This is a reworked, updated version of an article first published by rhino.fi in the summer of 2022.
Bridges play a crucial role in the emerging multi-chain DeFi ecosystem, enabling users to glide between different blockchains and move their assets to the point of greatest opportunity. However, they’ve also created a notable point of failure.
According to a report in October 2022, over 50% of DeFi hacks occur on bridges. The problems have continued this year: At the start of April, cross-chain protocol Allbridge confirmed it had been hacked for a total value of $570,000 and shut down its bridge for investigation.
Thankfully, crypto bridge hacks represent a tiny fraction of overall activity. Nonetheless, it’s important we understand the protection systems in place for each type of bridge, and know how much we can trust them.
So in this special RhinoLearn explainer, we’re going to dig into the issue of crypto bridge security by examining each type of bridge in detail. If you want a simpler breakdown of how crypto bridges work, check out our guide here.
How crypto bridges are classed by transfer type
Bridges actually come in several different types, and they can be categorised by both transfer type (simple to complex), and trust assumptions (strong to weak).
First, let’s take a look at transfer types.
Some researchers would argue there are three different forms of transfer type (Arjun Chand, an influential writer and researcher on bridge classification, would certainly make this point). However, we can actually expand this further to five types. These are as follows:
- Lock & Mint. Examples: Polygon official bridge, StarkNet official bridge, Shuttle.
- Token Issuer Burn & Mint. MakerDao, Arbitrum Teleport.
- Specialised Burn & Mint. Hop, Debridge.
- Atomic Swap. Stargate.
- Third Party Networks/Chains. Thorchain.
Let’s look at each of these in detail.
Lock & Mint
Locking and minting is one of the most common forms of crypto bridge transfer. Essentially, the user puts their token into a digital safe on one side of the bridge, and a new token is minted, or created, on the other side (the token may also be burned, or destroyed, when it is locked).
When the user wants to move from one blockchain to the next, the assets from their chain of origin are locked into the bridge smart contract. When they are created on the destination chain, they will be either:
- A wrapped token. Essentially this is an equivalent of the original token, which is given a ‘wrapper’ to be compatible with the code and rules of a different blockchain. Wrapped Ethereum (wETH) and Wrapped Bitcoin (wBTC) are two popular examples.
- A canonical token. This is a map of the original token that means it can be bridged from Layer 1 to Layer 2.
In both cases, the token is fully collateralised against its base asset.
If the user wants to bridge backwards (in other words, bring their assets back to the first chain), the new tokens are burned and their original assets are unlocked, or released, on the origin chain.
Because the destination chain tokens are always ‘backed’ with 100% collateral, the bridge can scale, even when handling large volumes of activity.
The smart contracts on the origin chain become a major target for hackers, and tokens created on the destination chain can become worthless if the original versions are compromised.
Some of the largest bridge hacks in crypto history have targeted smart contracts that hold a large amount of tokens. In June 2022, for example, North Korean hackers exploited the Harmony Horizon bridge to steal $100 million.
Token Issuer Burn and Mint
This approach is slightly different: here, the token issuer themselves provides liquidity for the bridge crossing, rather than relying on third-party bonders, which is great for speed.
The Teleport facility built by MakerDAO, a stablecoin-issuing protocol on Ethereum, is a good example of this approach in action. Teleport allows users to quickly bridge the DAI stablecoin back from Arbitrum and Optimism: the MakerDAO protocol handles the settlement of funds in the background, using a blockchain oracle.
If the oracle network ever goes offline, security is maintained via fraud proofs, whereby the information contained within a transaction record is challenged.
In the event of a security exploit, the token issuer takes on balance sheet risk on behalf of its token-holders, which may compromise its long-term future (although this isn’t strictly linked to bridge safety, it’s important nonetheless).
Specialised Burn and Mint
A number of bridges augment the ‘burn and mint’ model with an extra step: an automated market maker liquidity pool, which uses a specialised bridge asset as an intermediary step.
This model, which has been adopted by Curve amongst others, allows tokens to be bridged quickly across different chains and Layer 2 protocols as well as back to the source chain.
Liquidity is provided by the community itself, which keeps the system moving.
Those who provide liquidity to the specialised liquidity pools assume a certain level of risk, and those who hold the specialised bridge assets are essentially a form of IOU, awaiting redemption.
With an atomic swap bridge, pre-existing canonical or wrapped tokens (e.g. USDC) that have already been bridged to the destination chain are added to separate, single-asset pools on both the origin and destination chains. Both the Stargate and Umbrai Narni bridge follow this formula.
In the case of Stargate and USDC, a user bridging the stablecoin from Ethereum to Polygon, using Stargate, first deposits the asset into the USDC pool on the origin chain, controlled by the StarkGate smart contract. Then they withdraw back to the USDC pool on the destination chain.
Once you’ve used the bridge, you’re no longer relying on its security for the value of your destination token. Instead, you’re depending on either another bridge (in the case of non-native bridged tokens) or you hold the native tokens on the destination chain.
A large number of tokens are needed to maintain the destination chain pools, and these pools can easily become depleted when there’s a large volume of demand in one direction.
Third Party Networks/Chains
Technically, these aren’t crypto bridges at all. Instead, they’re separate projects that sit above different blockchains and exist to facilitate transactions. They may be used, for example, when a blockchain doesn’t support smart contracts or its contracts aren’t compatible with other chains (as is the case with the Bitcoin Network).
Such networks rely on a network of nodes on both the origin and destination chains, and the node operators need to be incentivised.
Third-party networks and chains mean blockchains, and their assets, can be bridged in a decentralised manner, and there is no clear point of failure for a hacker to target.
The node operators must remain honest for the system to work, which creates a potential vulnerability. What’s more, third-party networks and chains can be complex to build, and their complexity can create vulnerabilities. ThorChain, one of the most high-profile third-party networks in crypto, has been hacked on several occasions (and the network was recently paused due to vulnerability concerns).
How bridges are categorised: trust assumptions
Alongside the various means of transferring tokens, we must consider different types of trust assumptions. Crypto bridges can be ranked on a scale of trustworthiness, ranging from strong trustworthiness (bad) to weak trustworthiness (good).
The various levels of trustworthiness can be categorised as follows:
- Centralised bridges. Example: Binance-to-Arbitrum.
- Validator/multi-sig bridges. Wormhole, Axelar, Connext.
- State proof bridges. StarkEx to Ethereum, ZKSync to Ethereum, Nomad, Hop, Axelar, and Mina.
- Protocol-level bridges. Cosmos IBC.
Centralised bridges often require a single party or signatory to oversee everything, processing and controlling the flow of funds.
For example, when you deposit to Binance from Arbitrum, you are relying on Binance to credit your account with the funds you deposited to their smart contract.
The bridge is actively managed, which avoids the reliance on potentially hackable smart contracts which, as we’ve mentioned, can be an issue for crypto bridge safety. On the flip side, however, there is no failsafe if the operator were to go offline. This means they aren’t scalable or censorship-resistant and, as we’ve seen with FTX, there’s no guarantee that centralised projects will always act properly.
Validator / Multi-sig Based Solutions
These types of bridges are more secure than centralised bridges, as they require weaker trust assumptions.
Several different types of agents monitor both sides of the bridge, with incentives, and act as oracles, feeding back on the deposits and withdrawals that have been made (although the validator set is usually little more than a basic multi-signature wallet, so some degree of trust is needed).
One of the potential downsides is that large entities, or expensive liquidity mining programmes, are required to ensure liquidity on both sides of the bridge.
Here’s an example of one of these bridges in action, taken from the Connext interoperability protocol.
State Proof Bridges
State proof bridges require still weaker trust assumptions than validator bridges. Because they prove the state between chains, there’s no need for validators to serve as oracles and no reliance on third parties either. What’s more, there’s no need to post collateral on both sides of the bridge.
Here’s an example of a state proof bridge, created by the Hop Protocol.
Protocol-level bridges, such as the Inter-communication blockchain protocol (IBC) developed by the Cosmos ecosystem, are ideal when it comes to trust assumptions, because everything is handled at the protocol level.
This means the bridge creators can eradicate the need for any collateral on either side of the bridge, standardise the interface across all chains and, crucially, reduce the risk of smart contract hacks.
Right, so: Are crypto bridges safe, and can I trust them?
Well, it’s complicated.
In time, all major chains will move towards the north star of protocol-level bridging. This is the best way to optimise security and capital efficiency. Until we get to this point, however, there will always be an element of vulnerability.
We’re not saying you can’t trust bridges, though. The cynics might try to claim otherwise, but hacks still represent a tiny minority of overall bridge activity, and the technology is getting more sophisticated.
Ultimately, it’s about doing your own homework. Before you commit to moving your funds across a bridge, look at what type of bridge it is and use our bridge safety guide to help you. You should also find out whether it has been exploited in the past: a simple internet search should bring you the info you need.
And just quickly before we go: we’ve developed a number of cross-chain bridges ourselves, allowing you to move funds to Polygon, Arbitrum and the brand-new zkSync and Polygon zkEVM rollups in less than a minute.