Cross-chain security models, compared

IBC (Inter-Blockchain Communication Protocol)

Github Discord Twitter

Security

Messages transported through IBC carry the safety of the base chains they connect, no less. There is a mild reduction in liveness guarantees, especially in practice.

Axelar Network

Github Discord Twitter

  • Read: Each validator checks messages against light clients or full nodes.
  • Write: Messages collectively signed by Axelar network are verified by a “gateway” (smart contract or simply an account) on dest chain.

Security

Light clients, full nodes and TSS/multisig are controlled by a permissionless validator set, allowing strong safety for both read and write. In my opinion the most secure and decentralised model after IBC, but with the ability to plug into any chain.

Nomad

Github Discord Twitter

Security

There are a few attacks possible on optimistic protocols. They’re mostly around liveness.

Layer Zero

Github Discord Twitter

Security

LayerZero doesn’t declare a Transport layer or an Auth layer, it’s just a Base layer & message Interface. The elected auth layers — the “Oracle” and the “Relayer” — are in an && statement, a 2 of 2 multisig. Safety and liveness characteristics are derived from this.

Conclusion

At the end of the day, discussing cross-chain security, throughput and liveness is just like arguing about types of blockchain consensus. My intuition is that the best auth layer is the same for cross-chain as it is for single-chain: BFT Permissionless Proof of Stake. Other models have different trade-offs, but security and permissionless-ness is the axiom of crypto. IBC should be used wherever possible, and Axelar for any ecosystem which can’t support IBC.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
0xpostman

0xpostman

Cross chain desperado loose in the wireld