain bridges can connect separate chains, allowing users to transfer assets, non-fungible tokens (NFTs), and arbitrary smart contract information across heterogeneous platforms.

Despite the new opportunities unlocked by cross-chain bridges, the design itself leaves room for vulnerabilities that hackers can exploit at the expense of users. For example, most current bridge architectures rely on trusted custodians to manage the process of locking/burning or unlocking/minting tokens. 

Existing trust architectures cannot safeguard users’ funds, especially when large amounts of assets are involved. It’s too easy for an attacker or even malicious insiders to breach the permissioned network, take over the bridge, and steal users’ funds without any deposit. Custodians can also lose their private keys, rendering cryptos irrecoverable. 

Additionally, the underlying smart contract can have flaws. In this regard, cross-chain bridges that use poorly written smart contracts are susceptible to malicious attacks, presenting an even more significant risk for users.

Why are there so many hacks in the blockchain universe? (Or you might say here that there aren’t that many compared to ‘traditional’ technology.)

Victor: I’m not surprised that there are so many hacks in the blockchain space. Blockchain ecosystems are particularly attractive to hacks because they store value, and where there is money, there is always a crime. Crypto hacking is a fast-growing enterprise, owing to the rise of the cryptocurrency economy and DeFi. When coupled with a sharp rise in the price of cryptocurrencies, such as BTC and ETH, the blockchain space provides criminals with lucrative opportunities.

However, the rise in cybercrime doesn’t only apply to blockchain ecosystems. Quite frankly, the current digital environment is also tough and challenging for businesses that operate in the web2 space. Recently, we’ve witnessed a sharp increase in cyber-attacks targeting traditional companies like Microsoft, Facebook, Yahoo, and Twitter, just to mention a few. 

Is there something inherently flawed with blockchain technology that makes it more vulnerable? Is it that the technology is not mature enough, or is it that blockchain companies are rushing to release products and services before they are fully secure?

Victor: You’re correct in pointing out that the current blockchain implementations are flawed. It’s over a decade since the financial meltdown of 2008/2009 that ushered in blockchain technology. Yet, we haven’t learned anything from placing trust in a few centralized players, such as banks. 

Current blockchains—whether PoW-or proof-of-stake (PoS)-based–aren’t entirely decentralized because of large barriers to entry. For example, in a PoW-enabled blockchain, the barrier to entry is the computational power/hash rate. At the same time, in a PoS-based network, you must stake a large sum of tokens to be able to participate in the consensus process.

As it stands now, each blockchain exists as an isolated island, preventing users and decentralized applications (dApp) builders from unlocking value. While numerous cross-chain bridges exist, their underlying designs and architectures have weak decentralization and trust assumptions. 

Now I know that this would be a very big question, but – what can be done? 

Victor: The increased number of crypto hacks in the blockchain space is a testament to the popularity of web3 markets and the interest levels of many stakeholders who have noticed the sector. We need to learn from the hacks and build robust protocols that can withstand any hack. 

How is your company, Analog, aiming to make blockchain technology more secure?

Victor: At Analog, we believe complete decentralization and security are the keys to resolving the current challenges in which the sector finds itself. Analog is an omnichain interoperability network powered by a novel proof-of-time (PoT) consensus. Unlike PoW (proof of work) or PoS (proof of stake) protocols with large barriers to entry for validators, the PoT is completely trustless, and any validator can propose or confirm a block provided they have accumulated a ranking score. 

Using ranking score as a parameter creates an open network where anyone can join and participate in the consensus without being restricted by computational resources or weighted stakes.

At a high level, the Analog network consists of a decentralized set of tesseracts and time nodes. Tesseracts act as decentralized “listeners” or “observers” on external chains and can reach consensus on relevant states and events on the connected blockchains through threshold signature schemes (TSS).

On the other hand, time nodes serve as decentralized nodes that validate the fetched event data on the Analog’s ledger, i.e., Timechain. In this regard, the network’s primary goal is accomplishing the above two functions without a single point of failure, i.e., in a trustless and permissionless manner.   

Disclosure 

Trending

Name
Price
Price Change
S&P 500
Dow Jones
Nasdaq 100
Bitcoin

Popular Articles