Why Interchain Security Requires a Redefinition of 'Honest Majority'

Rollups and app-specific chains fragment security budgets, creating hundreds of small, vulnerable validator sets. An attack on a $50M TVL chain can cost less than $1M in bribes, making honest majority assumptions economically naive.

• Fragmented Capital: Security scales with a chain's value, not its importance.
• Coordination Failure: No mechanism for chains to pool security against systemic threats.

Protocols like UniswapX and CowSwap route intents across chains, creating lucrative cross-domain MEV. This incentivizes validator collusion to extract value, corrupting the 'honest' assumption. A bribing attacker can profit by manipulating a bridge finality on a smaller chain.

• Profit > Penalty: Bribe revenue can far exceed slashing risks.
• Asymmetric Warfare: Attack a weak link to exploit the entire interchain system.

Bridges like LayerZero and Axelar secure $10B+ in locked value with far less in underlying chain security. This creates a massive leverage point: compromising a smaller chain's consensus can lead to theft of assets representing orders of magnitude more value.

• Concentrated Risk: Bridge TVL often dwarfs the security budget of connected chains.
• Systemic Contagion: A single chain failure can trigger multi-chain insolvency.

The Cosmos Hub's Interchain Security (ICS) redefines 'honest majority' as a single, high-value validator set rented by consumer chains. It trades decentralization for instant security bootstrapping.

• Key Benefit: Consumer chains inherit the Hub's $2B+ staked security from day one.
• Key Trade-off: Creates a monolithic security dependency; a Hub slash event cascades across all consumer chains.

EigenLayer abstracts 'honest majority' into cryptoeconomic security pooled from Ethereum. It allows ETH stakers to opt-in to secure additional services like EigenDA or Omni Network.

• Key Benefit: Unlocks $15B+ in idle staked ETH capital to secure the broader ecosystem.
• Key Risk: Introduces systemic slashing risk and liquidity fragmentation, creating a web of correlated failures.

Polkadot's shared security model binds parachains to the Relay Chain's validator set via a lease period. 'Honest majority' is enforced by a randomly assigned, rotating subset of validators per parachain.

• Key Benefit: Provides strong, pooled security with ~2s block times and XCM for native cross-chain messaging.
• Key Limitation: Security is a scarce, auction-based resource, creating high capital barriers for new parachains.

Light client bridges like IBC or Near's Rainbow Bridge rely on a redefined 'honest majority' of relayers to submit fraud proofs. The security model splits between the chains.

• Key Benefit: Trust-minimized and mathematically verifiable state transitions.
• Key Trade-off: Liveness depends on at least one honest relayer; safety depends on the security of both underlying chains.

Multichain protocols like LayerZero and Axelar use decentralized oracle/relayer networks with independent staking. Their 'honest majority' is a probabilistic game across separate economic pools.

• Key Benefit: Flexible connectivity to any chain without protocol-level integrations.
• Key Risk: Security is siloed to the middleware layer; a $200M stake securing $50B+ in cross-chain value creates a weak economic safety ratio.

Avalanche subnets define their own 'honest majority' with custom validator sets and virtual machines. The Primary Network provides a base layer of security and interoperability.

• Key Benefit: Maximum sovereignty and flexibility for subnet architects.
• Key Trade-off: Security is not shared; each subnet must bootstrap its own validator set, leading to fragmentation and weaker individual security budgets.

In a PoS system with 100+ validators, an attacker needs to corrupt just one-third + 1 to halt the chain, not 51%. In an interchain context, this cost is often dramatically lower than the value secured across bridges like LayerZero or Wormhole.\n- Attack Cost: Often <$1B for chains securing $10B+ in TVL.\n- Cross-Chain Amplification: A single chain compromise can drain liquidity from a dozen connected ecosystems.

Shared security models like EigenLayer create a tightly coupled risk matrix. A slashable event on a minor consumer chain (e.g., a Cosmos appchain) can trigger mass unbonding and penalties across the entire Ethereum validator set.\n- Systemic Risk: Failure in a $100M appchain can threaten the security of the $80B+ Ethereum staking pool.\n- Cascading Liquidations: Correlated slashing can trigger a death spiral in LST/DeFi markets.

Fast, intent-based bridges (UniswapX, Across) and omnichain apps rely on off-chain actors (Solvers, Relayers) for liveness. This creates a security fissure: economic safety depends on one set of actors (validators), while liveness depends on another.\n- MEV-Boost Flash Crashes: A malicious proposer can front-run a cross-chain settlement bundle, creating $100M+ arbitrage opportunities at user expense.\n- Relayer Cartels: A >51% stake is not needed to censor or extract value from cross-chain flows.

Security must be defined per application intent, not per chain. This requires moving from monolithic validator security to modular, verifiable security predicates.\n- Intent-Based Guarantees: Protocols like Chainlink CCIP and Succinct are pioneering proofs that verify specific state transitions, not just consensus.\n- Dynamic Slashing: Penalties must be proportional to the cross-domain value at risk, not a fixed native token amount.