22 Oct 2021 · 6 min read

Composable Finance Wants to Address Blockchain Interoperability Issues, Smart Contract Vulnerabilities

Disclaimer: The Industry Talk section features insights by crypto industry players and is not a part of the editorial content of Cryptonews.com.

Blockchain or distributed ledger technology (DLT) has advanced rapidly during the past few years. These developments have been accelerated with the launch of Ethereum (ETH) in mid-2015, which introduced a Turing Complete smart contract platform for building and deploying decentralized applications (dApps).

The Ethereum blockchain itself and various other competing and supporting decentralized protocols have undergone significant refinements, especially following the historic crypto bull market of 2017 - which brought a wave of new investors and talented professionals to the digital assets and DLT space. As expected, there’s no silver bullet and there are definitely critical challenges in this nascent space that must be addressed before we can expect to move forward in a meaningful manner.

Interoperability Solutions are Not Adequately Secure

For instance, there’s been a sharp focus, especially since 2018, on bridging multiple chains in order to support blockchain interoperability. This is essential due to many reasons, but primarily because investors and traders are looking to exchange data and assets between different networks to complete complex cryptocurrency transactions. However, these interoperability solutions are far from perfect and continue to experience damaging hacks and security breaches.

For example, Thorchain, a widely-used DeFi protocol, was compromised on several occasions (earlier this year). The hacks led to millions of dollars in losses. The hacker who was allegedly responsible for the exploits actually provided detailed messages on what measures must be taken to ensure protection of users’ assets.

Notably, the Thorchain protocol saw around 4,000 Ether stolen during one attack. Thorchain, which provides an automated market maker (AMM) and a decentralized exchange (DEX), has become known for offering liquidity pools (LPs) with substantial total value locked (TVL) in its contracts.

During one of the attacks against Thorchain, the hacker exploited an ETH Router contract in order to target the vulnerable Bifrost component, leading to over $8 million in losses. The hacker even acknowledged that the vulnerability had been known before and could have been prevented with properly written source-code.

When writing apps in Solidity, which is Ethereum’s smart contract programming language, software architects have outlined the appropriate coding methods (best practices) in order to transfer assets. But these guidelines had apparently been ignored by the development team, which led to a serious issue with the protocol’s RUNE token contracts.

In another damaging exploit, involving the Polychain network, a clever hacker managed to steal approximately $600 million in cryptocurrency via the Poly Network. Although the malicious actors returned the funds, the Poly Network team admitted that they have a lot of work to do in order to adequately secure their platform.

According to Brainjar (an anonymous character), Head of Product at Composable Finance, a hyper liquidity infrastructure layer for DeFi assets being powered by Layer-2 Ethereum and Polkadot, the reason for these issues stem from the fact that they're depending heavily on centralized infrastructures that make them a lot more vulnerable.

There could be a number of potential solutions where cross-chain interoperability can become considerably safer for end-users. Composable Finance claims that they can solve these problems by adding a robust layer of security. This, as they focus on building on the Relay chain which is currently backed by billions of dollars in funds from DOT and KSM.

Composable Finance is described as a parachain project which is preparing to head into a Kusama crowdloan auction this coming Saturday (which, of course, they're hoping and planning to win). For the record, Composable operates under the project name of Picasso on Kusama

As explained by the Composable Finance team, the crypto ecosystem has sought sharded blockchains for greater scalability. ETH 2.0, the updated version of Etheruem will be sharded, Polkadot will be sharded, and NEAR will also be sharded. 

But even though the vision of ETH 2.0 is on its way to becoming a reality, applications are being sharded, instead of blockchains or DLT networks being sharced. Sushiswap, for instance, is deployed on Ethereum Virtual Machine or EVM chains, Layer 2s such as rollups, Polkadot chains, and the expansion of these apps to other ecosystems is quite likely. 

Developing a Secure Communication Cross-Ecosystem

Composable Finance is working on a cross-chain, cross-layer liquidity layer for sharded apps.

The team will be using a parachain to serve as a finality layer. It will connect L2s to the Polkadot/Kusama ecosystem, and Inter-Blockchain Communication protocol (IBC) to the Polkadot/Kusama ecosystem. The goal is to further expand this to include various other ecosystems, like Algorand and Solana. 

Composable’s aim is to develop a protocol that enables a secure communication cross-ecosystem. The architecture is a Polkadot parachain that acts as a finality layer to support Polkadot to IBC cross-chain communication and asset transfer. It will also support Layer-2 communication and transfer via the parachain. Additionally, there’s a privacy layer that makes these interactions fully private.

Composable further explained that software architects can use a development kit to leverage this infrastructure, which is meant to support secure communication and provide access to liquidity. 

The main result is the ability to carry out actions that are cross-chain and also to look at the blockchain ecosystem as a network of “agnostic” liquidity and available yield. 

With the Composable software development kit (SDK), the team wants to start educating users about the secure cross-layer/cross-chain arbitrage opportunities. The team has also built several products on top of their parachain. 

Must Provide Reliable Finality Layer, Maintain Privacy

As noted by Composable Finance, the growth of the blockchain sector has led to serious issues surrounding interoperability. The team explains that there are several solutions relying on off-chain infrastructure, and there’s currently no reliable finality layer. The security of these types of solutions doesn’t support the required amount of transaction volume we would want the cross-chain DeFi ecosystem to support. Many so-called interoperability solutions also eliminate the privacy that a particular chain would have provided. 

The Composable team points out that many projects in DeFi are working hard to address the current limitations of interoperability by establishing bridges. Composable differentiates its offering by focusing on establishing adequate liquidity. 

Liquidity concerns aren’t a recent problem in DeFi. But they have been addressed by automated market makers (AMMs) built into DeFi exchanges such as UniSwap. The launch of cross-layer and cross-chain applications is now making liquidity a more serious issue, with many layer 2 apps and chains to balance liquidity, and not the right infrastructure to do so. 

Liquidity for cross-layer transfers is a concern that the testing laboratory, Composable Labs, is focused on solving. Head of Product, 0xBrainJar, Composable Labs has created a Liquidity Simulation Environment (LSE) to explore the opportunity and the appropriate means of cross-layer liquidity provisioning (LPing).

In addition to providing these solutions, the Composable team explains that existing interoperability solutions are vulnerable because the core of what they do is centralized, whereas Composable/Picasso is utilizing Parachains which, the team claims, are truly decentralized and backed by billions of dollars in DOT and KSM.

Many industry participants don't understand the severity of these weaknesses and Composable might be able to help the industry resolve these issues.