The Connext cross-bridging protocol has he announced a new token standard to reduce losses from bridge hacking. According to a July 24 announcement, the new “xERC-20” standard allows token issuers to maintain a list of official bridges and control how many tokens each can mint.
In addition to Connext, decentralized finance (DeFi) platform Alchemix Finance will implement xERC-20 tokens, according to the announcement.
Join Alchemix
Connext today announces support for the xERC20 standard, enabling projects to securely bring their tokens to each chain.
As our flagship user, we collaborated @AlchemixFi bring $alUSD, $alETHand $ALCX on @arbitrum and @optimismusFND. https://t.co/S2tBLpuuqe
— Arjun | xERC20 arc (@arjunbhuptani) July 24, 2023
The new token standard was originally listed July 7 as Ethereum Improvement Proposal (EIP) 7281. It was co-authored by Connext founder Arjun Bhuptani. At the time, Bhuptani said it would help minimize losses from bridge hacks by following the principle that “token issuers are the ones who get rekt when bridges are hacked.”
Instead of each bridge issuing its own version of the token on each network, the new standard would allow bridges to mint “official” or “canonical” versions of each token. However, they can only do so with the permission of the token issuer, and this permission would be enforced through smart contracts. Token issuers could also limit the number of coins a particular bridge could mint, the proposal said.
Under EIP-7281, bridges could still mint their own versions of tokens, but such derivative coins would not be considered “canonical” versions. As a result, consumers end up rejecting unofficial versions of the coins. According to Bhuptani, this would lead to a more secure DeFi space as it would place the responsibility of avoiding bridge hacks squarely on the shoulders of each token issuer, helping to prevent end-user losses.
In order for EIP to become an official part of the Ethereum ecosystem, it must be approved by the EIP editors, which can take months. The July 24 announcement stated that the standard will now be implemented in Connext and Alchemix prior to its official approval, allowing end users to rely on it immediately.
Related: The multichain bridge hack was a “big blow” to the Fantom ecosystem, Cronje says
In the announcement, Connext said that the token standard would be “forward compatible” with the official version, should it be eventually approved by the EIP editors. Bhuptani argued that the new implementation would prevent bridges with poor security or excessive centralization from being taken seriously, stating:
“This approach […] encourages open competition and innovation as token issuers now have flexibility [to] they update their preferences for supported bridges in detail over time. Instead of prioritizing building a monopoly on liquidity or trying to get a corner of the market by locking up token issuers (or in some cases entire chains), bridges are now forced to constantly focus on their security and quality of service to avoid being taken down.”
The issue of bridge security has become a hot topic in the crypto community. Those concerns were heightened on July 7, when more than $100 million was mysteriously withdrawn from the Multichain bridge protocol. At first, the Multichain team only called the withdrawals “abnormal”, but later clarified that an unknown individual had accessed the CEO’s cloud storage to withdraw funds without user consent.