Guide
Cross-chain bridges explained
Blockchains do not natively talk to each other. Ethereum cannot read Solana state, and Bitcoin has no concept of an SPL token balance. Yet users expect to move USDC, ETH, or NFTs between ecosystems to access cheaper fees, different DeFi protocols, or games on another chain. A cross-chain bridge is the middleware that makes that possible — usually by locking assets on a source chain and minting a representation on a destination chain, or by routing through pooled liquidity and off-chain attestations. Bridges are among the highest-value targets in crypto: billions in TVL sit behind multisigs, oracle networks, and un-audited smart contracts. This guide explains how the major bridge architectures work, what wrapped assets actually represent, why famous exploits happened, how bridges differ from Layer 2 rollups, and a practical checklist before you move funds across chains.
Why bridges exist
Each blockchain is an isolated ledger with its own consensus rules, address formats, and virtual machine. There is no universal "send 1 ETH to Solana" opcode. Interoperability layers solve three overlapping problems:
- Asset portability — hold dollar exposure on Solana while custody originated on Ethereum, or use BTC as collateral in an EVM DeFi pool.
- Liquidity aggregation — traders and market makers rebalance inventory across venues without off-ramping to fiat at every hop.
- Application reach — a game or DEX on one chain wants users who already hold tokens elsewhere.
Bridges are not the only interoperability path. Native multichain stablecoins (Circle CCTP mint-and-burn), centralized exchange deposits, and L2 canonical bridges that inherit Ethereum security each trade different trust assumptions. General-purpose bridges fill the gap when no issuer-level integration exists.
Lock-and-mint (custodial representation)
The most common pattern is lock-and-mint (sometimes called burn-and-mint in the reverse direction):
- You deposit native ETH into a bridge contract on Ethereum.
- Bridge validators observe the deposit and sign an attestation.
- A bridge contract on Solana (or another chain) mints
wETH— a wrapped representation backed 1:1 by the locked ETH. - To exit, you burn
wETHon Solana; validators attest; Ethereum contract releases the original ETH.
The wrapped token is not native ETH on Solana. It is an IOU from the
bridge program, redeemable only if the bridge honors burns and the custody pool
on Ethereum remains solvent. Different bridges mint different
wETH contracts — they are not fungible with each other. Always
verify which bridge issuer your DeFi pool expects; depositing the wrong wrapper
is a common integration mistake.
NFT bridges follow the same logic: lock the canonical NFT in an escrow contract, mint a bridged copy on the destination chain. If both copies could trade simultaneously without burning, you have doubled supply — bridges prevent that with escrow or explicit burn rules.
Liquidity-network bridges
Lock-and-mint waits for validator attestations and can take minutes. Liquidity networks (Hop, Across, Stargate-style models) pre-position inventory on both sides. When you bridge, a relayer or market maker front-runs native assets to you on the destination chain and later settles against the canonical bridge or rebalances pools.
Trade-offs:
- Speed — often seconds instead of block confirmations on two chains.
- Cost — relayer fees plus spread when pools are imbalanced.
- Risk — you trust relayer solvency and pool depth, not only the slow path's multisig.
Fast liquidity is convenient for size-bounded transfers. Large exits during stress can drain pools and force users onto the slow canonical path anyway — exactly when they least want to wait.
Who verifies the transfer?
Every bridge embeds a verification model — who is allowed to mint wrapped assets on the destination chain?
Trusted multisig / validator set
A fixed committee (often 5-of-9 or similar) watches source-chain events and signs messages authorizing mints. Simple and fast, but security equals the weakest key plus social layer around upgrades. The 2022 Wormhole exploit forged a valid-looking signature because a smart-contract bug let attackers bypass signature checks — the validator set never actually voted.
Optimistic bridges
Similar to optimistic rollups: a relayer posts a transfer claim; anyone can challenge fraud during a dispute window. Security shifts toward economic bonds and watchers rather than instant multisig trust — but liveness and challenge infrastructure must work under adversarial conditions.
Light clients and ZK proofs
The destination chain (or its bridge contract) verifies a cryptographic proof that a transaction really occurred on the source chain — block headers, Merkle proofs, or ZK succinct proofs of consensus. This reduces trust in a committee but increases gas cost and implementation complexity. Many production bridges still hybridize: ZK or light-client verification for high-value paths, multisig for speed on smaller chains.
Our oracle guide covers price feeds; bridge attestations are a different problem (event verification, not spot prices) but share manipulation and stale-data themes.
Wrapped assets and depeg risk
A wrapped token trades near parity with its underlying only if markets believe redemption works. Depegs happen when:
- Bridge exploit or insolvency — minted wrappers exceed locked collateral.
- Redemption halted — upgrades, legal freezes, or chain halts block exits.
- Liquidity crisis — arbs cannot move size through the slow path profitably.
- Wrong wrapper — pools price a deprecated bridge token.
Stablecoins bridged as third-party wrappers carry issuer risk plus bridge risk. Native CCTP USDC mint-and-burn avoids a persistent wrapper on many routes — prefer issuer-native flows when available.
Bridges vs Layer 2 rollups
Beginners often conflate bridges and L2s. A rollup posts transaction data or proofs back to a parent chain (usually Ethereum) and inherits security from that parent's consensus, modulo sequencer and proof-system assumptions. An L2's canonical bridge is the enforced exit path to L1.
A general cross-chain bridge connects two sovereign chains — Ethereum to Solana, Bitcoin to Arbitrum — with no shared security parent. Trust is entirely in the bridge's verification design. L2 bridges can still be hacked via contract bugs, but the threat model differs from Ethereum-to-Solana multisigs.
Famous failure modes
Bridge hacks dominate crypto loss leaderboards because one bug unlocks pooled collateral across chains:
- Signature verification bugs — attackers mint unbacked wrapped tokens (Wormhole-class bugs).
- Validator key compromise — multisig threshold collusion or leaked keys.
- Upgrade proxy abuse — malicious or rushed contract upgrades change mint authority.
- Replay and message ordering — duplicate or reordered attestations double-mint.
- Source-chain reorgs — deposits that never finalize but already minted on destination.
Smart contract immutability cuts both ways: you cannot patch a live bridge as easily as a centralized API. Timelocks, multisig upgrades, and bug bounties are standard mitigations — verify they exist before large transfers.
Operational checklist before you bridge
Use this before moving more than pocket change:
- Identify the exact token contract on destination — bridge issuer, symbol, and explorer link. Screenshot addresses.
- Read the verification model — multisig size, ZK/light-client coverage, upgrade keys, and audit history.
- Check TVL and incident history — TVL is not safety, but sudden outflows and paused withdrawals are red flags.
- Size for worst-case delay — assume the fast path breaks during volatility; can you wait for the slow canonical exit?
- Prefer native issuer flows — CCTP USDC, official L2 canonical bridges, or CEX withdraw to the target chain when security beats convenience.
- Revoke unlimited approvals after bridging if you interacted with unfamiliar contracts.
- Test with a small amount — confirm the receiving wallet and DeFi pool accept the wrapper you actually received.
For Solana specifically, confirm whether you hold native assets or SPL wrappers, and whether your wallet displays the correct mint address — spam tokens mimic bridge tickers constantly.
When not to bridge
- Same-chain alternatives exist — deploy or buy natively instead of wrapping through two hops.
- Amount exceeds bridge TVL fraction — you become the stress test.
- Destination app accepts fiat or CEX deposit — sometimes CeFi rails are safer than experimental bridges.
- You cannot verify the wrapper — if explorers and docs disagree, stop.
Bridges are infrastructure, not investments. Treat them like airport currency exchange: necessary sometimes, never where you store long-term savings.
Key takeaways
- Cross-chain bridges move value between sovereign blockchains via lock-and-mint, liquidity networks, or hybrid models.
- Wrapped tokens are bridge IOUs — verify issuer, mint address, and redemption path; wrappers from different bridges are not interchangeable.
- Security varies by verification — multisig committees are fast but trust-heavy; light clients and ZK proofs reduce trust at a complexity cost.
- Bridges differ from L2 rollups — rollups inherit parent-chain security; general bridges do not.
- Exploits target mint authority — contract bugs and key compromise can create unbacked wrapped supply.
- Due diligence is mandatory — test small, prefer native issuer flows, and plan for slow-path exits.
Related reading
- Layer 2 blockchains and scaling explained — rollups, canonical bridges, and security inheritance
- DeFi explained — lending, DEXs, and protocol risk stacks
- Smart contracts explained — immutability, upgrades, and exploit classes
- Stablecoins explained — native vs bridged dollar tokens and depeg mechanics