Why did zkSync "outsource" the official cross-chain bridge to the unknown tech company TxFusion?

Written by: Haotian

According to the ZK Credo declaration, @zksync has recently completed the decentralization of the Ecosystem Portal, Block Explorer, and the official Cross-Bridge, making these core components open source and provided by third-party technology providers. However, it is puzzling that the "official cross-chain bridge," which involves significant asset deposit and withdrawal channels, has been entrusted to the relatively unknown @TxFusion_io. Why? How should we interpret this?

Generally speaking, auxiliary products like ecosystem data analysis services and browsers are usually provided by community builders. For example, mainstream public chain projects like Ethereum have Etherscan, which comes from community builders. Therefore, it is understandable that zkSync has entrusted ecosystem DApp data analysis, ranking, and browser presentation to well-known third-party technical teams like Dappradar and l2scan.

This creates a win-win situation where Matter Labs can focus on technical development and advancing the ZK Stack technology architecture, including components like shared Sequencer and shared zkPorter. This is beneficial for both the community and the team.

Many teams in the blockchain community provide data analysis services, such as Dune Analytics, 0xScope, and Nansen. Their biggest pain point is the business model. A to C charging model is hard to cover high operating costs, and for B to B services, most project parties are used to doing it themselves and are unwilling to hand it over, making it difficult for many data service companies to survive. If a large number of project parties follow zkSync's example, it could bring new life to these technical service companies, but I won't elaborate further here.

However, it is surprising that zkSync has entrusted such a critical technical component related to layer2 asset security, the "official cross-chain bridge," to a brand new startup—TxFusion. I have looked up a lot of information and couldn't find out who TxFusion really is, but I did find several interesting points:

1. TxFusion's first blog post was published on February 21 of this year, without disclosing investors, and the team is also quite vague, but the opening article mentions a collaboration with zkSync, suggesting it was seemingly created specifically for zkSync.

2. TxFusion's founder, Ines Isliami, has had data-related work experience in blockchain-related companies like Blockchain Collective, HyperGrowth, and Shard Labs since 2020, but the duration of this experience is not long.

3. In a video interview, TxFusion's founder Ines Isliam has a similar accent to zkSync's founder Alex, suggesting they might both be Russian.

This is all the information I have, so I find it puzzling why zkSync would hand the cross-chain bridge over to TxFusion. However, as a long-time follower of zkSync's dynamics, I personally understand the motivation behind it and would like to share briefly:

The core is that zkSync fundamentally does not want to acknowledge the existence of an "official cross-chain bridge."

On one hand, any cross-chain bridge is a lifeline for L2 security. Simply put, any asset circulating on L2 is a wrapped form of mapped assets. Any asset circulating on L2 is limited in circulation until the "hacker" withdraws the asset back to the main chain, whether due to a hacker attack or a rug pull.

The Rollup mainnet contract can completely block the flow of suspicious L2 assets back to the mainnet through updates, thereby controlling unexpected situations. Currently, mainstream layer2s have preset Security Councils, and the main responsibility of the multi-signature committee behind them is to decide whether to upgrade the contract to control suspicious assets in times of crisis. However, the upgradeable feature reserved in the Rollup contract has been criticized for centralization and has not been openly discussed. Alex mentioned in an interview that even if the multi-signature committee has the authority, it can only pause assets, while the decision regarding assets is left to the DAO community.

But this explanation can only be taken with a grain of salt because once layer2 suffers a massive asset attack, such as a contract being artificially inflated by several trillion assets, it seems feasible to buy out Layer2's assets and conduct DAO governance voting.

On the other hand, Alex published an article discussing the use of a Supreme Court-like governance mechanism to manage layer2, but that proposal would ultimately touch on the possibility of a hard fork of the mainnet. Impossible; current layer2s cannot have the authority to decide whether to fork the mainnet, and this can only remain in the realm of speculation.

It is evident that Alex has been anxious about the contradiction between security and decentralization for a long time. If the term "official cross-chain bridge" is revoked, it would lead to more assets being distributed across various third-party cross-chain bridges, which would correspondingly weaken the centralization issue of Rollup governance contract management authority.

This layout sounds reasonable, but it is merely a stopgap measure. After all, even third-party cross-chain bridges will have centralization risks as long as liquidity control reaches a certain scale. How TxFusion will operate the cross-chain bridge remains to be seen, and I hope the official team will disclose relevant technical details. For example, if TxFusion's Portal and Bridge encounter similar security crises in the future, how will zkSync respond? This question currently has no answer, and we will have to wait and see.