Introduction to blockchain bridges

Typically, bridging occurs by depositing one asset with a custodian and receiving a “wrapped” version of that asset from the custodian on the second blockchain. The user must trust the custodian to both safekeep the original asset and release the wrapped asset. The difference explains who controls the tokens that are locked to create the bridged assets.

Risks of Blockchain Bridges

The breakthroughs and innovations that we uncover lead to new ways of thinking, new connections, and new industries. Everything you need to know about the past, present, and future of data security—from Equifax to Yahoo—and the problem with Social Security numbers. Porting a token via a cross-chain allows greater exposure for a DApp or DeFi protocol. Local verification is when the counterparties in a cross-chain interaction verify the state of one another. If both deem the other valid, the cross-chain transaction is executed, resulting in peer-to-peer cross-chain transactions.’s Meter Passport exploit on February 5, 2022

The ‘trust’ of a bridge refers to the reliance, or lack thereof, that a bridge has on an entity to maintain its functionality and security. While there are many bridge architectures, the lock-and-mint pattern is a common approach to bridge design and provides a tangible example for discussion — however the security risk discussed here should apply to any bridge. We’ll view security risk in the broader context of the entire technology stack because so many of thebridgehacks involved vulnerabilities at other layers in the stack. A user must additionally continue to trust that they will be able to bridge that asset back in the future on a 1-for-1 basis.

Blockchain network has its own native crypto, used to reward miners and to pay for things, including fees. A blockchain is a digitally distributed, decentralized, public ledger that exists across a network. Cross-chain bridge software can interact with any blockchain if the software is designed to be compatible. However, more complex blockchains may be at a higher risk of security incidents.

Not only are bridges a profitable target, but they also tend to have many weak spots. Cross-chain bridges aren’t as battle-tested as blockchains like Bitcoin . Bridge developers still haven’t perfected the code for linking two blockchains. If hackers have experience with blockchain coding, there’s a chance they can find vulnerabilities in a bridge’s smart contracts. Crypto bridges were originally intended to make sending tokens between blockchains seamless and safe. While bridges are essential for cross-chain communication, they’ve become a significant concern in Web3.

DAOs typically lack legal formation or recognition and decision-making authority is vested in all holders of the token native to the DAO , where the number of tokens a member possesses correlates to the number of votes that member has. Bidirectional Blockchain Bridges enable users to trade assets freely across blockchain networks. Generally, there are two main types of blockchain Bridges – trusted and trustless bridges. The existing blockchain protocols lack interoperability, which is critical for the entire web3 ecosystem to grow further. Lack of interoperability means two different blockchain protocols can’t communicate well with each other independently. This is the key reason why blockchain bridges are implemented and play a critical role in the blockchain ecosystem.

Risks of Blockchain Bridges

The oracle forwards the block header to the target chain, while the relayer forwards the transaction proof, which together attest that the message is valid and was indeed committed to the source chain that it came from. User applications are given the flexibility to use LayerZero’s default oracle and relayer or create and run their own. Transak is aiming to make it seamless for users who hold one token, say, ether, to play a game on the Solana blockchain without having to bridge tokens, doing the necessary conversions behind the scenes. The ultimate crypto bridge could be one that consumers don’t need to know they crossed.

You can transfer bitcoin to a polygon blockchain, but the other way around is impossible. With the rise of cutting-edge L1 and L2 scaling solutions, including specialised blockchain what is a blockchain bridge and how it works protocols, the demand for interoperability is steep. Blockchain bridges are built to fulfil user demand to transfer crypto asset holding across the blockchain ecosystem.


Crypto Incident Response, a rapid response retainer service for cryptocurrency businesses and large organizations that are high-risk targets for cyber attacks, to help streamline this process. Users to access new platforms and leverage the benefits of different chains. Dapps to access the strengths of various blockchains – thus enhancing their capabilities .

Furthermore, the Avalanche Bridge also supports ERC-721 and ERC-20 functionality, thereby supporting the transfer of NFTs and cryptocurrencies. The Avalanche team introduced an update for the bridge in June 2022 and included support for transferring assets between Bitcoin blockchain and Avalanche network. Users don’t have to trust any central authority with the responsibility for their assets.

Recent Bridges Stories

Instead, assets are deposited, locked, or burned on one chain; then credited, unlocked, or minted on the second chain. In short, the newly announced sanction by OFAC may create deep implications in the DeFi and bridge ecosystem. In the context of bridge infrastructure providers that can be categorized as centralized intermediaries, the analysis is more straightforward, and regulators would likely take the position that the BSA is applicable. In the context of bridges that may operate more as a decentralized system, it is more difficult to identify an intermediary to hold responsible for compliance. Thus, there are numerous practical and technological compliance questions to be addressed for developers and operators in the digital asset space with respect to the implementation of the BSA and its requirements. Indeed, the lack of clarity on the application of the BSA, as well as the inability to implement some of the requirements, might encourage participants to seek other alternatives.

If hackers exploit a trustless bridge’s algorithms, users will lose all their crypto. In contrast, when using trusted bridges, there’s a chance the custodian can distribute insurance funds during a cyberattack. Cross-chain bridges are designed to solve the challenge of interoperability between different blockchains. A cross-chain bridge is a protocol that lets a user port digital assets from one blockchain to another. For example, Wormhole is a cross-chain bridging protocol that allows users to move cryptocurrencies and NFTs between the various smart contract blockchains such as Solana and Ethereum.

Vulnerabilities in Cross-chain Bridge Protocols Emerge as Top Security Risk

Even if authorities track down a hacker, there’s no clear regulatory framework to deal with cross-chain bridge hacks. Additionally, some bridge projects make their codes open source to promote transparency. Open-source codes help build trust and make it easier for malicious actors to review, copy, or manipulate a bridge’s software. In this case, the New York-based company Ava Labs watches over crypto bridge transfers.

  • Trusted bridges are sometimes called “custodial bridges” because a protocol’s leaders directly custody each user’s crypto.
  • The vast majority of blockchain networks are autonomous communities with separate economies.
  • His decisions on major cryptocurrency cases have quoted “The Big Lebowski,” “SNL,” and “Dr. Strangelove.” That’s because he wants you — yes, you — to read them.
  • Nomad smart contracts are upgradeable via a multi-sig governance model, with 3 out of 5 signers required to execute governance changes and handle recovery management.
  • To send a token from blockchain A to B, you need to go to the bridge and indicate the number of tokens to send.

If the bridge is compromised, it could potentially allow malicious actors to gain access to sensitive information or assets. However, the fact that cross-chain bridges span multiple blockchain platforms means that they can have complex effects. By creating interrelationships between blockchains, cross-chain bridges also cause their security to be intertwined.

Dogecoin, Zcash, Litecoin resolve possible exploit; 280 other chains may be at risk

Therefore, the bridge minted wETH without an equivalent deposit on the Ethereum network. It also maintains the security and economic stability between the bridge and the chain. The tokens are blocked in A to serve as the guarantee of the value of these new tokens on blockchain B.

We want to make that entire hybrid environment as easy and as powerful for customers as possible, so we’ve actually invested and continue to invest very heavily in these hybrid capabilities. Inside of each of our services – you can pick any example – we’re just adding new capabilities all the time. One of our focuses now is to make sure that we’re really helping customers to connect and integrate between our different services. So those kinds of capabilities — both building new services, deepening our feature set within existing services, and integrating across our services – are all really important areas that we’ll continue to invest in. Donna Goodison (@dgoodison) is Protocol’s senior reporter focusing on enterprise infrastructure technology, from the ‘Big 3’ cloud computing providers to data centers.


Blockchain technology has the potential to revolutionize the way that businesses and organizations operate, offering increased security, transparency, and efficiency. However, one of the challenges facing the widespread adoption of blockchain is the fact that different networks often operate in isolation, with limited ability to communicate and exchange information and assets. Web3 and DeFi are emerging ecosystems that have forced creative innovation around bridging mechanisms. As of now, there is no de-facto standard outlining how a bridge should be built and how it should operate. All mechanisms being used to build bridges today offer their own advantages but do come with limitations. A decision on how a bridge should be implemented depends on many factors and trade-offs need to be made by developers in order to create the solution that best serves their needs and the needs of their users.

OpenSea is the largest non-fungible token marketplace, offering the ability to buy, sell, create, and trade. Investopedia requires writers to use primary sources to support their work. These include white papers, government data, original reporting, and interviews with industry experts. We also reference original research from other reputable publishers where appropriate.

That provides tremendous flexibility for many companies who just don’t have the CapEx in their budgets to still be able to get important, innovation-driving projects done. Now’s the time to lean into the cloud more than ever, precisely because of the uncertainty. We saw it during the pandemic in early 2020, and we’re seeing it again now, which is, the benefits of the cloud only magnify in times of uncertainty. There’s so much data in the world, and the amount of it continues to explode.