Building a Sustainable Token Bridge

Cross-Chain Interoperability Protocol (CCIP) by ChainLink
  1. Tokens to be sent are marked by the holder by interacting with the source chain.
  2. The server detects sent tokens and interacts with the target chain.
  3. The holder interacts with the target chain to receive their tokens.
Basic architecture for a cross-chain bridge using Moralis

Token Bridge First Implementation

In late January, Schnoodle Finance received the code from our partner B&R Group in Russia for a SNOOD token bridge between Ethereum and BNB Smart Chain (BSC). Since then, our intrepid lead developer Jason Payne has been refactoring this code to make it fit for purpose and to the Schnoodle coding standards which is a very high bar. The code they provided works as it is, but it is based on the premise that trust is placed on holders to complete their token transfer which is step 3 above where the holder pays a fee. In the order that the steps are above, the server has already incurred a gas cost in step 2. This could prove problematic if more holders have not completed their transfer than are able to be covered by the server in terms of gas costs. In fact, a bad actor could force this situation by triggering many transfers and not completing them.

Token Bridge Rearchitect

At this point, we began ideating the rearchitecting of the bridge. The exploit is easily resolvable by storing the fee in the target chain when the server interacts with it (step 2 above). Obviously, this must be an estimate because the gas used cannot be accurately determined until the transaction is mined. However, it can be estimated beforehand with a margin added for changes, and this set as the gas limit. The user must then pay this fee (step 3), or the function to receive their tokens reverts.

  1. Tokens to be sent are marked by the holder by interacting with the source chain.
  2. The holder interacts with the target chain to pay the fee advised by the server. The fee amount paid is stored in the contract.
  3. The server interacts with the target chain to release the tokens to the holder ensuring the fee stored in step 4 from the previous bridge is at least the amount advised in step 2.
  4. The server stores the gas fee that was paid — for its interaction with the target chain — less the fee that was paid in step 2.
Schnoodle’s Fully Autonomous Bridge (FAB) Architecture

Trust is Shifted

Trust is now shifted. There is now a requirement to trust the server to complete step 4, instead of entrusting the treasury and the sustainability of the bridge to a growing number of unknown holders in the anonymous world of cryptocurrency. Of course, the first time the server fails to complete step 4 in a timely manner or at all will be visible in the blockchain, so this can only happen once and to only one user in theory. The question is, is this the state of parity between the trusted and the trustless that the community is comfortable with?



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Schnoodle ĐAO

Schnoodle ĐAO


Designed and expertly coded from the ground up, Schnoodle bridges key concepts that define the crypto space, including DeFi, DAO, meme, NFTs, and yield farming.