Skip to content

Permissionless versus Trustless

In web3, many protocols are permissionless in some form or another. It can refer to being able to interact with the contracts directly, without requiring some form of authorization. Ethereum transfers are permissionless for example, as you do not need to be whitelisted to create a wallet and transfer coins. USDC is permissioned, but by default, anyone is allowed to transfer USDC. Wallets can be blacklisted and frozen by Circle, so the contracts are permissioned, and trusted by Circle with full admin rights. CCTP is built on the same principles, open by default, but fully trusted and permissioned.

Bridging Protocols

For infrastructure such as bridges, most have the same characteristics as USDC; a small authority has control of bridged tokens and bridging transfers and can censor bridging transactions. It’s thus trusted and permissioned. This means that the infrastructure provider can censor transactions, withhold funds, and print unbacked assets.

You can easily verify if a bridge can be censored by looking at the token contract. If the deposit/send function only emits an event, it is trusted and censorable:

Most infrastructure providers require permission to deploy on a new chain or rollup, you need to work with them to get contracts deployed and services operational; as well as that you are subject to being shut down at any moment. This is often the case for trusted protocols because the bridging provider takes a centralized role of authority.

Permissionless but Trusted

An odd one out in the bunch is Hyperlane, which is permissionless but trusted. In their model, teams/parties run the centralized party themselves but are allowed to use Hyperlane contracts, relayers, and services. In this case, there is less risk of being shut down, but there are significant limitations:

  • Not all assets are transferable across all networks.
  • The bridge is still susceptible to attacks.

As of 18-01-2024, only multisig and Wormhole security modules are supported by Hyperlane.

IBC and Union

Union provides both permissionless deployments and connections, while also being fully trustless. This means we

  • Cannot censor transactions.
  • Do not rely on Unionlabs (or any other party) as a centralized entity.
  • Allow for any asset to be transferable.

For app chains and rollups; there is no compromise anymore. IBC grants fast, cheap, and secure infrastructure.