Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I thought the whole point of Bitcoin and similar cyber coins is a decentralized system. But it appears it is not the case. Still the infra is controlled by certain large private corps. Some of them known to Public and some are not. What if this controlling entity which has access to the code commits purposefully did "exploit commit" and take the money out of the system or what not. All it took is couple of approvals to a pull request. This is centralized system to the core.


In this case it's the bridge that's fairly centralized. There wasn't any hard forks or other manipulation of the underlying blockchains (except for sending transactions on them).


Exactly. Vitalik Buterin even shared his concerns on the fundamental security limits of cross-chain bridges earlier this year:

> For example, suppose that you have 100 ETH on Ethereum, and Ethereum gets 51% attacked, so some transactions get censored and/or reverted. No matter what happens, you still have your 100 ETH. Even a 51% attacker cannot propose a block that takes away your ETH, because such a block would violate the protocol rules and so it would get rejected by the network

> Now, imaging what happens if you move 100 ETH onto a bridge on Solana to get 100 Solana-WETH, and then Ethereum gets 51% attacked. The attacker deposited a bunch of their own ETH into Solana-WETH and then reverted that transaction on the Ethereum side as soon as the Solana side confirmed it. The Solana-WETH contract is now no longer fully backed, and perhaps your 100 Solana-WETH is now only worth 60 ETH. Even if there's a perfect ZK-SNARK-based bridge that fully validates consensus, it's still vulnerable to theft through 51% attacks like this.

[1] https://twitter.com/vitalikbuterin/status/147950136619213209...


You just replied to him


Awesome!

PS: I should pay more attention to HN's usernames lol


and... that's why I love HN :)


As well, even with decentralization, I don't see how the bridge updates wouldn't eventually propagate. The core of this is a smart contract issue


> I thought the whole point of Bitcoin and similar cyber coins is a decentralized system. But it appears it is not the case.

It's the case in Bitcoin, but not as much in Ethereum and other ecosystems. The latter have a track record of compromising on that principle to bail out thefts enabled by shoddy engineering practices (this, The DAO, etc).


The point is to be a /permissionless/ network. That includes permission to build dapps that require KYC and are managed by centralized institutions.

It's very much like saying "I thought we had free speech in this country" when your post is being deleted from the New York Times comment section.


While I don’t mean to compare apples and oranges, I did get a chuckle remembering the message embedded in the genesis block:

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"


Crypto is not monolithic. Bitcoin is still by far the most decentralized token. Many new crypto currencies have more or less centralized characteristics.

But in this case, the bridge is a smart contract. You too can create a smart contract with full power given to yourself. So being a smart contract does not say that it’s centralized or decentralized. A decentralized smart contract is called DAO, if we omit some details.


The mistake may be to assume Solana is similar to Bitcoin.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: