Orion Bridge Deep Dive

What is Orion Bridge?

Orion Bridge is the first peer-to-peer atomic swap bridge: enabling users to trade native assets across different blockchains without limits, delays, refused orders, blocked funds, or exploits.

Cross-chain bridges exist in market, but not without their faults - namely fees, vulnerabilities, delays, exploits, and more. And while bridges exist as separate entities, no bridges have been integrated into trading platforms for true cross-chain trading. Until now. 

Orion Bridge will be integrated into Orion Terminal, enabling true cross-chain and cross-exchange liquidity aggregation for the first time: the first step in marketwide interoperability. 

As a result, users can trade popular ERC20 assets, with the low fees and high speed of Binance Smart Chain. Other chains will be integrated to reduce fees further, while increasing speed, asset availability, and more.

Key technology underpinning Orion Bridge

Atomic Swap.

Atomic swaps are automatic exchange contracts that allow two parties to trade tokens from two different blockchains. While a well-known concept in the community, they are implemented in a small number of projects. Until now. Atomic swaps enable immediate exchange of two assets on different blockchains, without wrapped assets or delays.

Atomic swap is an operation that involves two assets, each of which has its own native blockchain and the technical ability to create secure exchange operations between network users without resorting to the services of a trusted third party and without trusting each other. For example, if BTC and ETH have support for atomic swaps, then users can safely exchange ETH for BTC. The operation is called atomic, because it implies that the whole procedure cannot stop halfway, transferring only part of the coins, it either occurs completely and both parties receive the expected coins, or it does not occur at all and both parties retain ownership of their assets.

The atomic swap mechanism of Orion Bridge is based on HTLC (Hash-Time Locked Contract). This contract can be conditionally translated as such: If time has passed less than T, then transfer N coins to address A, provided that a secret is provided, the hash of which is H. If time has passed more than T, and during this time the secret has not been provided, then transfer (return) the money to address B.

In other words, the output of a transaction, given as HTLC, can only be spent by the receiver (broker) if the sender (user) tells them the secret, and only within a certain time fixed in the transaction (for example, 24 hours). If this does not happen within the specified period of time, then the user will be able to send the transaction for withdrawal. The one who creates this contract comes up with a secret, but does not reveal it, and in the contract itself, only addresses A, B, hash H of the secret, and the period of time during which the contract can be “opened” using the secret are indicated. As such, neither party can cheat at any stage of the transaction.

Peer-to-Peer.

Peer-to-peer technology enables true decentralization: the direct exchange of an asset between individual parties without the involvement of a central authority. In a digital peer-to-peer network, each user is an equivalent owner of and contributor to the network. This requires the use of encryption to enable two parties to safely conduct a transaction without the need for a trusted third party. With transactions recorded on every peer's network, it is extremely difficult—even "computationally impractical"—to overwrite or falsify ledgers in a cryptocurrency exchange.

In a P2P network such as Orion Bridge, each peer may be referred to as a node, and the collective work of these nodes is what maintains the Bridge. Therefore, the structure of a P2P network is sustained by its users. There is no central server or host, and thus the decentralized framework of Orion Bridge makes it highly resistant to cyber attacks - as well as more scalable. The more users join Orion Broker Network, the more resilient and scalable the bridge becomes. Bigger P2P networks achieve high levels of security because there is no single point of failure.

Unlike other bridges dependent on centralized entities and validators, users of Orion Bridge swap with only one counterparty - Orion Brokers. This eliminates the risk of 51% attacks and other vulnerabilities seen across leading bridges.

Broker Network.

Delegated Proof of Broker (DPoB) is Orion’s governance model, built on a network of brokers and stakers, fulfilling every function on the protocol, with ORN token at its core. Orion's Broker Network underpins the entire ecosystem, and Orion Bridge is no different. Orion Brokers are always online via Orion Broker Software, so users never need to 'seek' a counterparty for exchange. These brokers (including KuCoin, AscendEX, and more) enable immediate cross-chain trading of assets, without limits, delays, refused orders, or blocked funds.

Brokers never get access to traders’ accounts or funds as the terminal is governed by smart contracts to enforce secure conditions of the token exchange. When a trader signs an order, it’s a commitment to exchange assets at the specific terms included in the order - these parameters are signed in the order message and cannot be changed by any parties. Only if the order is filled by a selected broker will the transfer of assets occur atomically within the smart contract: the trader gives the sold asset in exchange for the bought asset. The exact amounts of exchanged assets are strongly enforced by the conditions specified in the order and cannot be altered by the broker.

How does Orion Bridge work?

Orion Bridge enables seamless cross-chain trading of native assets across different blockchains without limits, delays, refused orders, blocked funds, or exploits. As seamless as the experience is for users, there's a lot that occurs in the back end to make this possible. Let's learn more.

1. User commits funds in the source network

The transfer process begins with the user submitting a cross-bridge swap, creating a LockOrder in the initial source network. Before committing, User receives information from the aggregator in the target network about the maximum available transfer size, in order to understand whether such a transfer is possible. As a result, there are no transaction delays or blocked funds, as the LockOrder will not be created unless the requirements are met.

The call commits the User’s funds until the expiration time. The method takes information about the transfer as a parameter. Users can only commit their own funds, so the sender address in LockOrder must match the address of the sender. 

2. Creating an atomic swap (cross-chain transfer)

In the case of a successful lock, AtomicLocked event is created and initiates the atomic swap (cross-chain transfer) process through the aggregator. Orion adds an endpoint that accepts the hash of the lock (secretHash) and information about the network in which User committed their funds.

3. Broker selection algorithm

To select a broker, Orion uses an algorithm similar to that used when choosing a broker for suborder processing.

1. The broker must have enough funds to process the transfer, taking into account the fact that Orion does not use all the broker's funds for transfers, but only a part (configurable by default < half)
2. If there are several brokers that satisfy the first condition, Orion will choose one according to the rule:

• Daily statistics on the number of transfers for each registered broker (broker_transfer_count)
• Number of transfers of all registered brokers per day (total_transfers_count)
• Broker’s total stake (broker_stake)
• Sum of the stakes of all brokers (stake_sum)
• Priority of each broker by the formula priority = (broker_stake/stake_sum) - (broker_orders_count/total_orders_count)
• Choose a broker with the highest (maximum) priority

4. Aggregator Validation

If a Broker is found, the Aggregator sends them a LockOrder. The Broker responds with a redemption order, or a denial of service. The aggregator must make a request to the OB source network to verify that User has indeed made a LockOrder, so as not to hold the broker's funds unnecessarily. The expiration time is validated so the broker has time to withdraw funds.

The aggregator must make sure that a redeem order has not yet been received for this LockOrder and responds to the user with an error in this case. The aggregator also checks that the LockOrder has not already been actioned by a previous broker (in this case, an already existing redeem order is returned).

5. Funds claimed by Broker

If a RedeemOrder is successfully received from the Broker, then the aggregator checks it for compliance with the LockOrder, commits the broker's funds, and gives the user a response containing information about the RedeemOrder. The broker must contact the OB in the target network and request a signature that will allow the funds committed by the User in the source network to be obtained by calling the claimAtomicSwapcontract method.

6. Withdrawal of broker's reserves

The aggregator reserves the broker's funds. The aggregator can withdraw the broker's reserves only after the redemption order has been executed or after the funds have been redeemed by User. The aggregator is notified with a ReadMe through a channel in which information about brokers is transmitted. A new field is added to the existing message SecretHashes with a list of secret hashes for this broker's RedeemOrders that have been redeemed and that have not yet been sent to the aggregator. When the aggregator responds with a 200 code to this notification, the OB stops sending the SecretHashes that were accepted by the aggregator.

7. User redeems funds

User can receive their funds by presenting a RedeemOrder (received from the broker) and their secret (used to create the lock). The funds will be withdrawn to User’s account, the secret will be published, and an AtomicRedeemed event will be created.

8. Broker redeems funds

When User published the secret, the broker can get this secret from the blockchain and use it to withdraw their funds in the source network. To do this, they call the method claim AtomicSwap, passing Orion Protocol's signature (matcherSignature).

In case of expiration of LockOrder:

If it was not possible to deposit funds in the target network before a certain LockOrder expiration time, User can return the funds by calling the method refundAtomicSwap with with the secret hash of their lock order. If successful, a AtomicRefunded event is generated. If the lock-order has already expired, the User can withdraw their funds even if they have lost their secret. To do this, refundAtomicSwap is called - the contract method with the secret hash parameter.

How does Orion Bridge compare to other Bridges?

Integration

While the increase in bridges coming to market is a positive step forward for interoperability within the space, until these bridges are integrated into trading platforms we will not see true cross-chain trading. Orion Bridge has been integrated into Orion Terminal’s back end, and will enable true cross-chain, cross-exchange liquidity aggregation, for the first time. Meanwhile, this enables near zero-fee trading of popular ERC20 assets. Users can trade a growing number of ERC20 assets, with the benefits of the high speed and low network fees of Binance Smart Chain. Orion Bridge is the first and only bridge to be integrated into a trading platform.

Security

Peer-to-peer technology enables true decentralization: the direct exchange of an asset between individual parties without the involvement of a central authority. Unlike other bridges dependent on centralized entities and validators, Orion Bridge users swap with only one counterparty - our brokers. This eliminates the risk of 51% attacks and other vulnerabilities seen across leading bridges. You don't lose ownership of your assets until you receive the corresponding pegged token on your chosen chain.

Other bridges like Multichain (Anyswap), Optimism, and Polygon are reliant on layers of validators and therefore prone to exploits (as seen this week). This reliance on validators means the bridges are not truly decentralized, or secure. Optimism relies on a single sequencer by the Optimism team and validators, while running the risk of incorrect transactions and subsequent loss of deposit and penalties. Polygon security is provided by PoS validators, and is therefore at risk of vulnerabilities. Meanwhile, Multichain (Anyswap) relies on 33 nodes to validate, sign and propagate cross-chain transactions, among which part of the private key is shared. In bridge mode, you receive a wrapped token on the target chain minted by a smart contract. For native tokens, Multichain requires liquidity pools or custodial bridges.

Time / Delays

While a well-known concept in the community, atomic swaps are implemented in a small number of projects, until now. Via our proprietary peer-to-peer atomic swap technology, Orion Bridge enables immediate settlement for Withdrawing and Depositing - tokens become available for trading right after the user transaction is mined. 

Bridges like Multichain (Anyswap) on the other hand have an average settlement time of 10-30 minutes (and up to 12 hours for larger transactions), while withdrawals on Polygon can take up to 3 hours, and up to one week on Optimism. 

Fees

Orion Bridge charges no bridge fee on top of network fees. Meanwhile, there are just two low-cost transactions for depositing/withdrawing, making it one of the most cost-effective solutions in market. On Orion Terminal, these fees are only for bridging itself - either depositing or withdrawing. Trading popular ERC20 assets will only incur negligible BSC network fees.

Bridges like Optimism require more than 500k gas and a large fee to claim. Polygon requires the value of 4x ERC20 transfers to deposit, and ~5x ERC20 transfers to withdraw. Meanwhile Multichain (Anyswap) charges 0.1% fee for withdrawal (minimum $80 - $200), on top of network fees.

Limits

Cross-chain trading on Orion Bridge is potentially limitless, with capacity limited only by the liquidity of Orion’s growing Broker Network (including Kucoin, AscendEX, Crypto.com, and more).

Binance Bridge, now decommissioned, had a limit up to $10,000 per transaction. Multichain (Anyswap has a limit up to $20m, but transactions Other bridges can vary from no limits, right up to large limits of $20m, but with limitations on transaction speeds for higher value transactions.