Bridges: Connecting Blockchains, Markets, and Money

Bridges in crypto are mechanisms that let value and data move from one blockchain to another, turning isolated networks into a connected ecosystem. They sit at the fault line between innovation and risk, powering cross-chain DeFi and stablecoin flows while also ranking among the most attacked components in the industry.

What Crypto Bridges Are – And Why They Exist

At a high level, a blockchain bridge is any system that allows an action on one chain to trigger an outcome on another, usually by locking, unlocking, minting, or burning tokens based on events that occurred elsewhere. Without bridges, Ethereum, Bitcoin, Solana, app-specific rollups, and emerging L2s would function as separate “islands,” each with its own liquidity, user base, and DeFi stack. Bridges act as the shipping lanes between these islands, allowing assets, messages, and sometimes even entire application states to traverse chains. This interoperability is essential for the kind of composable finance that DeFi promises, where users can move collateral, yield strategies, and governance power across multiple environments.

The basic motivation for bridges stems from fragmentation. Ethereum pioneered smart contracts, but scaling pressures led to rollups and sidechains, while other base layers launched with different design choices, from throughput and latency to programming language and consensus model. Each chain optimized for its own vision of performance and security, which meant that no single chain could realistically host all applications and users. Bridges emerged as the connective tissue, enabling capital to flow to the best opportunities, whether that is a lending protocol on Ethereum, a high-throughput DEX on an L2, or a tokenized real-world asset venue on another chain.

Interoperability is not just about moving tokens for speculative trading. It is increasingly about connecting stablecoins, tokenized deposits, and real-world assets that underpin payments, treasuries, and capital markets. The launch of SoFiUSD as a stablecoin issued by a US national bank on public blockchains shows how traditional banking platforms are now using crypto rails to extend digital dollar reach, effectively bridging bank balance sheets into the on-chain economy. Similarly, JPM Coin on Base functions as a deposit token that lets institutions move USD value and settle transactions on an Ethereum L2, blending the compliance and balance sheet security of a bank with the programmability of crypto networks. In both cases, inter-chain and cross-system bridges will be the infrastructure that ultimately connects these assets to the broader DeFi universe.

As this ecosystem has matured, bridges are no longer just simple lock-and-mint contracts sitting between two chains. They have become full-stack systems with relayers, validators, oracles, light clients, security councils, and complex governance. They increasingly serve as the risk boundary between different security domains, especially in the Ethereum rollup landscape, where the canonical bridge to Ethereum often defines whether a given L2 can honestly claim to be “secured by Ethereum.” Understanding what bridges do and how they are secured is therefore central to understanding modern crypto market structure.

From Single-Chain Apps to a Multi-Chain Reality

In the early years of Ethereum, DeFi operated under a largely single-chain paradigm: the mainnet hosted lending, DEXs, derivatives, and governance, and most activity took place within that environment. This model allowed for strong composability, since contracts could call each other directly with atomicity guarantees, but it came at the cost of throughput and transaction fees. As demand grew, so did gas prices, making everyday use cases unsustainable for many users and pushing experimentation toward alternative L1s and scaling solutions.

Layer 2 rollups emerged to offload computation from Ethereum while preserving some degree of its security model, bundling many transactions into a single proof that is posted back to mainnet. At the same time, competing base layers such as high-throughput chains and specialized consumer- or gaming-oriented platforms sought to attract users with lower fees and different performance trade-offs. The result was a multi-chain, and increasingly cross-chain, reality in which users, liquidity, and applications are dispersed across dozens of environments.

This fragmentation is not purely a downside. Different chains and rollups can specialize for particular functions, like high-frequency DEX trading, NFT minting, real-world asset tokenization, or enterprise-grade compliance. But to realize these benefits, users and applications must be able to move assets and interact seamlessly across chains. Bridges are the solution that emerged from practice: they allow USDC or ETH on one chain to be represented in equivalent form on another, allow governance votes to be mirrored across deployments, and enable strategies that tap yields or liquidity in multiple ecosystems at once. The narrative of “blockchain as islands, bridges as connectors” captures this dynamic in intuitive terms.

Cross-chain activity is no longer niche. Analytics platforms like BridgeWTF now compare interop volume against DEX spot volume, tracking how much value is flowing through bridges relative to on-chain trading. This provides a quantitative lens on how central interoperability has become, as bridges increasingly rival DEXs as critical infrastructure. Meanwhile, dedicated explorers such as Range’s Stablecoin Explorer aggregate every stablecoin transaction across more than one hundred chains and over twenty bridges, highlighting that stablecoin flows are deeply intertwined with bridge infrastructure. What began as a technical workaround for fragmentation has become a structural layer of the crypto economy.

Types of Bridges in Practice

Although “bridge” is often used as a generic term, there are important distinctions among systems that all fall under this label. The first axis of differentiation is what is being transferred. Asset bridges move tokens by locking them on one chain and minting a representation on another, or by burning on the source and minting on the destination. Messaging bridges transmit arbitrary data, such as governance messages, oracle updates, or cross-chain contract calls, which downstream applications can interpret in various ways. Many modern bridges combine both, using messages to drive token transfers as a particular case.

A second axis is the trust and security model. Trusted or custodial bridges rely on a small set of operators or a centralized entity that controls the assets locked on the source chain and authorizes releases on the destination. These designs are simple but concentrate risk in the custodian’s operational and security practices. On the other end of the spectrum, trust-minimized bridges use cryptographic proofs or light clients to verify the source chain’s state directly on the destination, approximating the security of running a full node of the source chain. Between these extremes lie various multisig and committee-based bridges, which rely on a quorum of signers or an oracle network to attest to events.

A third axis is scope. Canonical bridges are those endorsed by a protocol or chain as the primary gateway for value transfer, such as an Ethereum rollup’s native bridge or an official asset issuer’s bridge. Third-party or generalized bridges aim to support many chains and assets, often layering liquidity pools and market-making on top to provide faster transfers. Routing layers and aggregators sit above them, selecting among multiple underlying bridges to optimize for speed, cost, and perceived security. In practice, a single user action on a cross-chain DEX or yield platform may touch multiple bridge systems under the hood.

These differences are not merely academic. They dictate which risks users bear, how failures propagate, and how resilient the broader system is to targeted attacks. The KelpDAO incident, where attackers exploited a single-point-of-failure verification design in an off-chain network to drain hundreds of millions in bridged assets, illustrates how a seemingly small architectural choice in quorum design can have outsized consequences. Appreciating these design patterns is the first step toward using bridges intelligently.

CurveCap

Dec 28, 2025

View article →

Flow blockchain, which brands itself the "Home of Consumer DeFi," takes heat over their decision to perform a rollback

𝕏/@AlexSmirnov • Dec 28, 2025

Top Comment

Spencer420

Dec 31, 2025

"The rushed decision to roll back the chain will likely cause financial damage far exceeding the impact of the original exploit. A rollback introduces systemic issues that affect bridges, custodians, users, and counterparties who acted honestly during the affected window."

How Blockchain Bridges Work Under the Hood

The intuitive idea behind a bridge is straightforward: when a user sends tokens from Chain A to Chain B, they should no longer be able to use those same tokens on Chain A, otherwise value would be duplicated. Most asset bridges implement this by locking or burning tokens on the source chain and minting an equivalent amount on the destination, based on a verifiable record of the original action. The devil lies in how that record is verified and who is empowered to mint or release funds on the other side.

In a basic lock-and-mint model, a user deposits tokens into a bridge contract on Chain A. The bridge system then observes this deposit and instructs a contract on Chain B to mint a corresponding representation of the asset, often called a “wrapped” token. When the user wants to return, they burn the wrapped token on Chain B and prove that burn to the bridge, which triggers the release of the locked tokens back on Chain A. Conceptually, the bridge maintains a ledger where the outstanding supply of wrapped tokens on Chain B should always equal the amount of original tokens locked or sequestered on Chain A, minus any fees. If this invariant is violated, value has either been lost or illicitly created.

Burn-and-mint bridges follow a similar pattern but may not hold large collateral pools on the source chain. Instead, they rely on token issuers or custodians to recognize burns on one chain and mint the asset anew on another. This can be seen in some stablecoin and token issuer practices, where rather than locking one representation as collateral, tokens on different chains are treated as fungible claims on a centralized reserve. In such cases, the “bridge” is partly a legal and operational one, spanning KYC, custody, and compliance systems.

Lock-and-Mint, Burn-and-Mint, and Wrapped Assets

Wrapped assets are central to most bridge designs. A wrapped token is not the original asset but a claim on that asset held somewhere else, akin to a deposit receipt or an IOU. Wrapped bitcoin on Ethereum, for example, represents BTC held by custodians or smart contracts on the Bitcoin network, while the ERC-20 token moves within Ethereum’s DeFi. In bridge contexts, the contract on the destination chain mints these representations when it receives a valid instruction that an asset was locked or burned on the source chain.

One can think of the bridge’s locked vault as the keel of a ship, providing the weight and balance that keeps the system upright. Each wrapped token in circulation is a plank on that ship, promising that underlying value is safely anchored. Narrative pieces about bridges often lean into nautical metaphors—vaults as safe harbors, wrapped tokens as nautical IOUs for cross-chain voyages—and this imagery is not entirely misplaced. If anything undermines the integrity of the vault or the rules that govern issuance, the promises embodied in wrapped tokens are broken.

In an idealized design, the invariant that the supply of wrapped tokens equals the underlying collateral can be expressed as a simple equation. If \(C_A\) is the amount of tokens locked or burned on Chain A for a given bridge and \(W_B\) is the supply of wrapped tokens on Chain B, then at any time \(W_B \leq C_A - F\), where \(F\) represents any fees or slippage built into the system. Monitoring this relationship across chains is one way to detect anomalies, as Chainalysis highlighted in the KelpDAO exploit: while each on-chain transaction looked valid by itself, the cross-chain invariant between locked and minted tokens was violated when the attacker tricked the system into minting without a corresponding burn.

Burn-and-mint models shift where the invariant is enforced. When an issuer like a bank or stablecoin company manages reserves centrally, burns on one chain and mints on another are reconciled off-chain in their ledger. SoFiUSD, for instance, is backed by the balance sheet of SoFi Bank, with users able to buy, sell, and hold the stablecoin within the SoFi app before it circulates on public blockchains. When such tokens eventually move between chains, the “bridge” might be an internal treasury process rather than a public smart contract, but the same economic principle holds: the total on-chain supply across all networks must not exceed the backing reserves.

The Verification Problem: Who Tells Chain B What Happened on Chain A?

The core technical challenge in bridge design is verification: how does the destination chain know that an event claimed to have occurred on the source chain actually did occur and is part of its finalized history? This is where bridge security models diverge most sharply. At one end, we have trusted attestations, where a designated party or a small committee observes Chain A and signs a message to Chain B. At the other end lie light client and proof-based approaches, where Chain B runs a simplified client of Chain A and verifies cryptographic proofs of its state transitions.

Trusted and semi-trusted bridges often rely on multisignature wallets or validator committees. A deposit on Chain A is detected, and a set of signers authorize the corresponding mint on Chain B once a threshold is met. The security of such systems depends on the quorum design, the incentives and governance around signers, and the robustness of their infrastructure. Chainlink’s analysis of cross-chain bridge vulnerabilities emphasizes that compromised private keys, collusion among signers, and flaws in key management have all led to catastrophic losses in previous incidents. Even when the on-chain contract logic is sound, a single compromised signing node can undermine the integrity of the entire bridge if the quorum is too small or poorly configured.

Oracle-based bridges generalize this idea. Instead of human-managed signers, an oracle network or decentralized validation network (DVN) observes the source chain and supplies data to the destination chain. While this can harden security through diversification and cryptoeconomic penalties, it also introduces a new class of risks: network-level attacks, consensus failures among oracle nodes, or subtle bugs in the off-chain infrastructure that coordinates observations and signatures. The KelpDAO exploit vividly demonstrates how attackers can combine infrastructure compromise with denial-of-service on external nodes to control what the bridge “sees.”

Light client and proof-based bridges attempt to eliminate these middlemen by allowing Chain B to verify Chain A’s block headers (and ultimately transaction inclusion) directly, using Merkle proofs, succinct zk-proofs, or fraud proofs. This is the model envisioned for Ethereum rollups, where the L1 acts as a settlement layer that verifies proofs of the L2’s state transitions. In such designs, the canonical bridge between Ethereum and the rollup can, in principle, rely on Ethereum’s consensus rather than external signers. However, implementing efficient light clients and proof systems across heterogeneous chains remains technically challenging, which is why many cross-chain bridges still rely on committee-based verification in practice.

Rollups and Ethereum Bridges: Optimistic vs zk

Ethereum’s rollup-centric roadmap has made bridges central to how users think about L2 security. In a rollup, users transact on a separate chain where execution is cheaper and faster, while the rollup posts compressed data and proofs back to Ethereum for finality. The canonical bridge between the rollup and Ethereum controls the flow of assets; deposits into the rollup are locked on L1 and minted on L2, while withdrawals move in the opposite direction. The security of user funds rests on the correctness of the rollup’s state commitments and the soundness of the proof mechanism that Ethereum verifies.

Optimistic rollups assume that state updates are valid by default and rely on fraud proofs during a challenge period to detect invalid transitions. If no one submits a valid fraud proof within the designated window, the new state is accepted as final. This model can be more straightforward to implement and can achieve high throughput without generating proofs for every batch, but it introduces latency for withdrawals and depends on at least one honest party being able to detect and challenge fraud. The bridge between Ethereum and an optimistic rollup is therefore “optimistic”: it relies on proactive monitoring and the existence of vigilant verifiers.

Zero-knowledge (zk) rollups, by contrast, generate succinct validity proofs for each batch of transactions, which Ethereum verifies before accepting the new state. This can greatly reduce withdrawal latency and removes the need for challenge periods, as invalid states should be rejected upfront by the L1. However, zk-proof systems are complex and computationally demanding, and the security of the bridge depends on the soundness of the proving system and the correct implementation of the verifier contract. Both models aim to approximate the security of a full node bridge, but each has distinct trust assumptions and failure modes.

The Ethereum research community has framed rollups explicitly as “bridges + blockchains”: a rollup is its own execution environment plus a bridge that connects it to Ethereum and enforces its security properties. This formulation highlights that when users move assets to an L2, they are effectively entrusting a bridge, even if it is deeply integrated into the protocol. The canonical bridge may be more trust-minimized than general-purpose cross-chain bridges, but incidents like Taiko’s verification breach demonstrate that if the chain’s state verification mechanism is compromised, the assumptions behind every bridge deployed on that L2 can no longer be relied on. Thus, debates about whether L2s are “really secured by Ethereum” are, in large part, debates about the robustness of their bridging and verification layers.

The interplay between optimistic and zk bridges is not purely an academic exercise in consensus theory; it affects user experience and risk in concrete ways. Optimistic bridges often impose waiting periods for withdrawals to mitigate the risk of fraud, which can slow down capital movement and prompt users to rely on third-party fast-bridging services. zk-bridges aim to offer faster finality but must manage the complexity and potential centralization around prover infrastructure. For stablecoin issuers, DEXs, and institutional players like JPMorgan, which now uses Base for on-chain USD settlement via JPM Coin, the choice of L2 and its bridging model influences operational risk and regulatory comfort.

Danicjade

Nov 12, 2025

View article →

JPMorgan launches JPM Coin on Coinbase’s Base network, enabling instant USD settlements for institutions 24/7 through tokenized bank deposits. The move bridges traditional finance and crypto, marking a milestone for on-chain banking innovation.

crypto.news • Nov 12, 2025

Top Comment

Spencer420

Nov 13, 2025

"At launch, only verified institutional users can access JPM Coin on Base. Over time, the bank plans to expand access to its clients’ customers, subject to regulatory approval. JPM Coin can also be used as collateral on Coinbase, opening new ways to move liquidity between traditional finance and crypto markets. Unlike stablecoins such as USDC, deposit tokens like JPM Coin represent funds already held in a bank account. This means holders can earn interest on their tokenized deposits, something stablecoin users don’t typically get."

Bridge Risks: Why Cross-Chain Is DeFi’s Soft Underbelly

Despite their importance, bridges have proven to be some of the most fragile components in crypto’s infrastructure. Chainlink describes cross-chain bridge vulnerabilities as security flaws that can be exploited to steal or manipulate assets moving through or locked in these systems, and historical data shows that billions of dollars have been lost through such exploits across multiple protocols. Bridges combine large centralized honeypots of collateral with complex off-chain and on-chain logic and, in many cases, relatively young codebases. They also occupy a unique position in risk topology: a successful attack can instantly create unbacked assets on one chain while draining collateral on another.

A key reason bridges are so attractive to attackers is leverage. By compromising the verification layer rather than individual accounts, attackers can convince a bridge contract to mint or release assets it should never have authorized. This is qualitatively different from a standard smart contract bug in a DEX or lending platform, where losses are typically confined to that protocol’s asset pool. In a bridge, a single breach can cascade across ecosystems as users discover that the wrapped assets they considered interchangeable are suddenly unbacked, forcing emergency pauses, governance interventions, and sometimes contentious decisions about rollbacks.

The complexity of cross-chain flows also makes bridge attacks harder to detect with traditional on-chain monitoring. As Chainalysis observed in the KelpDAO exploit, every individual transaction looked valid and obeyed the bridge’s contract rules. The exploit only became visible when one compared the aggregate state across chains and noticed that the amount of rsETH minted on one side did not correspond to genuine burns on the other. This is where cross-chain invariant monitoring, not just single-chain anomaly detection, becomes critical. Yet only a minority of protocols and exchanges currently operate at that level of observability.

Common Vulnerability Classes

Bridge vulnerabilities can be grouped into several recurring patterns. Smart contract bugs remain an obvious category: flaws in the contracts that manage deposits, withdrawals, and verification logic can allow re-entrancy, underflows, or bypass of security checks. While the ecosystem has grown more cautious, the combination of complex multi-chain state and upgradeable contracts means subtle issues still slip through audits. Access control is another recurring problem, where privileged roles like bridge administrators or upgraders are misconfigured, enabling attackers who gain access to these keys to alter parameters or logic in ways that favor them.

Signature and key management issues are particularly acute in bridges that rely on multisigs or validator networks. If an attacker can compromise a threshold of signer keys, they can forge messages that instruct the bridge to release funds without genuine underlying events. In some cases, the threshold is dangerously low, as when systems are configured with a one-of-one validation network or a minimal quorum for convenience or performance reasons. Additionally, implementing secure multi-party computation or threshold signature schemes is non-trivial, and vulnerabilities at this layer can undermine what appears to be a robust design.

Oracle and off-chain infrastructure weaknesses form a third major category. Bridges that depend on off-chain relayers, RPC nodes, or custom indexing services are vulnerable if those systems can be fed false data or knocked offline selectively. Denial-of-service attacks can be combined with targeted compromise of internal nodes to create a “single source of truth” that feeds the bridge incorrect state. KelpDAO’s exploit is emblematic of this pattern: attackers compromised internal RPC nodes and DDoS’d external ones, then used the resulting information asymmetry to trick the network’s sole data validation node into attesting to phantom events.

Finally, economic and governance vulnerabilities play a significant role. Poorly designed tokenomics around bridge governance tokens, insufficient incentives for honest validation, and opaque or centralized emergency controls can all introduce systemic risk. If a protocol’s security council can pause or alter bridge behavior unilaterally, that centralization may be acceptable in emergencies but also becomes another critical point of failure. Conversely, if governance is too slow or fragmented, protocols may be unable to respond quickly enough to mitigate an unfolding exploit.

Case Study: KelpDAO rsETH Bridge Exploit

On April 18, 2026, attackers linked to North Korea’s Lazarus Group executed a sophisticated exploit against KelpDAO’s LayerZero bridging adapter, draining approximately 116,500 rsETH—roughly 292 million USD at the time—from its bridge. Crucially, this was not a direct smart contract hack; the on-chain logic behaved exactly as specified. Instead, the attack targeted the off-chain infrastructure that KelpDAO relied on to verify cross-chain messages, exploiting a single-point-of-failure design in its data validation network.

KelpDAO’s bridge relied on a one-of-one DVN setup: a single node effectively acted as the arbiter of whether a burn on the source chain had occurred, thereby authorizing a mint or release on the destination chain. The attackers compromised internal RPC nodes that fed data into this validation network and launched a DDoS attack on external nodes, ensuring that the DVN saw only their fabricated view of the chain state. They then constructed a “phantom” packet that claimed a burn of rsETH on the source chain, which never actually occurred, and presented this to the DVN as genuine.

Because all on-chain checks passed—the DVN’s signature was valid, the packet format correct, the contract logic followed—the Ethereum contract dutifully released rsETH from the bridge, which the attackers could then move and launder through other protocols. Traditional transaction-level monitoring did not flag the exploit because each transaction looked like a legitimate bridge operation. The anomaly only becomes apparent when comparing the total burned rsETH on the source chain with the total minted or released rsETH on the destination and noticing that they diverged.

KelpDAO’s response illustrates both the fragility and resilience of modern DeFi. The team detected the anomaly shortly after it began, paused the relevant contracts across Ethereum and its L2 deployments, blacklisted attacker addresses, and worked with the community security hotline SEAL-911. A second attempt to drain an additional 40,000 rsETH—approximately 95 million USD—failed because the contracts had been paused in time. Three days later, the Arbitrum Security Council froze over 30,000 ETH of the attacker’s downstream funds, leveraging governance powers to contain further damage. The incident underscored lessons about quorum design (“quorum design is security design”) and the need for cross-chain invariant monitoring as a first-class security control.

Case Study: Taiko’s Verification Layer Compromise

Taiko, an Ethereum layer-2 network, provided another stark reminder of verification risk when it disclosed that its chain state verification mechanism had been compromised. On confirming the issue, Taiko advised users to withdraw funds from its bridges immediately and requested that centralized exchanges suspend TAIKO deposits as a precaution. Major exchanges such as Bithumb and Upbit complied, temporarily halting deposits and withdrawals while investigating potential impacts on user assets tied to the mainnet issue.

The compromised component in Taiko’s architecture was the mechanism that proves the L2’s state to its bridges—the layer that assures Ethereum and other environments that Taiko’s reported state reflects valid transactions. If this mechanism can be subverted, a bridge may be induced to release funds based on a state that never legitimately existed. In other words, even if the bridge contract itself is flawless, a false state root or proof can authorize illegitimate withdrawals. Taiko’s team emphasized that this undermined the security assumptions behind every bridge deployed on the network; until the verification layer could be secured and audited, no bridge could be considered safe.

At the time of disclosure, Taiko had not published a confirmed loss figure, and there was no publicly verified on-chain tally of funds taken. The team stated that it was coordinating with its Security Council and ecosystem partners, working through the implications and remediation steps. Observers were cautioned to treat any specific loss numbers circulating in the market as unverified until an official post-mortem was released. The blunt instruction to users—“move assets off the cross-chain bridge rather than wait”—reflected an understanding that in the face of verification uncertainty, the safest place for funds is on a settled chain within user-controlled wallets rather than locked behind bridges or custodial platforms.

Taiko’s incident also reinforced a practical lesson for users and institutions: balances held directly on a base chain under one’s own keys are only exposed to that chain’s consensus risk, whereas balances staged on L2s, behind bridges, or within exchanges inherit additional layers of verification and operational risk. Funds are, as one commentary put it, “only as safe as that operator’s worst day.” This framing aligns with a broader reassessment of what it means for an L2 to be “secured by Ethereum.” The marketing phrase captures the ideal, but the reality depends on the resilience of the rollout’s sequencer, bridge, and governance.

L2s “Secured by Ethereum” – What That Really Means

The slogan that a rollup is “secured by Ethereum” has become central to the Ethereum scaling narrative, but incidents like KelpDAO and Taiko prompt a closer look at what this truly entails. In theory, a rollup posts its data and proofs to Ethereum, and Ethereum’s consensus and validator set enforce correctness, making it substantially harder for the rollup to misbehave without detection. In practice, however, many L2 stacks introduce additional trust assumptions around sequencers, upgradeable contracts, operational multisigs, and off-chain verification infrastructure that can affect bridge security.

The canonical bridge between Ethereum and a rollup is a particular focal point. If it is implemented as a validity bridge, where Ethereum verifies zk-proofs of the rollup’s state transitions, the bridge can indeed approximate the security of a full node verifying every transaction. If it is an optimistic bridge, security depends on a robust fraud-proof mechanism and the willingness and ability of honest actors to challenge malicious behavior within the prescribed window. Yet beyond these protocol-level primitives, real-world implementations often include admin keys, emergency pause mechanisms, and upgrade paths controlled by a relatively small security council or core team.

This gap between idealized trustless security and actual operational setups has been a recurring topic of scrutiny in research and journalism. Governance bodies that can upgrade bridge contracts or change verifier logic, even if constrained by timelocks, introduce another layer of social trust. Sequencers that can censor transactions or reorder withdrawals affect how quickly users can react to anomalies. Off-chain components that aggregate proofs or coordinate state commitments can, if compromised, feed Ethereum incorrect data, as Taiko’s case highlights. The end-to-end security of a “secured by Ethereum” L2 is, therefore, the product of both cryptographic guarantees and the reliability of these human- and infrastructure-mediated layers.

For users and institutions evaluating L2s as venues for stablecoin issuance, DEX liquidity, or tokenized real-world assets, this means looking beyond marketing labels. One must ask who controls the bridge contracts, how proofs are generated and validated, what emergency powers exist, and how transparent the system’s security assumptions are. The emerging consensus is that bridges, not user-facing apps, often represent the true systemic risk in L2 ecosystems. Efforts to standardize bridge security disclosures and to formalize best practices are a recognition of this reality.

Risk Management and User Best Practices

Given the structural nature of bridge risk, the goal is less about finding a perfectly safe bridge and more about using bridges in ways that minimize exposure. The Bitcoin Foundation’s overview of crypto bridges and best practices emphasizes that users should treat bridges as transit corridors, not storage facilities: cross the river, do what you need to do, and come back, rather than parking large balances indefinitely. This mindset aligns with the practical advice from incidents like Taiko’s, where users who heeded early warnings and minimized time and value locked in bridges had lower exposure to potential losses.

Fee structures play a role in behavior. According to surveys of crypto bridges, protocol fees typically range from around 0.04% to 0.30%, depending on the bridge and the direction of transfer. While these costs can feel non-trivial, especially for frequent small transfers, they should be weighed against the potential downside of using unvetted or highly centralized bridges that offer cheaper fees but weaker security. In some cases, paying slightly more for a canonical or well-audited bridge may be a rational trade-off, particularly for institutional treasuries or large DeFi positions.

From the builder’s perspective, the KelpDAO exploit underscores the importance of quorum design and layered detection. Relying on a one-of-one validation network or a minimal multisig may be convenient initially but creates a single chokepoint for attackers. Diversifying data sources, enforcing multi-party consensus for critical attestations, and subjecting off-chain infrastructure to the same rigor as smart contracts are all part of a more robust approach. Invariant-based monitoring—continuously checking relationships like “tokens minted on chain B equal tokens burned on chain A minus fees”—should complement transaction-level anomaly detection.

Users can also benefit from greater transparency. Tools like BridgeWTF, which tracks interop volume, fees, and KPIs across bridges, aggregators, and generalized messaging protocols, help markets assess the relative prominence and usage patterns of different systems. Range’s Stablecoin Explorer, which consolidates every stablecoin transaction across more than 100 chains and over 20 bridges, enables analysts to see where stablecoin liquidity is concentrated, how it moves, and which bridges are systemically important. As these analytics mature, they can inform both user choice and protocol risk management, much like how exchange volume and order book depth inform trading decisions.

For individual users, a few simple principles emerge from these lessons. Keep working balances on the chains where you actually use them, rather than leaving large sums idle on bridges. Prefer canonical or well-established bridges, especially for high-value transfers or stablecoins that represent a claim on off-chain reserves. Stay attentive to security bulletins from projects, as early warnings—like those issued by Taiko—can provide critical windows to de-risk positions. Finally, remember that bridging is a choice about trust: every cross-chain move is a decision about which set of assumptions you are willing to accept.

JLJohn

Sep 13, 2025

View article →

Tracking stablecoins was chaos. Range's launch introduced Stablecoin Explorer - one explorer to track all stablecoins across 100+ chains and 20+ bridges, the palantir for stablecoins.

𝕏/@aesmonty • Sep 13, 2025

Top Comment

Petcel

Sep 14, 2025

Nice shipping.

Bridges in the Evolving DeFi Stack

As the ecosystem has matured, user experience layers have evolved to hide the complexity of bridges behind more intuitive flows. Early DeFi users routinely interacted directly with bridge interfaces, managing chain selection, gas balances, and token approvals manually. Today, many applications present a unified experience where users express intent—“swap this token here into that asset there” or “enter this yield strategy on another chain”—and the system handles the bridging, swapping, and depositing behind the scenes.

This abstraction mirrors a broader pattern in technology: complexity migrates downward as systems mature. Just as most internet users no longer configure DNS settings or think about packet routing, many crypto users increasingly interact with higher-level concepts like “best execution” or “portfolio allocation,” leaving routing logic to specialized protocols. Bridges are becoming plumbing—still crucial, but less visible. The flip side is that mistakes or compromises in this hidden layer can have wider blast radii, as more applications rely on shared bridge infrastructure.

The rise of cross-chain routers and execution layers exemplifies this trend. Protocols like CoW Swap have introduced cross-chain swaps that automatically find the best route and price for users, with the aim that they no longer have to “pick a bridge” manually. Instead, the protocol aggregates liquidity and routing options across multiple bridges and DEXs, selecting combinations that optimize for price, slippage, and security. Enso’s cross-chain Widget similarly abstracts complex multi-chain flows into a single transaction: users choose a token on their current chain and a target position on another chain, and the widget orchestrates the necessary bridge, swap, and deposit steps.

From Raw Bridges to Routing Layers and “Bridge-Less” UX

One of the most striking trends is the marketing of “no bridge” or “bridge-less” experiences that, under the hood, still rely on cross-network execution. SODAX, for instance, describes itself as a cross-network execution and liquidity system that lets applications support complex financial actions without “becoming cross-network infrastructure” themselves. The pitch is that builders can integrate a simple interface while SODAX handles the messy details of routing across chains, managing gas, and coordinating bridge interactions in the background. From the user’s perspective, it can feel as if they are interacting with a single, unified environment.

Similarly, CoW Swap’s cross-chain feature aims to “ditch separate bridges” by making route selection automatic. Rather than forcing users to decide whether to use Bridge A or Bridge B to move USDC from Ethereum to an L2, CoW’s solver infrastructure evaluates routes that might involve multiple bridges, liquidity pools, and even generalized messaging protocols, returning a net price and execution path. The complexity of bridge choice, fee comparison, and security evaluation is shifted from the user to the protocol. While this improves experience, it also concentrates decision-making in router logic and its associated governance.

Enso’s Cross-chain Route Widget goes a step further by folding not only bridges and swaps but also protocol deposits into a single flow. A user can start with a token on Base, for example, and target a vault on another network; the widget determines how to bridge, which DEXs to use for swaps on each chain, and how to deposit into the destination protocol, all from a single transaction approval. This “one-click agent UX” pioneers a future where users focus on strategy, not logistics. In this world, the terms “bridge” and “swap” may fade from end-user vocabulary, even as their underlying mechanisms remain vital.

Abstraction also shows up in consumer-facing experiences. Messaging platforms like Telegram now host DEX mini-apps, such as Curve’s deployment via TAC, where users can trade and provide liquidity without installing browser extensions or managing bridge interfaces directly. Underneath, tokens still exist on particular chains—in Curve’s case, the TON blockchain—but the UX emphasizes “just connect your wallet and trade,” not “bridge here, then swap there.” Similar stories unfold in L2-focused wallets and portals that combine swaps, bridges, DEX access, and dApps in a single hub, positioning themselves as the “ultimate” gateway to multi-chain DeFi.

Cross-Chain DEXs, Stablecoins, and Liquidity Networks

DEXs and stablecoins are two of the most intense users of bridge infrastructure, and their evolution sheds light on broader trends. Cross-chain DEX protocols like Squid Router and Symbiosis, highlighted in educational content about top DeFi bridges, integrate both native Bitcoin support and general-purpose cross-chain swaps. They rely on a combination of asset bridges, messaging layers, and liquidity pools to offer users seemingly seamless conversions, even when traversing fundamentally different blockchain architectures. Bridges in this context are partly transportation and partly market-making venues.

Stablecoins, meanwhile, have become the preferred medium for cross-chain value transfer for both retail and institutional users. Bridging native chain tokens like ETH may be constrained by staking dynamics and protocol-specific features, whereas stablecoins represent chain-agnostic claims on fiat or other reserves. RWA-focused protocols and tokenized asset platforms increasingly bridge tokenized treasuries, bonds, and equities into multiple chains to reach users where they are. Analytics like Range’s Stablecoin Explorer reveal the extent of this multi-chain distribution, tracking flows across more than 100 chains and over 20 bridges. For large players, this visibility supports treasury management, risk analysis, and compliance.

The SoFiUSD rollout on public blockchains is an example of traditional financial institutions embracing stablecoins in ways that naturally intersect with bridge infrastructure. SoFi’s nearly 15 million members can buy, sell, and hold SoFiUSD within its banking app, but the token also exists on public chains where it can, in principle, be bridged to other networks and integrated into DeFi. Similarly, JPM Coin on Base enables institutions to move money, post collateral, and settle transactions with a bank-backed deposit token that is natively on-chain and programmable. As these assets spread across chain environments, the question of how they bridge—canonically by issuer-managed contracts, via third-party bridges, or through internal ledgers—becomes critical to understanding their risk profile.

Liquidity networks add another layer. Some protocols operate pools where users deposit assets on multiple chains, enabling “soft” bridging via internal rebalancing rather than direct lock-and-mint. A user may send USDC to a liquidity pool on Ethereum and receive USDC on an L2, with the provider managing underlying rebalancing across chains. These networks can offer rapid transfers and competitive fees by treating bridging as a form of cross-chain market-making. However, they also centralize risk in the liquidity provider’s solvency and operational security, complementing but not replacing the need for robust underlying bridges.

Bridges Between Blockchain and Traditional Finance

While most bridge discussions focus on crypto-to-crypto connections, some of the most consequential “bridges” are those linking blockchains with traditional financial rails. Stablecoins like USDC, USDT, and bank-issued tokens such as SoFiUSD and JPM Coin function as bridges in a macro sense: they transform bank deposits or reserves into programmable on-chain assets. The launch of these instruments on public chains like Ethereum L2 Base signifies a deliberate bridging of regulatory-grade banking infrastructure with open crypto networks. Institutions can move money 24/7, post collateral for securities transactions, and settle cross-border payments with near-instant finality using deposit tokens that carry the security of a regulated bank deposit.

These developments sit alongside broader efforts by global payment networks to test blockchain interoperability. The SWIFT network, which historically connects banks via message-based settlement instructions, has piloted collaborations with blockchain oracle providers and consortiums to explore how its messaging layer might orchestrate movements of tokenized assets across both public and permissioned chains. While these experiments are not captured in the provided sources, they illustrate how traditional messaging systems are exploring roles as coordinators and routers in a tokenized financial world. In this sense, SWIFT would become a meta-bridge, connecting heterogeneous ledgers under a standardized communication framework.

Regulatory innovation is also part of this story. Proposals for jurisdiction-specific stablecoins, such as Korean won-denominated tokens, aim to bridge regulatory frameworks and blockchain technology for fintech applications. While the details vary by jurisdiction, the pattern is consistent: regulated entities issue tokens that straddle legal and technical domains, with bridges managing the flow between different on-chain jurisdictions. As tokenized real-world assets (RWAs) surge, crossing tens of billions in value, oracle networks and indexing platforms like DIA’s oracle bridges provide additional connective tissue, ensuring that off-chain data about asset prices, corporate actions, or compliance statuses can be trusted on-chain.

In parallel, traditional brokerages and exchanges are launching regulated spot crypto venues that explicitly position themselves as bridges between TradFi and crypto. These platforms may integrate custody services, fiat on- and off-ramps, and access to both centralized and on-chain markets. For them, the choice of which chains and bridges to support is not just a technical issue but a regulatory and reputational one; they must balance user demand for cross-chain access with risk management and compliance obligations. Over time, we can expect institutions to gravitate toward bridge architectures that offer auditability, strong verification guarantees, and clear accountability.

Technical Frontiers: Scaling, Verification, and “No-Bridge” Futures

As the ecosystem grapples with the dual imperatives of interoperability and security, research and development are pushing toward bridge designs that are both more trust-minimized and more scalable. High-throughput L2s like MegaETH are experimenting with architectures that separate state storage from validation, allowing stateless validators to verify blocks using compact “witnesses” that contain only the necessary pieces of state. This approach aims to reconcile a throughput orders of magnitude higher than leading EVM chains with a decentralized validation model, a key step toward making extremely fast L2s compatible with Ethereum’s security ethos.

In such designs, the bridge between the high-throughput L2 and Ethereum hinges on the correctness of the state root commitments and the integrity of the witness generation process. Stateless validators receive a witness—a cryptographic proof containing the relevant state data—and execute the block’s transactions to compute a new state root, checking it against what the sequencer claims. If the roots match, the block is validated; if not, it is rejected. The canonical bridge can then rely on these validated roots to authorize asset movements. This aligns with the broader movement toward validity-based bridging, where succinct proofs replace trust in committees or centralized signers.

Beyond rollups, cross-chain research in ecosystems like Cosmos and Polkadot explores native interoperability protocols such as the Inter-Blockchain Communication (IBC) protocol and shared security models. While not detailed in the provided sources, the conceptual trend is clear: instead of treating bridges as ad-hoc add-ons, designers increasingly build interoperability into the core protocol. Chains can then open channels to one another, with trust assumptions that map more directly to their consensus mechanisms. This is an attempt to move from a patchwork of discrete bridges to a fabric of interconnected chains with standardized communication and security semantics.

Native Interoperability and Shared Security

The idea that “rollups = bridges + blockchains” encapsulates a general insight: any layered or modular architecture must define clear boundaries between chains and robust mechanisms for crossing those boundaries. Shared security approaches, in which multiple chains derive security from a common validator set or settlement layer, are an extension of this principle. They aim to make cross-chain operations feel more like intra-chain operations, at least from a security perspective, by ensuring that misbehavior on one chain is detectable and punishable within a broader security domain.

In Ethereum’s ecosystem, this vision manifests in proposals for rollup enshrining and tighter integration of rollup bridges into the protocol, as well as in innovations around zk-proofs that could be verified cheaply across chains. Validity bridges, where a zk-proof of one chain’s state can be verified by another, open paths toward more trust-minimized interoperability, especially when combined with recursion and proof aggregation. Chainlink’s discussion of cross-chain vulnerabilities underscores that many attacks exploit the absence of such direct verification, instead targeting looser oracle- or committee-based models. Moving toward proof-based bridges could therefore reduce entire classes of risk.

However, these advances do not eliminate human and governance factors. Even a perfectly sound zk-bridge can be undermined if its verifier contract is upgradeable by a small council, or if parameters can be changed without broad scrutiny. This is why governance design—who can change what, under what conditions, and with what transparency—remains a central part of bridge security. Efforts to formalize standards for bridge governance, transparency, and incident response are likely to be as important as cryptographic breakthroughs in determining real-world security outcomes.

Beyond Financial Assets: Bridges for Data and Identity

While most bridge volume today consists of financial assets—ETH, stablecoins, yield-bearing tokens—the same mechanisms can be used to move other kinds of data. Cross-chain governance frameworks allow token holders on one chain to vote on proposals that affect protocols deployed on several chains, with results relayed via messaging bridges. Oracle networks send price feeds, proof-of-reserve attestations, and real-world event data across multiple chains. Identity systems may anchor credentials on one chain and present proofs on others.

As RWAs grow, bridging off-chain data onto chains in a verifiable manner becomes foundational. Oracles that “bridge” data—such as DIA’s oracle solutions integrating with DeFi platforms—can be seen as specialized bridges connecting legal and informational domains with smart contracts. The security properties of these data bridges are no less critical than those of asset bridges, since manipulated data can cause incorrect liquidations, mispriced derivatives, or faulty governance decisions. In some cases, the combination of data and asset bridges creates multi-layer dependencies: a tokenized bond may be bridged across chains while its price feed is supplied by an oracle network, and both must behave correctly for the overall system to be sound.

Identity and compliance also intersect with bridging. As regulated entities bring KYC’d stablecoins and tokenized deposits on-chain, and as jurisdiction-specific regulations emerge for cross-border transfers, bridge design may need to incorporate identity-aware elements. This could range from whitelisting certain addresses on canonical bridges to shared compliance layers that coordinate across chains. The challenge will be balancing programmability and decentralization with the demands of regulators and institutional users, particularly in areas like cross-border payments, securities settlement, and RWA markets.

Outlook

Bridges sit at the heart of crypto’s promise and its growing pains. They are the infrastructure that turns isolated blockchains into an interoperable network of value and applications, enabling Ethereum rollups to scale, stablecoins to circulate across chains, and traditional finance to interface with on-chain markets. At the same time, they concentrate risk, as the KelpDAO and Taiko episodes illustrate, and force the industry to confront the real meaning of slogans like “secured by Ethereum.” The direction of travel is clear: toward more trust-minimized, proof-based bridges, richer cross-chain analytics, and UX layers that abstract away complexity without obscuring risk.

In the coming years, we should expect several parallel developments. Cryptographic advances will make validity bridges more practical across heterogeneous chains, shrinking the reliance on committee-based verification. Institutional stablecoins and deposit tokens like SoFiUSD and JPM Coin will deepen the bridge between banks and blockchains, bringing regulatory scrutiny and demands for robust, auditable interoperability. Router protocols, execution layers, and analytics platforms will mature, making cross-chain actions feel routine while highlighting systemic hotspots like overly centralized validation networks. And as tokenized RWAs and on-chain capital markets grow, the quality of the bridges—both technical and legal—that connect them will increasingly determine how far crypto can integrate into the global financial system.

For users, builders, and regulators alike, the key will be to see bridges not as invisible plumbing but as critical infrastructure whose design, governance, and monitoring deserve as much attention as any high-profile DEX or lending protocol. Used wisely, bridges can indeed “securely anchor your assets in vaults, minting IOUs for swift cross-chain voyages” and connect blockchain islands into a vibrant, composable archipelago. Used naively, they can become the soft underbelly that undermines trust in the entire system. The future of crypto’s multi-chain era will be decided in large part by how well we navigate this tension.