An overview of token bridges, how they work, why we need them and their risks
In the multichain future we’re rapidly moving toward, blockchain bridges play an increasingly important role. Without bridges, blockchains exist in isolation and can only process messages native to a particular network. A decentralized exchange built on Ethereum, for example, can only serve Ethereum users. Similarly, you cannot send SOL, Solana’s native asset, to an Ethereum address.
Blockchains are becoming increasingly specialized, however, and offer different tradeoffs to their end-users. Bitcoin is incredibly secure and decentralized but cannot perform more sophisticated computations. Meanwhile, a network like Solana compromises, somewhat, on its decentralization to enable fast, cheap transactions while supporting the deployment of decentralized applications.
But what if a BTC holder wants to use their coins on an Ethereum, Solana or Terra DApp? Well, that’s where blockchain bridges come in.
In this OKX Insights explainer, we focus on crosschain bridging protocols. We first consider what they are and why they’re useful before addressing how they actually work and typical implementations. Finally, we analyze the risks bridges present to those moving assets between blockchains and other network users who might not have even used a bridge at all.
What is a crosschain bridge?
A crosschain bridge — also known as a blockchain bridge or DeFi bridge — is a protocol that enables the transfer of data between blockchain networks. That data could be any message native to a particular blockchain. Examples include an asset’s price on a decentralized exchange, a smart contract call, a request to transfer tokens between chains or any other arbitrary data.
When talking about blockchain bridges, it’s handy to use some specific terminology. The blockchain on which the data originated is usually referred to as the source blockchain. Meanwhile, the blockchain on which the data is received is the target blockchain. We’ll be using these terms throughout this explainer.
While blockchain developers may want to explore other types of bridges when creating crosschain decentralized applications, the average user is most likely to encounter a simple token bridge. Token bridges appear to facilitate the transfer of assets from one blockchain to another. As you’ll learn later, this isn’t actually what happens behind the scenes. However, the result is essentially the same: The value of assets that you possessed on one chain becomes available on a different and entirely independent network.
A more sophisticated form of token bridge enables a user to perform exchanges between networks. Using a crosschain DEX, like Multichain, Rango Exchange or Gravity DEX, a user can deposit one asset on the source blockchain and receive the equivalent value in a different asset on the target blockchain.
Crosschain DEXs like this can also benefit users who don’t want to move their tokens to a new chain at all. Because they draw their liquidity from multiple sources, so-called crosschain DEX aggregators monitor prices, liquidity and possible slippage across pools on various blockchains, and may execute the trade on alternate chains, providing the user the most cost-efficient token swap.
Meanwhile, protocols like Trava Finance and Pledge facilitate lending across different blockchains. Essentially, a user deposits collateral on the source blockchain and receives a loan in the same — usually stablecoins, like USDT, that exist on multiple blockchains — or a different asset on the target blockchain. A user might choose to deposit their collateral on a blockchain with stronger security assumptions and borrow assets on a chain that facilitates faster, cheaper transactions, for example.
Why are crosschain bridges useful?
Historically, smart contract applications were primarily deployed on Ethereum. The industry’s first mover in the smart contract platform niche, Ethereum enjoys one of the most robust developer and user communities, and it is among the most secure blockchain networks.
However, Ethereum’s security comes at the cost of high transaction fees. As the cost to use the network has increased over the years in tandem with the demand for block space, the need for alternate networks became increasingly apparent. In 2021, we saw many of these Layer-1 blockchains thrive as Ethereum’s gas prices alienated would-be users.
Figures from DeFi Llama highlight enormous growth in non-Ethereum DApp ecosystems in 2021. The total value locked in Solana’s DeFi ecosystem, for example, rose from around $600 million in early July to a peak just below $15 billion in early December. DeFi on Terra witnessed similar growth, rising from $3.34 billion to $21.1 billion over the same period.
Yet, none of these independent networks can natively communicate with each other. Without blockchain bridges, a user holding native ETH cannot take advantage of the opportunities Solana’s or Terra’s blossoming DeFi infrastructures present.
There are other reasons for using blockchain bridges, too:
- Put assets held to use at applications not currently available on a particular blockchain.
- Take advantage of lower transaction fees offered on alternate Layer-1s while benefiting from a source chain’s security.
- Source liquidity scattered across multiple networks.
How do blockchain bridges work?
Crosschain bridges rely on smart contracts deployed on both the source and target blockchains. Today’s most widespread bridge implementations use a simple “mint and burn” approach to bridge assets. Assets are locked in a smart contract on the source chain before the target blockchain smart contract mints a wrapped version of that asset. For example, when using the Wormhole Ethereum/Solana Portal, you would deposit ETH on Ethereum and receive Wormhole Wrapped ETH on Solana.
As we’ll explain in the blockchain bridge risks section later, it’s important to realize that the assets received on the target blockchain are often not the same as those sent to the source blockchain’s smart contract. They are essentially an IOU for the assets, and such derivatives will usually take a different ticker symbol to avoid confusion. Wormhole Wrapped ETH, for example, is often denoted as weETH.
Some crosschain protocols enable the same asset to move between different blockchains. Centralized stablecoins — like USDT or USDC, for example — are deployed on multiple networks. Because the target blockchain smart contract cannot mint USDT itself, it must rely on pooled assets on either side of the bridge. For a user to send USDT from Ethereum to Solana, there must already be more USDT in the target chain’s smart contract than the total being sent.
If the user deposits 1,000 USDT on Ethereum, they will withdraw the 1,000 USDT a Solana user previously deposited — minus whatever fees the bridging protocol itself charges. In the event that there are insufficient funds on the target blockchain to facilitate the crosschain transfer, some protocols will issue IOUs that are burned to redeem non-wrapped assets when enough become available from users bridging in the opposite direction.
Alone, any of these tokenized IOUs are worthless. They get their value because they are backed one-to-one with assets on another blockchain or by the guarantee of an asset like USDT in the future. An exact one-to-one backing is crucial to ensure that a wrapped asset retains the value of its non-wrapped counterpart. Therefore, to redeem assets locked on the source blockchain, users must burn their wrapped assets on the target blockchain. Burning simply refers to the process of sending assets to an address to which no one holds the private key required to move received tokens.
Bridging the gap
As we’ve established, blockchains cannot natively communicate with one another. An Ethereum smart contract cannot alert a Solana or Terra smart contract that it has received the deposit required to authorize a token mint or whatever prerequisite has been satisfied to approve a contract call on the target chain. Therefore, crosschain bridges need something between the source and target blockchains to pass the message across.
This communication between source and target blockchains can be facilitated in two broad ways.
Centralized or trusted bridges
The simplest way to implement a bridge is to use some trusted authority to monitor the source blockchain for messages emitted by relevant smart contracts and relay them to the target blockchain.
While this is a very efficient approach to bridging, reliance on a single entity is a security risk. That entity could fall victim to blackmail attempts or be compromised by authorities if they turn hostile toward cryptocurrency. Alternatively, the trusted entity itself could choose to just take the funds.
From its very inception with Bitcoin, cryptocurrency was intended to remove reliance on central entities. To reduce the trust required, some blockchain bridge protocols use a federated model.
With a federated bridge, multiple nodes monitor the source blockchain and confirm whether the message is genuine — i.e., assets were indeed deposited on the source blockchain in the example of a simple token bridge. Once a node forming a federation receives the message, they confirm its validity independently. If a predefined threshold agrees that the message is valid, they collectively sign it and publish it to the target blockchain.
While this approach reduces the reliance on a single entity, it is more inefficient because multiple nodes need to communicate to approve a message and relay it to the other chain. The more nodes in the middle, the more inefficient the bridge will be, but a compromise of a majority share of nodes by a malicious external entity becomes less feasible, too.
The team behind a crosschain messaging protocol will often select its operators from trusted companies and blockchain infrastructure providers to limit the number of nodes and, therefore, inefficiencies. If you research the names of node operators for the Wormhole crosschain protocol, you’ll see that they are all validators for various blockchains, and Certus One is the company that built the protocol itself.
As such, federated bridge implementations do require some trust. The networks in the middle that interact with bridge smart contracts are not permissionless, as an unapproved node cannot freely join. Although industry infrastructure providers should have a vested interest in the bridge’s reliability, further assurances can be built into the federated model. For example, requiring nodes to stake crypto assets can deter malicious behavior. It enables the protocol to punish node operators that approve fraudulent messages and even compensate users who might lose money.
Decentralized or trust-minimized bridges
Trust-minimized bridge implementations do not require trusted central entities to communicate between blockchains. Instead, they use light clients, which receive source chain block headers on the target blockchain. With reference to a complete history of block headers, a light client can attest that the source blockchain did indeed confirm a transaction before minting wrapped assets on the target chain.
Users first deposit assets to a smart contract on the source blockchain to bridge their assets using a trust-minimized implementation. The protocol generates proof of the transaction’s validity using the block header. A relayer script then communicates block headers from the source blockchain to the target blockchain. For the protocol to authorize a wrapped asset mint, users must submit the proof they received. The light client can then cross-reference it with its complete block header history, confirming or rejecting its validity.
Since the light client on the target blockchain can reference previous block headers, it can verify that the proof-of-work confirming the transaction was executed correctly. When hashed using the source blockchain’s hashing algorithm, proof-of-work can be determined by checking if the output falls below the current network difficulty threshold. The light client can simply reject fraudulent block headers not backed by proof-of-work dictated by the source blockchain’s consensus rules.
There are some drawbacks to this method, however. For example, sending block headers can become prohibitively expensive depending on the cost to transact on the source blockchain. When bridging from Ethereum with a trust-minimized bridge, like Rainbow, block headers are batched and sent every 16 hours to the target blockchain. This leads to long waiting times when bridging assets. Although methods exist to mitigate the delay, they typically involve the user trusting a third party, introducing similar security risks as those associated with less trust-minimized implementations.
Additionally, such trust-minimized bridge implementations are much easier to deploy when a proof-of-work blockchain is the source network because proof-of-work can be attested using the block header alone. To prevent an attacker from manipulating a freshly minted block in a proof-of-stake system, validators must sign the block. Proof of this signature requires listing all attesting validators’ public keys, making the process more computationally intensive and raising transaction costs. However, the latest gas-efficient implementations, such as the Horizon bridge, enable users to bridge assets between proof-of-stake blockchains using similar trust-minimized methods with light clients.
Blockchain bridge risks
Although an essential part of a genuinely crosschain future, blockchain bridges present various risks to users and even those who might not have bridged assets. OKX Insights explored these risks in an in-depth analyzing the exploit of the Wormhole crosschain protocol in February 2022.
The vulnerabilities include:
- Smart contract risk — like any on-chain protocol, code vulnerabilities can put user funds in jeopardy.
- Network risk — the bridge is only as secure as the blockchains it connects. If an attacker can revert a transaction on the source blockchain via a 51% attack, it could mint assets on the target blockchain and quickly remove the funds backing the wrapped tokens.
- Intermediary risk — if a single entity or small group authorizes the minting of assets, they could become compromised by a malicious actor and take funds from bridge users.
Bridge security is arguably even more critical than security at a typical, single-chain DeFi application. If an attacker exploits a vulnerability in the code of a decentralized application, only its users may lose funds tied to its smart contracts.
Wrapping assets makes non-native assets interoperable with almost every application on a target network. For example, a lending protocol on Solana might accept Wrapped ETH as collateral for loans. If suddenly a vulnerability on the bridge that created the wrapped assets is exploited and the ETH backing the Wrapped ETH is stolen, not only does the Wrapped ETH become worthless, but any loans taken using it as collateral become completely unbacked, leading to user liquidations and potentially issues at other applications.
Given these risks, Ethereum cofounder Vitalik Buterin stated in a January 2022 Reddit post:
“It’s always safer to hold Ethereum-native assets on Ethereum or Solana-native assets on Solana than it is to hold Ethereum-native assets on Solana or Solana-native assets on Ethereum.”
Despite their risks, the growth of alternate Layer-1 blockchain ecosystems makes blockchain bridges an increasingly important part of the cryptocurrency landscape. As more users demand to leverage their assets’ values in different ecosystems, reliance on bridging protocols will grow. The holy grail of bridging protocols remains seamless crosschain interoperability while minimizing central points of failure. As such, considerable research is underway to improve existing bridge implementations and create new ones that complement the principles on which crypto itself was created.
Not a part of the OKX community yet? Sign up to explore all the tools and products we have to offer.