1/ Are all bridges only as secure as the validator set of the chain without the native asset (or some intermediate hub)? My argument is just that there is no way around an effective multisig on the chain with the native asset (e.g. ETH) to register hard forks on the other L1.
2/ Doesn't matter what fancy tech you're using, IBC, ZK, Optimistic, whatever. Hard forks are fundamentally a social thing. So if this power must be reserved in perpetuity, aren't all bridges just as weak as a multisig of L1 validators?
3/ Assume a bridge is actually decentralized. Then does there always exist some amount of source chain TVL for which attacks on the "effective multisig" become economically viable? This is as opposed to native stablecoins where the issuer just chooses the fork they support.
4/ I'm not saying this is necessarily a problem and there's definitely value to outsourcing multisig opsec. I also think there's a strong argument the difficulty in attacking the multisig grows proportionally with TVL on the native chain.
5/ But I feel like I'm missing something obvious given all the effort that continues to be spent on fancy cross-chain tech. I've heard many implications that we can do better than a multisig without the actual reasoning. Thanks in advance for any insights!