SUAVE Bridge

Request for Comments: Bridge Designs for SUAVE :bridge_at_night:

:sunny: SUAVE :sunny: is a platform for building MEV applications such as OFAs, block builders, and intent executors in a decentralized and private way. SUAVE does not replace other blockchains: it is intended to aggregate and coordinate things that ultimately change the state of other chains. Because of this relationship, the bridge from SUAVE to Ethereum, and other chains in the future, plays a crucial role in the network’s architecture.

In the current implementation of the SUAVE client we use a centralized and highly trusted bridge. This was chosen to enable rapid prototyping and is not intended for mainnet usage. We’re seeking input on not only ideas that satisfy these loose requirements below, but also expertise in how to refine these requirements and think about the trade-off space:

  • Security: Not all assets need to be bridge to SUAVE, but of those that do we want to ensure highest level of security and understand the trade-off space.
  • Decentralization: Removing a single point of trust reduces the attack surface.
  • Chain Scalability: SUAVE is planning to expand to many chains so it’s important to have a solution that works with as many chains as possible, or at least does so with less effort than an entirely custom bridge per chain.
  • User Experience: Although this is more of an app-specific concern, the bridge would ideally work easily with cross-chain intent executors.

Risk categories from the Uniswap Foundation Bridge Assessment Committee Results - Framework and Evaluations:

  • Protocol Architecture Risk: Encompasses the risks stemming from the design of a protocol, including its primary validation mechanism and other architecturally significant components that impact the fundamental security properties, assumptions, and trust model associated with the protocol.
  • Protocol Implementation Risk: Includes the risks associated with the implementation of a protocol’s specification. Building cross-chain protocols involves creating complex on-chain and off-chain components while accounting for the peculiarities and pitfalls of different programming languages, frameworks, and execution environments.
  • Protocol Operational Risk: Refers to the various risks that arise from the operational security and management of different components, often by different actors with different trust assumptions and incentives. This could include upgrading and managing bridge smart contracts, as well as operating off-chain systems such as external validator nodes.
  • Network Risks:

Another thing to keep in mind which affects a bridge architecture is that it is still an open question whether SAUVE is an L1 or L2, this post SUAVE Economic Security Models dives into relevant considerations of this choice.

:sunny:Your insights and suggestions are invaluable to us. We are looking for diverse opinions and creative ideas to help shape the future of SUAVE.:sunny:

:heart::zap::robot:

6 Likes

I think a robust light client and an agreed upon method to address L1 forks is potentially much more important than bridge to move assets.

If Suave is a bulletin board and the TXs eventually end up on Ethereum (L1), do you really need to move assets?

Have you thought about the case where an intent-app doesn’t require a bridge and one solver invalidates the others’ solutions by submitting a ‘fake’ intent from a sybil account and front-running the solutions by moving their funds ?

This looks like an active problem CowSwap is facing based on this thread.

I think it points to a broader class of intent-apps where bridging is necessary ( roughly when u(winning solution) > front run costs )

could you get mempool data from devp2p to ensure the attacker is not trying to front-run? RETH is supposed to be super fast

Mempool monitoring is not nearly robust enough. Only block builders themselves can provide these kinds of guarantees. If they’re rational (in the short term at least) and the cancel tx was paying them, the solution would have to outbid the cancel.

Flashbots x Axelar - SUAVE Bridge Proposal

Hi everyone, I’m representing the Axelar Foundation. We recommend that SUAVE leverages Axelar network’s decentralized infrastructure for cross-chain use-cases.

Situation

In the current implementation of the SUAVE client, Flashbots uses a centralized bridge. Flashbots seeks input and expertise in bridge designs that optimize security, decentralization, chain scalability, and user experience.

Proposed Solution

Replace the existing centralized bridge with Axelar network’s decentralized, proof-of-stake solution to transfer assets for gas and MEV applications.

Security

Security of cross-chain systems has requirements similar to those of blockchain consensus protocols, namely safety and liveness.

  • Safety: It must be extremely hard for an attacker to steal funds.
  • Liveness: Transactions will always go through within some timeframe.
  • Decentralization: This is not necessarily a separate requirement but rather a means towards satisfying the properties of safety and liveness.

Axelar network security is powered by a combination of:

  • Proof-of-stake decentralized design at the core.
  • Novel quadratic voting mechanism increases the decentralization of the network.
  • Validator security policies, such as mandatory key rotations.
  • Network functions that enable mitigation of malicious interconnected chains [suspend traffic from them].
  • Contract limits that specify how much can be transferred over a time period.
  • Docs
  • Rigorous audits & bug bounties.
  • Code

Uniswap Foundation announced in June of 2023 that Axelar network & Wormhole are approved to support the next phase of its development for cross-chain governance. The foundation has used a group of nine experts to analyze six of the leading crypto bridge providers. After a comprehensive review involving code evaluation and direct interaction with the bridge teams, the committee approved Axelar network & Wormhole for Uniswap’s specific use case of protocol governance. Other bridges, including LayerZero, Celer, DeBridge, and Multichain, did not meet the committee’s criteria.

“The analysis of Axelar concluded that it conditionally satisfies the requirements of the Uniswap DAO’s cross-chain governance use case, as outlined in the Assessment Framework. Axelar employs a proof-of-stake mechanism with sound cryptoeconomic guarantees to secure the protocol. Various aspects of the design of the protocol appear to be well-considered. The size of the validator set and the thresholds for ensuring safety and liveness are sufficient. Its technology stack is built to high standards, and the team maintains good development practices, with strong attention to detail and high activity levels for ongoing improvements. A source of concern for the Committee is a 4-of-8 multisig that governs key aspects of the protocol. Axelar has communicated its plans to move away from reliance on this multisig in Q2 2023 and the committee has weighed in on that process. The Committee recommends that the Uniswap DAO adopt Axelar, conditional on a successful transition away from this multisig. Additionally, the Committee recommends ongoing monitoring of updates to identify areas for improvement in the protocol.” Read more here.
Since then, Axelar network has upgraded to fully decentralized governance. Details of the new Axelar Gateway Governance can be found here. Changes to protocol parameters, including upgrades, now require a quorum of validators to take effect. Axelar network uses the same trust assumptions as message passing for protocol governance changes.

Decentralization

Axelar network is a full-stack decentralized transport layer governed by permissionless PoS consensus. Axelar network is the only “open stack” on the market. All of its components can be upgraded and improved by the community. It provides universal composability of programs with any-to-any cross-chain capability. Users access consolidated pools of liquidity. Developers do not need to speak any custom language; they do not need to make any changes to their chains or UIs.

The Axelar network has three critical components across two functional layers.

  • The first is the network itself, composed of validators responsible for maintaining the network and executing transactions. The validators run the cross-chain gateway protocol, a multi-party cryptography overlay on top of a Layer 1 blockchain. They are responsible for performing read-and-write operations to gateway accounts deployed on connected external chains, voting, and attesting to events on those chains.
  • The second are the gateways, effectively smart contracts that connect the Axelar network and its interconnected external chains. Validators monitor gateways for incoming transactions, which the validators READ. They then come to a consensus on the validity of that transaction, and once agreed, they WRITE to the destination chain’s gateway to execute the cross-chain transaction. The funds are sent to a generated address on the source chain and are locked, and a corresponding asset is minted on the destination chain. The validators and gateways compose the core infrastructure layer.
  • Sitting on top of the validators and gateways are the APIs that enable developers to access the tools and infrastructure enabled by those validators and gateways. This is the application-development layer that applications will interact with to go cross-chain. The underlying core infrastructure layer is used to pass customizable, generalized messages across chains. These APIs are how developers can easily lock, unlock, and transfer assets between any two addresses on any two blockchain platforms, execute cross-chain application triggers, and, more generally, handle any cross-chain requests.

Chain Scalability

Presently, Axelar network connects 54 chains, the highest coverage of all available interoperability solutions.

Axelar network’s coverage and scalability of chains is set to grow exponentially with the launch of Axelar Virtual Machine. The Axelar Virtual Machine is a programmable interoperability layer that automates complex multi-chain deployment and management. The Axelar VM helps developers to span the whole of Web3, as if they were building on a single chain. It is powered by Cosmwasm and turns interoperability into a programmable layer.

The Interchain Amplifier enables developers to permissionlessly set up connections to the Axelar network. Developers gain access to Axelar network’s interconnected network of chains and can “amplify” their resources by paying the cost equivalent to developing only one connection. They can establish connections between new ecosystems or existing chains to add new network properties, such as improved security or better delivery and availability.

For example, once Ethereum develops robust light-clients & ZK proofs for its state, a developer can easily integrate them into the Axelar network to replace or enhance an existing connection.

Developers can also leverage independent connectivity paths to enhance security at the application layer. In a blog introducing multi-path routing, it is described how, for lower-value transfers, an application can choose to accept messages authorized by any of the available connections. For higher-value transfers, the application can require messages to travel multiple independent paths, before approval. This architecture, combined with forward-compatible dApp deployments, enables developers to build scalable interchain technologies while adapting to future improvements in the cross-chain networking layer.

User Experience

Most cross-chain user experiences are complex and painful. 1-click user experiences are necessary to onboard billions of users. Unlike alternative solutions on the market, Axelar network is programmable: it’s a blockchain that connects blockchains, providing an innovative contract platform that supports superior UX:

  • Tools like Interchain Token Service allow dApps and tokens to function on multiple chains in the same way as they function on their native chains.
  • Tools like Axelar Gas Service automate burdensome user tasks like converting into multiple gas tokens to execute a cross-chain transaction.

Cross-chain Intents are live on the Axelar network: Squid, a liquidity router, has used intents on Axelar network to execute cross-chain swaps in seconds. Axelar network can easily work with new cross-chain intent executors. Intents create fluidity between off-chain and on-chain worlds by allowing third parties to fulfill users’ desired actions efficiently. Intents improve interop UX by settling actions almost instantly and then safely finalizing them later.

On the Axelar network, intents have been seamlessly operational. They are exceptionally efficient for transactions that tie value to a specific token, enabling swift order fulfillment. They can also be expanded to more generic messages as long as developers can define their intent structures meticulously. If the value of an intent can be quantified, then solvers can price the risk of it failing to finalize. The risk to the solver of executing a solution to a complex set of user intents between many chains could be aggregated into a single fee, allowing them to execute simultaneously but finalize separately. A small fee to the solver is vastly offset by the improvement in usability and efficiency for the user. We like the work that Essential is currently doing with the concept of “Intent Standards."

One notable Axelar ecosystem application, Squid, has successfully employed intents on Axelar network by integrating with the GMP Express interface. The result? Instant cross-chain communication.

Squid is a cross-chain liquidity router built using Axelar GMP. The dApp finds liquidity in DEXs on connected chains so users can initiate swaps with a single click. The user experience (UX) mimics what users expect when transacting between different chains’ tokens on centralized exchanges – except the entire transaction runs on decentralized infrastructure.

However, there is one aspect in which Squid cannot duplicate a centralized order book using exclusively on-chain infrastructure: as discussed above, finality on connected chains can take 10 to 15 minutes. Instead of making the user wait, risking slippage, Squid employs intents in a fast-finality gadget called Boost. Squid Boost completes the action described hypothetically above in real transactions. It serves a user’s intent to swap X for Y between chains A and B. Boost completes the intent on B, then recoups funds when the transaction finalizes, absorbing bridge risk and delay. Here’s an example transaction.

Conclusion

Axelar network’s architecture meets Flashbots’ requirements on Security, Decentralization, Chain Scalability, and User Experience. We believe Axelar network’s cross-chain infrastructure presents the right solution for SUAVE Bridge.

2 Likes

CronFi Streaming Bridge

Hey all, pbj from CronFi, and I wanted to add our new streaming bridge design to the mix here. Our bridge is designed to be simple, secure, 100% on-chain, permissionless, and decentralized. There are a lot more details and in-depth design animations on our GitHub: GitHub - Cron-Finance/fast-bridge

We leveraged the best of AMMs (TWAMMs, concentrated liquidity, transparent execution), and removed the worst bridging risks (honey pots, infinite mint, centralization, delays, etc).

Protocol Security

We have made thoughtful decisions on the design trade-offs given our customer base and underlying algorithm (CL + TWAMM) used to move assets across chains.

Common MEV attacks are mitigated because the trade happens for deep liquidity tokens over a long time horizon. Also, because we don’t have a bridging token, infinite mint, double spend, malicious multi-sig, etc are not a concern either.

We have internal mitigations such as queuing transactions 2 epochs for settlement guarantees on large transactions and/or active validation via EigenLayer for guaranteeing near-instantaneous settlement of smaller transactions.

Decentralization

Current bridging solutions force users to make tradeoffs between centralized vs. decentralized, permissioned vs. permissionless, and off-chain vs. on-chain. Our design provides a step-change improvement in performance and ease of use without compromising the ethos of DeFi, similar to what Uniswap did for decentralized exchanges.

CronFi Bridge Uniswap DEX
Assets OP_USDC ↔ ARB_USDC USDC ↔ WETH
Connector Cross-chain Liquidity Pool Liquidity Pool
Action Bridge Swap
Optimization Minimize slippage to bridge Minimize slippage to swap

We don’t have a separate blockchain, dependencies on relayers, bridging tokens, or multi-sigs. Every aspect of the design is on-chain from initiation to execution to settlement.

Scalability

See below for Protocol Implementation Risk as well

The design is extensible to any EVM or even non-EVM chain and here are the things that need to be there for this to work:

  • LPs with liquidity on the 2 chains being bridged to setup their positions
  • A messaging interface we can use (Socket, Hyperlane, etc) to relay the messages

With Hyperlane we can do simpler validation with their ISM, so won’t need EigenLayer or anything heavy for relatively new L2s.

Since the design has 2 inter-dependent AMMs, the primary (math + state) AMM can be deployed on Suave or EVM chain, and the secondary (simple proxy) AMM would be on the L2 of choice.

User Experience

This is where our fully on-chain design shines. Since everything is on-chain, the whole bridging process is transparent. We don’t rely on off-chain pricing and execution to save gas costs, but instead leverage the benefits of TWAMMs (virtual orders) and arbitrage (transparent price execution).

Non-Atomic Trades (Whales, MM, protocols)

- Lower risk than bridging all assets in 1 swap, TWAMM executes over multiple blocks
- Full control to pause, cancel, withdraw, and transparent execution -- no black boxes
- Transfer in size with minimal slippage, time delays, gas, or MEV extraction

Liquidity Provider

- Use native assets (USDC), not 3rd party wrapped illiquid tokens (ex. hopUSDC, USDC_L0, etc)
- Low TVL needed for execution, so less risk and a higher share of swap fees
- Dynamic & differential fees to meet demand surges

Atomic Trades (Arbitrageur/Retail)

- No need to source arbitrary tokens to correct pool prices
- Easy to arbitrage, simply back-run long-term trade for profit by going in the opposite direction
- PFoF fee structure for dedicated parties

Risks

Liquidity Risk

The architecture leverages a combination of TWAMMs for large/unopinionated trades and AMMs for small/opinionated trades. We also have two types of capital in our design as liquidity at rest which is sourced by liquidity providers and liquidity in flight which is sourced by arbitrageurs.

Long Term vs Short Term

Most large trades will go through the long-term (non-atomic) interface thus giving the LPs and arbitrageurs time to react accordingly. There will be a cap on the amount that can be swapped via the short-term (atomic) interface for LP safety.

Liquidity at Rest

LP TVL is minimal and acts as the “grease” to start the trades. As shown in our simulations, this amounts to $10M on each chain — a reasonable upper bound to move $100s of millions in volume.

  • Concentrated Liquidity: other than amplifying liquidity, CL provides another safety in the case of an attack. If a malicious trader tries to move a large amount quickly, it will push the trade out of the “active tick zone” and the trade pauses thus giving LPs and arbitrageurs time to react.

Liquidity at Flight

Arbitrageurs are the party sourcing the majority of the capital in our system and also the more sophisticated actors. For our simulation, we arbitraged the trade immediately. However, arbitrageurs can take longer to be sure the long-term trader is not malicious and their trade has settled.

“The relayer can assume all finality risk and fill the “user intent” on the destination chain as soon as they are confident the user’s deposit transaction is valid.” Hart Lambur, UMA on X

As the above quote expresses, relayer (arbitrageur in our case) takes the risk of filling (back-run) a user’s order. We expect more risk-averse arbitrageurs to be slower to fill at the start of the order. This would either pause the trade when it pushes the trade out of the active tick zone or allow a risk-seeking arbitrageur to back-run sooner.

Finality & Re-org risks (See Network Risk)

Since our design depends on the liveness of potentially three chains (source: X, destination: Y, and settlement: ETH), lacks a normalizing account of transfer (bridging token), and can be used to transport large sums cross-chain, we have to take additional precautions against the loss of funds via re-org or finality risks.

We can simply add a delay (L1 Finality or arbitrary) before trade execution and thus ensure transactions/funds are settled before interacting with the protocol. Long-term traders are time-insensitive as TWAMMs are non-atomic and designed to move funds over time, so unaffected. Arbitrageurs can get around this issue by pre-loading their funds before the trade and have it ready for immediate execution. We also provide a Trusted Party for dedicated arbitrageurs to bypass the delay and immediately execute their transactions.

EigenLayer: Economic Security

Building mitigations in protocol has the drawback of adding latency, complexity, gas costs, and centralization amongst other issues. Solving this issue via economic and/or ZK would allow for near-instantaneous settlement of atomic transactions and lower price impact for non-atomic transactions.

EigenLayer’s Active Validation Service (AVS) gives us the most flexibility and control in the design space i.e. L2 support, latency, economic security, validator size, or slashing criteria. LPs can choose between max short-term trade cap size to 1/2 of the liquidity pool size in economic security to give them the economic security for taking on the risk of near-instant execution of bridging value. Additionally, tools like Hyperlane’s ISM (interchain security model) have built-in support to leverage EigenLayer AVS for validating cross-chain messages.

Operational Risks

Arbitrageurs and liquidity providers are required for optimal performance as in any AMM. Beyond that, validators are optional if EigenLayer active validation is needed. Other than those 3 parties, there are no other dependencies for optimal performance of the protocol.

1 Like

Jon, Hyperlane co-founder here. Wanted to add some additional color that would be relevant for Cron’s proposal. Using Hyperlane means they will be able to ensure Suave can connect with any new chain or L2, as they themselves, the Hyperlane core team, the Flashbots team, or really anyone in the world, can add Hyperlane to a new network.

Beyond that flexibility the security of the bridge can evolve over time thanks to Hyperlane’s modular security architecture. As economic security is added via the AVS and other means, as new state proof modules are added, those can be leveraged to secure the bridge, with minimal disruption to users and the chain itself.