Connext, Alchemix launched a cross-chain token standard to reduce bridge exploitation losses
The Connext cross-chain linking protocol has announced new token standard to reduce losses from bridge hacks. According to a July 24 announcement, the new “xERC-20” standard allows token issuers to maintain a list of authorized tokens and control how many tokens each connector can print.
In addition to Connext, decentralized finance (DeFi) platform Alchemix Finance will implement the xERC-20 token, the announcement said.
Connect Alchemy
Today, Connext announced xERC20 standard support and an onboarding project to bring their token securely to every chain.
As our reliable users, we have worked together @AlchemixFi bring $calUSD, $alETHAnd $ALCX to @arbitrum And @optimismFND. https://t.co/S2tBLpuuqe
— Arjun | xERC20 arc (@arjunbhuptani) July 24, 2023
The new token standard was initially proposed on July 7 as Ethereum Improvement Proposal (EIP) 7281. It was co-authored by Connext founder Arjun Bhuptani. At the time, Bhuptani said he would help minimize losses from bridge hacks by acting on the principle that “Token Issuer is the one who gets the rect when the bridge is hacked.”
Instead of each bridge issuing its own version of the token on each network, the new standard will allow bridges to print an “official” or “canonical” version of each token. However, they can only do this with permission from the token issuer, and this permission will be enforced via smart contracts. Token issuers can also limit the number of coins that can be minted by certain bridges, said the proposal.
Under EIP-7281, bridges can still mint their own version of the token, but such derivative coins would not be considered the “canonical” version. As a result, consumers will end up rejecting the unofficial version of the coin. In Bhuptani’s view, this will lead to a more secure DeFi space as it will place the onus of avoiding bridge hacks squarely on the shoulders of each token issuer, which will help prevent end users from suffering losses.
To become an official part of the Ethereum ecosystem, EIPs must be approved by EIP editors, a process that can take months. The July 24 announcement said the standard would now be implemented in Connext and Alchemix prior to its official approval, allowing end users to rely on it immediately.
Related: The multichain bridge hack is a “big blow” to the Fantom ecosystem, says Cronje
In its announcement, Connext stated that the token standard would be “forwards compatible” with the official version if it is ultimately approved by the EIP editors. Buptani argues that the new implementation will prevent bridges with poor security or over-centralization from being taken seriously, stating:
“This approach […] encourage open competition and innovation as token issuers now have flexibility [to] detailing updating their preferences for supported bridges from time to time. Instead of prioritizing building a monopoly on liquidity, or trying to corner market share by locking up token issuers (or in some cases the entire chain), bridges are now being forced to have an ongoing focus on their security and quality of service, lest it be written off.
The issue of bridge security has become a hot topic in the crypto community. These concerns were amplified on July 7, when more than $100 million was mysteriously withdrawn from the Multichain interfacing protocol. The Multichain team initially simply referred to the withdrawal as “abnormal” but later clarified that an unidentified individual had accessed the CEO’s cloud storage system to withdraw funds without user consent.
