Wrap Protocol's Quorum centralized approach needs to be addressed
The Tezos Wrap Protocol uses a federated quorum of signers (i.e. an n out of m multisignature approach) as the consensus model for cross chain bridging of Ethereum tokens. This is an inherently centralized approach for ensuring that the signers will release Ethereum tokens and mint Tezos tokens correctly. A minimal amount of collusion is required in order to compromise this protocol and may cause harm to any users that use the bridge.
In particular, the impact would be significant in the event that significant value is bridged, resulting in a loss of all user funds by theft from the quorum. At least n out of the full m quorum members would need to collude, however, this is highly feasible as only n out of m key holders need to make a choice to behave arbitrarily. An existing mechanism is in place to collect fees as a quorum member. The Wrap Protocol Whitepaper states that this mechanism, along with the addition of a bonded stake, will incentivise the quorum to behave. The amount of fees collected would need to be larger than the Total Value Locked (TVL). There is no code to place a stake or bond on the quorum in the current implementation.
#Tezos upgrades seamlessly every 3 months because of its modular code base and on-chain governance. An upcoming proposal after 'Granada' will boost Tezos TPS to 1000 by the end of the year. Let's vote...