And that was due to the version of the the Solana program that Wormhole used didn’t verify the address being used. Essentially a bug that would wrap and unwrap BNB and ETH automatically assumed trust when it should not have. This heightens the need to understand bridge security, and the increasing need to test for different vulnerabilities prior to deploying your bridge into production. For example, it isn’t uncommon to see a price difference between BTC and WBTC, although it’s usually $15 or less.

  • To send your bitcoin to your Ethereum wallet, you can use Wrapped Bitcoin .
  • The tokens are blocked in A to serve as the guarantee of the value of these new tokens on blockchain B.
  • For instance, wrapped bitcoin tokens enable users to send Bitcoin to Ethereum as an ERC-20 token, but it doesn’t let you transfer the ETH token back to the bitcoin.
  • Given that bridges are relatively new, there are many unanswered questions related to how bridges will perform in different market conditions.

The first two relate to how well a bridge factors out sources of vulnerability in its trust layer and its source code. The last corresponds to whether a protocol acknowledges it can and will inevitably have vulnerabilities—no matter how careful it is—and builds in additional safeguards to minimize the potential for user harm. A single bug can lead to the loss of most or all of the bridge’s funds, as shown in the recent Nomad hack. Though the bug in question was not a unique bridge-related vulnerability, it likely stemmed from an operational failure. Meanwhile, Wormhole’s February exploit took place due to the absence of a validation check that enabled the exploiter to create a false signature and steal over $320M. Cross-chain bridges are not limited to any specific cryptocurrency or network.

How Blockchain Bridges Became Hackers’ Prime Targets

However, the Fantom bridge to Ethereum is by far the largest pool with $3.5 billion locked. During the second half of 2021, the Proof-of-Stake network established itself as a popular DeFi destination with attractive yield farms involving FTM, various stablecoins, or wETH like those found on SpookySwap. Thanks to bridges, Bitcoin is used in smart contract-based networks for DeFi purposes, or an NFL All Day NFT can be bridged from Flow to Ethereum to be fractionalized or used as collateral. The crypto industry has evolved into an ecosystem interconnecting several Layer-1 blockchains and Layer-2 scaling solutions with unique capabilities and trade-offs.

Multichain uses secure multi-party computation to run threshold signature schemes to create public keys and sign messages sent between chains. These nodes trustlessly control externally owned accounts with public addresses corresponding to the split private key. These accounts are used to store and transfer assets to the target chain which simply checks if the sender’s address is trusted rather than verifying the message itself.

Bridges exist to connect blockchain networks and enable connectivity between them. With the proliferation of layer-1 blockchains and layer-2 scaling solutions, the web3 ecosystem has become multi-chain. Each blockchain comes with its own approach to scalability, security, and trust. The good news is that these services can take steps to protect themselves.

We talked about Connect, our contact center solution, and we’ve also built services specifically for the healthcare industry like a data lake for healthcare records called HealthLake. We’ve built a lot of industrial services like IoT services for industrial settings, for example, to monitor industrial equipment to understand when it needs preventive maintenance. We have a lot of capabilities we’re building that are either for … horizontal use cases like or industry verticals like automotive, healthcare, financial services. We see more and more demand for those, and Dilip has come in to really coalesce a lot of teams’ capabilities, who will be focusing on those .

This new security is layered on the previous federation to provide additional security and decentralization. Furthermore, The PoWPeg doesn’t have control or direct access over the private key. Generally speaking, trusted protocols are riskier because of the trust assumption of external verifiers. Interoperability and scalability are vital to developing and adopting blockchain solutions like the decentralized web and the metaverse.

However, as isolated systems, it proved difficult to persuade users and developers to leave Ethereum. While a dapp may run more quickly on a different blockchain, it would lose access to Ethereum’s large established user base. The information on this website and on the Brick by Brick podcast or Ship Show Twitter spaces is provided for informational, educational, and entertainment purposes only. This information is not intended to be and does not constitute financial advice, investment advice, trading advice, or any other type of advice. You should not make any decision – financial, investment, trading or otherwise – based on any of the information presented here without undertaking your own due diligence and consulting with a financial adviser.

Risks of Blockchain Bridges

Target benefits are delivered through speed, transparency, and security, and their impact can be seen across a diverse range of use cases. The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more. Many in the industry believe it’s inevitable that there will be multiple blockchains that develop, each emphasizing different strengths such as gaming, trading, NFTs, mobile or payments. Screen for heightened risk individual and entities globally to help uncover hidden risks in business relationships and human networks.


The functionalities of a blockchain bridge integrated into dApps could help in achieving the utilities and benefits of different blockchain networks. With the help of interoperability, scalability and utility, bridges can encourage developers to come up with innovative designs for decentralized applications. List of blockchain bridges focused on addressing unique user requirements. Here is an outline of the notable blockchain bridge variants you can use for transferring assets and information between blockchain networks. Users employing custodial blockchain bridges usually have to give up control of their holdings to the operator. Such custodial blockchain bridges are often at risk of getting compromised by malicious actors.

For companies that have been forced to go DIY, building these platforms themselves does not always require forging parts from raw materials. DBS has incorporated open-source tools for coding and application security purposes such as Nexus, Jenkins, Bitbucket, and Confluence to ensure the smooth integration and delivery of ML models, Gupta said. Intuit also has constructed its own systems for building and monitoring the immense number of ML models it has in production, including models that are customized for each of its QuickBooks software customers.

Risks of Blockchain Bridges

Once connected to a wallet, you can see all of your balances across different types of coins. However, there are certain blockchains where, if you want to transfer from, you can only go to a specific destination. This decentralized bridge offers one of the largest selections of tradable cryptocurrencies. It supports popular blockchains like Ethereum, Solana, TRON, among others. Trust-based bridges are fast and an economical option when you want to transfer a large amount of crypto, but the pool of reliable services is rather small.

Cryptoverse: Blockchain bridges fall into troubled waters

You should also review transparent information on your bridge’s leadership and security procedures. Despite an additional trust assumption, external verification is currently the only practical way to perform cross-chain contract calls between certain types of blockchains while still providing trust-minimized guarantees. It’s also a highly generalized and extensible form of cross-chain computation that is capable of supporting more complex cross-chain applications.

Risks of Blockchain Bridges

A pseudonymous Twitter user and Wilder World “citizen” noticed the ChainSwap exploit on July 10, 2022. The exploit also affected Antimatter, Optionroom, Umbrellabank, Nord, Razor, Peri, Unido, Oro, Vortex, Blank, and Unifarm tokens. Attackers stole 173,600 ETH and 25.5 million USDC (about $600 million) from the Ronin bridge on March 29, 2022. The Ronin bridge’s developers halted deposits and withdrawals until investigators had a chance to determine what happened.

Why Chainalysis

Bridge services “wrap” cryptocurrency to convert one type of coin into another. So if you go to a bridge to use another currency, like Bitcoin , the bridge will spit out wrapped bitcoins . It’s like a gift card or a check that represents stored value in what is a blockchain bridge and how it works a flexible alternative format. Bridges need a reserve of cryptocurrency coins to underwrite all those wrapped coins, and that trove is a major target for hackers. Blockchain bridges facilitate the transfer of data and value across different blockchains.

Risks of Blockchain Bridges

If the pool is empty, you’ll have to wait for someone to deposit enough tokens to cover your needs. The other swaps tokens from liquidity pools that hold both assets, like Cross Chain Bridge. Liquidity pools are markets where you can swap an apple for an orange or Crypto A for Crypto B in this case. Across.toAcross Bridge uses liquidity pools to manage cross-chain transfers but draws primarily from one pool. Across uses some clever tricks to avoid this, such as scanning incoming activity on the chain that would allow the swap without dipping into pools. Across also uses relayers, investors who can “fill orders” faster than the blockchain in many cases.

Qubit Bridge Exploit

And it will also come as no surprise, that vulnerabilities within these bridges are coming under attack and hacks are becoming more and more common. The original asset is frozen, and you’ll get an equivalent token in exchange. Your bridged tokens are backed by the original (now-frozen) coins or tokens. But how do you move your ETH tokens from the Ethereum network to a Layer 2 chain, like Arbitrum or Optimism, or Coinbase’s upcoming Base L2 network? To mitigate the risks, security researchers advise taking precautions such as researching the underlying bridge security and not leaving funds locked in bridges for longer than is necessary.

What cryptocurrencies work with cross-chain bridges?

Portalbridge.comSome days you need to move ETH to Solana, and other days you need to move ETH from Abitrum to Optimism. Portal Token Bridge can handle either transaction with ease — and can even move ERC-721 NFTs between supported networks. Support for 22 blockchains in total make it easy to accomplish most cross-blockchain transfers. Like Arbitrum, Polygon is known for fast and affordable transactions and Ethereum compatibility, making it a top pick in the DeFi space. Polygon offers two bridges, one for standard wallets and a second for the Gnosis Safe multi-signature wallet, both of which are in-house projects.

In addition, Wormhole is building in the open with active commits and contributor activity, which allows transparent code review and responsible disclosure. Wormhole PRs require at least 3 parties to merge code (original developer + 2 independent reviewers). Nomad has a recent public audit from Quantstamp and an Immunefi bug bounty program with a maximum bounty of up to $1M. Nomad’s testing suite includes a few tests around routing and messaging that leverage Foundry, and similar to Axelar, has bash build scripts to build and verify bytecode. Nomad’s repo features regular contributor activity, and its PRs require at least 2 parties to merge code (original developer + 1 independent reviewer).