Cross-Chain Bridges

Why Blockchains Need Bridges

Blockchains are sovereign systems. Ethereum does not natively know what is happening on Solana, and Bitcoin cannot verify state on Polygon. Each chain maintains its own validator set, consensus rules, and state machine — making direct cross-chain asset transfers impossible at the protocol layer without external infrastructure. Cross-chain bridges fill this gap by acting as relay infrastructure: they observe events on one chain and trigger corresponding actions on another.

The need for bridges exploded with the DeFi multi-chain expansion of 2021–2022, when hundreds of billions of dollars of liquidity spread across Ethereum mainnet, Binance Smart Chain, Avalanche, Fantom, Arbitrum, Optimism, Polygon, Solana, and a long tail of Layer 1 and Layer 2 networks. Traders and liquidity providers needed to move capital across these chains to capture yield opportunities, participate in protocol launches, and arbitrage price discrepancies. Bridges became critical financial infrastructure — and consequently, high-value targets.

Lock-and-Mint vs Burn-and-Mint

The most common bridge architecture is lock-and-mint. When a user bridges 1 ETH from Ethereum to Arbitrum, the ETH is locked in a smart contract on Ethereum, and a "wrapped" representation (WETH on Arbitrum) is minted on the destination chain. The original ETH remains locked as collateral backing the wrapped asset. When the user bridges back, the wrapped asset is burned and the original ETH is unlocked.

This creates a critical security property: the security of every bridged asset depends entirely on the integrity of the lock contract on the source chain. If an attacker can drain the lock contract — by exploiting a smart contract bug, compromising the validator set, or forging withdrawal proofs — they can steal the locked collateral while leaving the wrapped assets on the destination chain worthless. This is precisely how the Ronin ($625M), Wormhole ($320M), and Nomad ($190M) exploits worked.

Burn-and-mint bridges avoid holding a central pool of locked assets by instead burning the native token on the source chain and minting a new equivalent on the destination chain. This requires the token to be natively multi-chain (issued on multiple chains simultaneously) and a trusted minter contract on each chain. Circle's Cross-Chain Transfer Protocol (CCTP) for USDC uses this model — USDC is burned on the source chain and natively minted on the destination chain by Circle's attestation service, eliminating the risk of a locked collateral pool being drained.

Canonical Bridges vs Third-Party Bridges

Canonical bridges are officially operated by the Layer 2 protocol itself — Arbitrum's canonical bridge, Optimism's Standard Bridge, and zkSync's native bridge are examples. They are considered the most trust-minimised option because their security derives from the same fraud proofs or validity proofs that secure the Layer 2 itself. The trade-off is speed: canonical bridges for optimistic rollups have a 7-day withdrawal delay corresponding to the fraud proof challenge window.

Third-party bridges such as Stargate, Across, Hop, and Synapse offer faster cross-chain transfers by using their own liquidity pools and validator/oracle networks, bypassing the 7-day delay. These bridges provide better UX but introduce additional trust assumptions: you are trusting the bridge's oracle network, validator set, or relayer infrastructure in addition to the underlying chains. Their security budgets are also much smaller than the underlying L1/L2 protocols, making them more vulnerable to economic attacks.

Message Passing and Generalised Bridges

First-generation bridges moved only tokens. The next evolution is generalised message passing — bridging arbitrary data and smart contract calls between chains. LayerZero, Axelar, Wormhole (post-hack, rebuilt with a new architecture), and Chainlink CCIP (Cross-Chain Interoperability Protocol) are leading generalised messaging protocols.

Generalised bridges enable cross-chain governance, omnichain tokens (tokens that can move freely between chains and maintain a single supply), cross-chain yield strategies, and multi-chain DAOs. LayerZero's omnichain fungible token (OFT) standard allows protocols to deploy a single token that exists natively on every supported chain without wrapped representations — a significant improvement over the lock-and-mint model for token issuers.

The Security Record: Why Bridges Are High-Risk

Bridge exploits represent some of the largest single theft events in crypto history. The attack surface of a cross-chain bridge is unusually wide: a bridge must be secure on both chains simultaneously, the validator or oracle network signing cross-chain messages must be secure, and the smart contracts on both ends must be bug-free. Any weakness in any of these layers can be catastrophic.

The Ronin Network bridge hack (March 2022, $625M) exploited the bridge's 5-of-9 multi-signature validator scheme — the attacker compromised five validator private keys (four through social engineering + one through a vulnerability in a Sky Mavis RPC node) and used them to forge withdrawal approvals. The hack went undetected for six days. The Wormhole hack (February 2022, $320M) exploited a bug in the signature verification logic of the Solana bridge contract, allowing the attacker to forge a guardian signature and mint 120,000 wETH without backing collateral. The Nomad bridge exploit (August 2022, $190M) was caused by a misconfiguration that allowed any message to pass as valid — the exploit was replicated by hundreds of opportunistic copycats within hours of the initial attack.

The cumulative amount stolen from bridges through 2025 exceeds $2.5 billion. For this reason, security-conscious DeFi users minimise bridge exposure, use canonical bridges where withdrawal speed permits, and never hold assets indefinitely in bridge contracts.

Using Bridges Safely

When bridging is necessary, prefer audited, battle-tested bridges with long operating histories and substantial bug bounty programs. Canonical bridges, despite their slower withdrawal times, offer the strongest security guarantees. For third-party bridges, check whether the bridge uses a decentralised validator network (harder to compromise than a centrally-operated relayer) and whether the bridge contract has been audited by multiple reputable firms.

Avoid bridging more than you need to hold on the destination chain at any given time. If you are moving capital for a DeFi opportunity, bridge the required amount, execute the strategy, and bridge back promptly rather than leaving assets parked in bridge-native wrapped tokens. Monitor bridge TVL — a bridge holding tens of millions in locked assets is a target; a bridge with a recent security audit and active monitoring infrastructure is meaningfully safer than one without.

Conclusion

Cross-chain bridges are indispensable infrastructure for the multi-chain DeFi ecosystem but represent one of the highest concentrations of risk in the entire crypto stack. Understanding the lock-and-mint architecture, the differences between canonical and third-party bridges, and the security history of major bridge exploits is essential context for any trader or investor moving assets across chains. The technology is maturing — ZK-based bridges using validity proofs rather than trusted validators represent a significant security improvement — but caution and minimised bridge exposure remain sound practices for 2026 and beyond.