The Connext cross-chain bridging protocol has announced a new token standard to reduce the damage caused by bridge hacks. As announced on July 24, the new “xERC-20” standard allows token issuers to maintain a list of authoritative bridges and control how many tokens can be created by each.
The announcement states that in addition to Connext, decentralized finance (DeFi) platform Alchemyx Finance will implement the xERC-20 token.
Connext Alchemics
Today, Connext is announcing support for the xERC20 standard and onboarding projects to securely bring its tokens on-chain.
As our key user, we are dealing with @AlchemixFi to bring $alUSD, $alETHAnd $ALCX To @arbitrum And @optimismFND, https://t.co/S2tBLpuuqe
—Arjun | xERC20 Arch (@arjunbhuptani) 24 July 2023
The new token standard was originally put forward as Ethereum Improvement Proposal (EIP) 7281 on July 7th. It was co-written by Arjun Bhupatani, founder of Connext. At the time, Bhupatani said that it would help mitigate damage from bridge hacks by acting on the principle that “token issuers are the ones who recover when the bridge is hacked.”
Instead of each bridge issuing its own version of the token on each network, the new standard will allow bridges to create “official” or “canonical” versions of each token. However, they can only do so with the permission of the token issuer, and this permission will be enforced through smart contracts. The proposal states that token issuers will also be able to limit the number of coins that can be minted by a particular bridge.
Under EIP-7281, Bridges can still create their own versions of the token, but such derivative coins will not be considered “canonical” versions. As a result, consumers would eventually reject unofficial versions of the coins. In Bhupatani’s view, this would lead to a safer DeFi space as it would place the responsibility of avoiding bridge hacks on the shoulders of each token issuer, which would help protect end users from harm.
To become an official part of the Ethereum ecosystem, EIPs must be approved by EIP editors, a process that can take months. The July 24 announcement states that the standard will now be implemented in Connext and Alchemyx ahead of its official approval, allowing end users to rely on it immediately.
Connected: Cronje Says Multichain Bridge Hack Was a “Huge Blow” to the Phantom Ecosystem
In the announcement, Connext said that the token standard will be “forward compatible” with the official version, should it eventually be approved by the EIP editors. Bhupatani argued that the new implementation would prevent bridges with poor security or excessive centralization from being taken seriously, adding:
“this approach […] Encourages open competition and innovation as token issuers now have the flexibility [to] Progressively update your preferences for supported bridges over time. Instead of prioritizing monopolizing liquidity, or trying to corner market share by locking-in token issuers (or in some cases the entire chain), Bridges are now forced to pay constant attention to their security and quality of service, lest they be delisted.
The issue of bridge security has become a hot topic in the crypto community. These concerns escalated on July 7, when over $100 million was mysteriously withdrawn from the Multichain Bridging Protocol. The Multichain team at first only described the withdrawal as “unusual,” but later clarified that an unknown person had accessed the CEO’s cloud storage system to withdraw funds without users’ consent.