Recent years have witnessed significant advancements in cross-chain technology. However, the field faces two pressing challenges when it comes to security and privacy. Hacks on cross-chain bridges have led to monetary losses of around 3 billion USD, highlighting flaws in security models governing interoperability mechanisms (IMs) and the ineffectiveness of incident response frameworks. Additionally, the exploration of privacy within cross-chain scenarios remains relatively unexplored. Hackers benefit from extensive privacy, whereas users and bridge operators experience restricted privacy, thereby broadening the potential attack surface for adversaries.In this paper, we present the most comprehensive study to date on the security and privacy of blockchain interoperability. Our study employs a rigorous systematic literature review, yielding a corpus of 178 relevant documents, including 58 academic papers and 120 gray literature documents, out of a pool of 531. We systematically categorize 56 interoperability solutions based on a newly created taxonomy focusing on security and privacy considerations. Our dataset, comprising academic research, disclosures from bug bounty programs, and audit reports, exposes 45 cross-chain vulnerabilities, 25 theoretical attacks, and 88 mitigation strategies. Leveraging this data, we analyze 14 notable bridge hacks accounting for over USD 2.9 billion in losses, mapping them to the identified vulnerabilities.Our findings reveal that a substantial portion (65.8\%) of stolen funds originates from projects secured by permissioned intermediary networks with unsecured cryptographic key operations. Regarding privacy, we demonstrate that achieving unlinkability in cross-chain transactions is contingent on the underlying ledgers providing some form of confidentiality.In conclusion, our study offers critical insights into the challenges and vulnerabilities within the realm of cross-chain interoperability. We pinpoint promising directions for future research that can guide both industry practitioners and academics toward substantial advancements in this field. Our work underscores the urgency of enhancing security and privacy measures in cross-chain technology to mitigate the substantial financial risks associated with bridge hacks and to foster user trust in the blockchain ecosystem.

Blockchain interoperability conflates the need for distributed systems to communicate with third- party systems without the existence of a canonical chain or orchestration layer. As there is not “a chain to rule them all” (due to reasons such as performance, privacy, and market forces), these distributed systems rely on exchanging data and value across network boundaries. Interconnected systems achieve a higher value than the sum of their parts, similar to how the Internet emerged as a set of isolated Local Area Networks (LANs) - and, by force of surprising synergies, such networks fundamentally transformed society, forever. Concurrently, in the last decade, we have witnessed the astonishing development of blockchain technologies, which seem more connected than ever: via bridges [13, 15, 16, 31], oracles [45], and other interoperability mechanisms [4, 9, 17, 48, 89]. These recent developments have, slowly but steadily, contributed to the improvement of the scalability of blockchain networks, as well as providing new functionality and use cases [66], but there is still a long way to go until mass adoption. In this paper, we will dive into the rabbit hole of blockchain interoperability and explain why it is needed, what has been done in the last decade, and where it is going.

Blockchain aggregators play an instrumental role in the evolution of blockchain technology, serving as pivotal enablers of interoperability, efficiency, and user accessibility in an increasingly decentralized digital world. However, the literature on this emerging technology is scarce and is not systematized, making it harder for practitioners and researchers to understand the field. In this paper, we systematize bridge aggregators, a type of blockchain aggregators. We present an exhaustive analysis of a diverse array of token and message aggregators, each distinguished by its unique architecture. Our research delves into critical aspects of these aggregators, encompassing their functionality, security measures, pricing models, and latency. This research aims to provide readers, users, and developers with insightful and actionable information, facilitating informed navigation through the complex landscape of blockchain aggregators. We explore our findings and compare them with our intuitive expectations. We show that there is a value in centralizing token aggregators. Message aggregators are found to be more powerful but less efficient in transaction cost and latency. Finally, we propose a set of future research directions for practitioners.

Decentralized ledger technology (DLT) is becoming ubiquitous in today’s society. However, organizations need to connect their existing systems and processes to blockchains (centralized, decentralized) securely and reliably, sometimes also implying that they need to connect blockchains (decentralized, decentralized). This challenge is known as blockchain interoperability. We put the case forward that academia and industry must propose evaluation frameworks for blockchain interoperability solutions that address the three interoperability modes. Those are data transfers, asset transfers, and asset exchanges. In this position paper, we illustrate the remaining challenges of interoperability, focusing on the systematic evaluation of interoperability mechanisms based on the state of the art and our own experience. Our evaluation is a systematic online survey of 17 items targeting blockchain specialists. Our quantitative analysis shows that several interesting metrics can show promising directions for systematically evaluating integration solutions.

The field of blockchain interoperability plays a pivotal role in blockchain adoption. Despite these advances, a notorious problem persists: the high number and success rate of attacks on blockchain bridges. We propose Harmonia, a framework for building robust, secure, efficient, and decentralized cross-chain applications. A main component of Harmonia is DendrETH, a decentralized and efficient zero-knowledge proof-based light client. DendrETH mitigates security problems by lowering the attack surface by relying on the properties of zero-knowledge proofs. The DendrETH instance of this paper is an improvement of Ethereum’s light client sync protocol that fixes critical security flaws. This light client protocol is implemented as a smart contract, allowing blockchains to read the state of the source blockchain in a trust-minimized way. Harmonia and DendrETH support several cross-chain use cases, such as secure cross-blockchain bridges (asset transfers) and smart contract migrations (data transfers), without a trusted operator. We implemented Harmonia in 9K lines of code. Our implementation is compatible with the Ethereum Virtual Machine (EVM) based chains and some non-EVM chains. Our experimental evaluation shows that Harmonia can generate light client updates with reasonable latency, costs (a dozen to a few thousand US dollars per year), and minimal storage requirements (around 4.5 MB per year). We also carried out experiments to evaluate the security of DendrETH. We provide an open-source implementation and reproducible environment for researchers and practitioners to replicate our results.

With the growing interest in blockchain technology, researchers and developers in different industries are shifting their attention to creating interoperability mechanisms. Existing mechanisms usually encompass asset exchanges, asset transfers, and general data transfers. However, most of the solutions based on these mechanisms only work for two permissionless blockchains falling short in use cases requiring more complex business relationships. Also, contrary to existing legacy systems, there is little standardization for cross-chain communication. Here we present MP-SATP, a resilient multi-party asset transfer protocol built on top of the Secure Asset Transfer Protocol (SATP). Furthermore, we enhance SATP’s crash recovery mechanism that directly influences the reliability and performance of our solution. Using MP-SATP, we show how to perform N-to-N resilient asset transfers in permissioned environments by decoupling them into multiple 1-to-1 asset transfers. Our results demonstrate that the latency of the protocol is driven by the latency of the slowest 1-to-1 session; and how the usage of backup gateways avoid the overhead caused by rollbacks. Enterprise-grade environments such as supply-chain management systems can immediately leverage our solution to perform atomic multi-party asset transfers as shown by our use case.

Distributed ledger technology (DLT) provides decentralized and tamper-resistant data storage, replicated among mutually untrusting participants. With the advancement of this technology, different privacy-preserving blockchains have been proposed, such as Corda, Hyperledger Fabric, and Digital Asset’s Canton. These distributed ledgers only provide \emph{partial consistency}, which implies that participants can view the same ledger differently. A \emph{view} represents the states of a blockchain available to a particular stakeholder. The combination of views forms an integrated view that represents a consistent global state shared by all participants. This paper introduces BUNGEE  (Blockchain UNifier view GEnErator), the first DLT view generator, to allow capturing DLT snapshots, constructing views, and performing arbitrary operations on those, such as integrating views. Creating and integrating views allows interesting applications, such as stakeholder-centric snapshots for audits, cross-chain analysis, blockchain migration, and data analytics.

Ecosystems of multiple blockchains are now a reality. Multi-chain applications and protocols are perceived as necessary to enable scalability, privacy, and composability. Despite being a promising emerging area, we have been witnessing devastating attacks on cross-chain bridges that have caused billions of dollars in losses, and no apparent solution seems to emerge from the ongoing chaos. In this paper, we present our contribution to minimizing bridge attacks, by monitoring a cross-chain model. In particular, we aggregate cross-chain events into cross-chain transactions, and verify if they follow a set of cross-chain rules, which then generate a model. We propose Hephaestus, the first cross-chain model generator that captures the operational complexity of cross-chain applications. Hephaestus can generate cross-chain models from local transactions in different ledgers, realizing arbitrary cross-chain use cases and allowing operators to monitor their applications. Monitoring helps identify outliers and malicious behavior, which can enable programmatically stopping attacks (“a circuit breaker”), including bridge hacks. We conduct a detailed evaluation of our system, where we implement a cross-chain bridge use case. Our experimental results show that Hephaestus can process 600 cross-chain transactions in less than 5.5 seconds in an environment with two blockchains using sublinear storage, paving the way for more resilient bridge designs.

The last few years have seen a steep increase in blockchain interoperability research. Most solutions connect public blockchains; hence, the main cross-chain use case is token transfer. By-design platform transparency, tamper-resistance, and auditability make blockchains an infrastructure candidate for Central Bank Digital Currencies (CBDCs), but bridging CBDCs is an important missing piece in general. In this paper, we leverage an asset transfer protocol, ODAP/SATP, to define an extendable and dependable blockchain interoperability middleware that can bridge CBDC from Hyperledger Fabric to EVM-based permissioned blockchains. The key interoperation enabler in the solution is a shared asset definition enforced by both sides of the bridge, accompanied by a mapping between Fabric Identities and Ethereum addresses for Identity management. We implement our design for the CBDC use case utilizing Hyperledger Cactus. Through a preliminary performance evaluation, we show that the underlying ledgers heavily influence the latency of the solution, not the bridging components.

Blockchains currently exist in silos, competing when they could be cooperating. Interoperability is essential to allow for communication between them and motivate mass adoption. In permissioned blockchains, interoperability is harder given their opaqueness. The solutions proposed so far to address interoperability require a trusted private third party, which may be insecure and is not ideal. We propose T-ODAP, a secure multi-layered protocol that enables a trustless solution for permissioned blockchain interoperability, eliminating the need for trust in the protocol’s participants. It provides a Decentralized View Storage, a connector that connects permissioned blockchains to the latter, and a trustless version of the ODAP protocol. T-ODAP models the participants as rational agents using game theory techniques and is implemented using \textit{Polkadot} and \textit{Hyperledger Cactus}. We tested the implemented solution, evaluated the system’s robustness in face of attacks, and concluded that the system is \textit{(k,t)-weak-robust}.

Entrepreneurs, enterprises, and governments are using distributed ledger technology (DLT) as a component of complex information systems, and therefore interoperability capabilities are required. Interoperating DLTs enables network effects, synergies and, similarly to the rise of the Internet, it unlocks the full potential of the technology. However, due to the novelty of the area, interoperability mechanisms (IM) are still not well understood, as interoperability is studied in silos. Consequently, choosing the proper IM for a use case is challenging. Our paper has three contributions: first, we systematically study the research area of DLT interoperability by dissecting and analyzing previous work. We study the logical separation of interoperability layers, how a DLT can connect to others (connection mode), the object of interoperation (interoperation mode), and propose a new categorization for IMs. Second, we propose the first interoperability assessment for DLTs that systematically evaluates the interoperability degree of an IM. This framework allows comparing the potentiality, compatibility, and performance among solutions. Finally, we propose two decision models to assist in choosing an IM, considering different requirements. The first decision model assists in choosing the infrastructure of an IM, while the second decision model assists in choosing its functionality.

The emergence of blockchain interoperability is reducing the risk of investing in blockchain by avoiding vendor lock-in, leveraging interoperation, and providing migration capabilities. However, to fully unlock the internet of blockchains, it is necessary to provide enterprise interoperability mechanisms that allow service providers to comply with different regulations, e.g., data privacy regulations. Each blockchain can be reached via a gateway, allowing to interconnect value, to provide different services, and to enable self-sovereignty. To realize this vision, we propose Hermes, a fault-tolerant middleware that connects blockchain networks and is based on the Open Digital Asset Protocol (ODAP). Hermes is crash fault-tolerant by allying a new protocol, ODAP-2PC, with a log storage API that can leverage blockchain to secure logs, providing them transparency, auditability, availability, and non-repudiation. We introduce a use case benefiting from Hermes, digital cross-jurisdiction promissory notes. We show that cross-chain transactions can be achieved securely with Hermes, given that gateways are complying with legal frameworks.