Cross-chain bridges are used to facilitate token and data exchanges across
blockchains. Although bridges are becoming increasingly popular, they are still
in their infancy and have been attacked multiple times recently, causing
significant financial loss. Although there are numerous reports online
explaining each of the incidents on cross-chain bridges, they are scattered
over the Internet, and there is no work that analyzes the security landscape of
cross-chain bridges in a holistic manner. To fill the gap, in this paper, we
performed a systematic study of cross-chain bridge security issues. First, we
summarize the characteristics of existing cross-chain bridges, including their
usages, verification mechanisms, communication models, and three
categorizations. Based on these characteristics, we identify 12 potential
attack vectors that attackers may exploit. Next, we introduce a taxonomy that
categorizes cross-chain attacks in the past two years into 10 distinct types,
and then provide explanations for each vulnerability type, accompanied by
Solidity code examples. We also discuss existing and potential defenses, as
well as open questions and future research directions on cross-chain bridges.
We believe that this systematization can shed light on designing and
implementing cross-chain bridges with higher security and, more importantly,
facilitating future research on building a better cross-chain bridge ecosystem