Hacks in the decentralized finance (DeFi) space have become so rampant that they are expected at this point. However, with billions of dollars passing through the industry, it has become imperative to ensure the safety of users through adequate security measures.
Bitcoinist caught up with Erez Ben-Kiki, CEO and Founder of DeFi cross-chain bridge, ChainPort, where he shares thoughts on the current DeFi climate and how ChainPort is ensuring the safety of user funds on its platform.
Bitcoinist: Hello Erez, let’s start by just giving us a brief background of your journey so far in crypto and DeFi
Erez Ben-Kiki: After graduating with a BA in economics, I worked for ten years in the financial sector as an analyst and Nostro manager, and trader. Later I transferred to digital advertising and founded a marketing agency. After falling deep into the crypto rabbit hole, I founded 2key, a project that later became DecentraLab.
Bitcoinist: So how did ChainPort come out of all of this?
Erez Ben-Kiki: Decentralab became a development house that builds various projects and products in the Web3 space. ChainPort is one of Dcentralab’s most prominent products, as well as Hord, TokensFarm, 2Key, and more coming soon.
TokensFarm is a leading Farm-As-A-Service provider; TokensFarm offers fully customized, deployable Vesting, LP, or staking farms that can be live within hours.
Hord is an innovative DeFi protocol that offers tokenized ETFs. Hord includes Viking DAO, Champion’s Pools, and more. Viking DAO is an investment platform where backers can support pools of up to 20 projects and receive a tradable pool token in return. Champions pools allow users to create or follow crypto trading strategies.
2key was the first project that brought Dcentralab together. 2Key offers multi-step link tracking and smart contracts over HTTP protocols via the noble 2key protocol.
ChainPort was born out of necessity. Interoperability is needed to connect different blockchains and facilitate communication and transfer of value between them. While interoperability and bridges are needed, it became evident that security is the “Achilles heel” for most bridges.
The issue is that bridges, like exchanges, are high-stakes platforms that hold enormous amounts of value and can be vulnerable to bugs in their underlying code. Ethereum’s Vitalik Buterin mentioned the security risks of bridges on Reddit several months ago. Since then, hundreds of millions of dollars have been stolen in various bridge exploits and hacks.
We spent time trying to solve the security issue that many bridges have, and from this problem came ChainPort, the world’s first ultra-secure custodial bridge.
More than $55 billion are currently locked in DeFi protocols : Source: DefiLlama
Bitcoinist: ChainPort is a cross-chain bridge. Can you tell me how it’s different from other cross-chain bridges?
Erez Ben-Kiki: ChainPort is a cutting-edge cross-chain bridge that offers complete interoperability and custodian-level protection. ChainPort provides a level of security architecture that has never been seen before, reliably transferring tokens between blockchains with only a single click.ChainPort is the only custodial bridge in the world of blockchain. We store 95% of the funds in cold storage wallets provided by leading industry security experts, including FireBlocks MPC and Gnosis-safe multi-sig, to ensure the security of funds.
Users can port tokens in a permissionless manner with ChainPort, and human approval is not required. ChainPort is also a high-speed bridge; tokens can be ported in as fast as 2.5 minutes across chains. Users can also port tokens across multiple blockchains without the need to revert to the original token for each port.
Now, a lot of hacks have happened in DeFi, a good chunk of them being on cross-chain bridges. What are the most common risks with these kinds of DeFi protocols?
When it comes to risks regarding DeFi and specifically bridges, the most significant risk is smart contract risk.
In many recent bridge exploits, the core of the failure was “implicit checksums.” Implicit checksums mean the code relies on an implicit assumption that functions will be called or parameters will be used in a certain way.
Chainport has various checksums and monitoring tools in place to prevent failures. For example, we have a monitoring tool in place that constantly checks that the balance of assets across all our supported chains remains 1:1. Any deviation results in an immediate bridge freeze and can trigger potential rollbacks or manual intervention.
We also ensure all deposited funds are kept safe in cutting-edge multi-signature MPC wallets. So even in a worst-case scenario, funds have multiple layers of protection.
Bitcoinist: So what is ChainPort doing to make sure something like this never happens?
Erez Ben-Kiki: ChainPort brings a unique security architecture, funds segregation being the main one. Only up to 5% of the assets will be in the hot bridge contract, with the remaining 95% + being on rebalancing and treasury vaults. All our custodian wallets are secured by multiple security layers, including Fireblocks MPC and Gnosis multi-sig wallets, the main ones.
On top, ChainPort’s team rigorously tests all code and smart contracts, and they undergo multiple independent audits by blockchain security leaders. ChainPort passed numerous audits by both Certik & Cyber Unit. We’re also in the final stages of an audit with Trail of Bits, one of the top 3 auditors in the world.
We could fairly say that ChainPort today is the safest bridge in the crypto space.
Total DeFi market cap at $45.7 billion | Source: Crypto Total DeFi Market Cap on TradingView.com
Bitcoinist: Where does DeFi security go from here, do you think? Are DeFi protocols learning from these hacks to prevent future hacks?
Erez Ben-Kiki: Security is a constant game of cat and mouse. Learning as much as possible from every hack is necessary in the world of DeFi. Protocols need to emphasize security as much as possible.
It is almost impossible to be fully protected at all times, as hackers always outnumber you and your team. They will try day and night to hack and steal assets deposited in your product or protocol.
That’s why we took the custodial approach, which allows all parties to rest assured that even if it’s unlikely to happen, the funds are off-chain and fully protected.
These days, we introduce an even safer, more secure premium version of ChainPort, the ChainPort Private Custodian. The service combines ChainPort’s best features with added features and an enhanced custodial security model. The custodial security model shares the multi-sig keys with the project porting tokens and an external lawyer in a ⅗ multi-sig model.
Sharing multi-sig keys across three parties eliminate any single party’s access to the tokens and takes segregation one step forward. Distributing control makes the bridge even more secure and adds an extra layer of safety for tokens. Additional features include setting supported chains, a set path for ports, and setting the minimum or maximum amount of tokens you want to allow users to port are also part of that service.
Bitcoinist: To close, where do you see DeFi in the next five years? More interoperability or less?
Erez Ben-Kiki: Despite the recent market downturn, consumer interest in DeFi and cryptocurrency is still solid. According to Google Trends, the search volume for popular cryptocurrencies is much higher than in 2020. DeFi as an aspect of crypto will continue to grow, with even more novel protocols and chains being developed. As such, interoperability will be necessary, and bridges will be required to facilitate the transfer of information and value. Crypto adoption is most probably here to stay and thrive. Interoperability will be a significant part of the next cycle of growth.
At ChainPort, we’re constantly adding support for more tokens and blockchains to guarantee more interoperability. Just recently, we’ve added support for Fantom and Dogechain. Support for Cardano, Arbitrum, Milkomeda, Solana, and many other chains is also coming soon to ChainPort. With bridges like ChainPort, it is safe to say that we will see much greater interoperability in the next few years.
Featured image from Coingape, chart from TradingView.com
Follow Best Owie on Twitter for market insights, updates, and the occasional funny tweet…