Cross-Chain Bridges & Risks
Bridges let DeFi users move collateral across chains, but they introduce smart contract and liquidity risks. You'll learn safer bridging practices and design differences.
Who Is This For?
- •DeFi users active on multiple chains or rollups
- •Traders moving collateral for better yields or fees
Learning Objectives
- 01Describe lock-and-mint vs liquidity network bridges
- 02Identify main attack vectors on bridges
- 03Follow a checklist for safer cross-chain transfers
Why Bridge?
DeFi doesn't live on one chain. The best yields, cheapest fees, and most active protocols are spread across ecosystems.
Cheaper Transactions
Ethereum L1 gas can cost $5-50+ per transaction. L2s like Arbitrum and Base offer the same DeFi protocols for pennies. Bridging unlocks massive gas savings.
Access Opportunities
Unique protocols, incentive programs, and yield farms often launch on specific chains. GMX on Arbitrum, Aerodrome on Base, Jupiter on Solana — bridging gets you there.
Position Collateral
Need to add margin to a perps position on dYdX? Rebalance LP on Arbitrum? Your collateral needs to be where the action is.
Bridge Route Planner
Select your route and priority to get a recommendation:
→ Canonical Bridge
Low Risk · 10-15 min depositOfficial Arbitrum Bridge
Safest option. L1 security guarantees. Deposits are fast (10-15 min).
Bridge Designs & Risks
Each bridge type makes different tradeoffs between speed, security, and token format. Know what you're using.
Compare Bridge Designs
Lock-and-Mint
Your tokens are locked in a smart contract on the source chain. Validators confirm the deposit, and equivalent wrapped tokens are minted on the destination chain. To return, you burn wrapped tokens and the originals unlock.
If the lock contract is exploited, wrapped tokens become worthless — they're no longer backed 1:1. The Wormhole hack ($320M) was exactly this.
Wrapped tokens may not be accepted as collateral everywhere. Check if your destination protocol accepts wETH vs native ETH.
Attack Vector Explorer
Bridges are crypto's most exploited infrastructure. Over $2.5B has been stolen from bridge hacks.
Validator / Multisig Compromise
criticalAttackers gain control of enough validator keys or multisig signers to authorize fraudulent withdrawals. They mint unbacked tokens or drain the locked pool.
Ronin Bridge — $625M (March 2022)
Social engineering, phishing, or operational security failures compromise private keys. If a bridge uses 5-of-9 multisig and 5 keys are compromised, the attacker controls the bridge.
Prefer bridges with decentralized validator sets (not small multisigs). Check how many signers are required and who they are.
Safety Steps
A repeatable process for every bridge transfer — from choosing a route to confirming arrival.
The 5-Step Bridge Process
1. Choose Your Route
Decide which chain you need funds on and why. Different DeFi protocols live on different chains — check where the opportunity is.
Pre-Bridge Safety Checklist
Check off each item before confirming a bridge transaction:
Common Mistakes & Gotchas
Golden Rule: When in doubt, use the canonical bridge. It's slower, but it carries no trust assumptions beyond the chain itself. Speed is a luxury — security is a necessity.
Knowledge Check
Why are bridges frequent hack targets?
What is a key advantage of canonical bridges?
What should you always do before sending a large bridge transfer?
What's the main tradeoff of liquidity network bridges vs canonical?
Why should you have native gas tokens on the destination chain before bridging?