Bridging the Gap

An Overview of Blockchain Bridges

Cross-chain bridges, also known as blockchain bridges, are communication protocols that allow assets to be transferred from one blockchain to another without going through a centralized exchange. The number of Layer-1 and Layer-2 blockchains mushroomed in 2020 and 2021, sowing the seeds of the so-called multichain world and quickly challenging ‘winner-take-all’ as the mainstream narrative. At the time of writing, over 120 public blockchains exist.

The TVL share held by Ethereum (green) has considerably decreased since 2021, when most Layer 1s and L2s were launched.

TVL in Ethereum scaling solutions (L2s) started skyrocketing at the beginning of 2021.

This composited landscape, together with the siloed nature of blockchains that makes them impenetrable and unable to autonomously read and validate messages, information, and assets from other sources (whether off and on-chain), created an urgent need for tools to move assets across chains. Interoperability became a buzzword, and cross-chain bridges soon evolved as the preferred solution to achieve that.

How cross-chain bridges work

To ensure maximum integrity and security, blockchains are by design shielded from outside events: they can’t receive messages, information, or assets whether they are coming from an off-chain source or another blockchain. The downside of this feature is that blockchains can’t communicate with each other autonomously. This is why the protocols that rely on real-time outside information, such as DEXs, have to implement oracles, and that’s where bridges come in as a trusted third party to exchange messages and assets across blockchains. While cross-chain interoperability needs to rely on third-party message relayers, the goal of bridges should be to minimize the trust assumptions in the process.

As an introductory note about bridges, it’s important to remember that they cannot physically transfer native assets from one chain to another (this is what layer 0 solutions are trying to achieve). Instead, bridges are the middleman that allows blockchains to communicate and trust each other’s messages. Specifically, most bridges deploy various mechanisms to mimic the effect of a physical transfer — to make an amount of an asset ‘disappear’ from one chain and ‘appear’ on another chain — maintaining the total supply of that asset unchanged.

Bridges generally comprise the following three components:

1. The smart contracts that produce/receive messages on each chain.
2. An oracle that verifies if the message did indeed come from the source chain.
3. A relayer is a piece of software that watches two blockchains and relays messages across them.
4. A pool of third-party validators that, independently from the underlying blockchains, verify and approve cross-chain messages (this element is absent in trustless bridges).

Cross-chain bridges landscape

There are currently tens of bridges, each focusing on moving different assets across different chains and using different designs and mechanisms. The largest bridges connect Ethereum with other Layer 1s or Layer 2s. Despite a significant drop in the second half of the year, bridges still amassed a considerable TVL:

Hereafter we categorize bridges according to how assets are transferred (whether they use smart contracts and wrapping or liquidity pools), who transfers them (whether they are trusted or trustless), and which assets and to which chains they focus on (whether they are specific or generalized, whether they focus on L1s or L2s, etc.).

How are the assets transferred?

There are currently two methods to transfer assets across chains, by using lock & mint smart contracts with wrapped tokens or by leveraging liquidity pools and native assets.

Smart contract and wrapping

The most common method of transferring assets is the so-called ‘lock & mint’ method. It means that the bridge locks up users’ funds on its smart contract on the source chain and mints its equivalent of that token (’wrapped’ token) on the target chain. When the user wants to transfer back, the equivalent token on the target chain is burnt, and the initial funds on the source chain are released. In this case, the bridge acts almost as a third blockchain between the two that it connects, and users receive a new token minted directly by the bridge’s smart contract. This is why most of these bridges are considered custodial, which can be a potential downside since the users now need to trust a third party’s smart contract and token.

A simple representation of the lock & mint transfer method.

Often bridges rely on their pool of validators to verify that the message they received (tokens A locked on the source chain) is valid by checking the state of the source chain directly. Suppose they cannot find the related transaction. In that case, it can mean it’s an attack, and the attacker is a validator (who fabricated the transaction to the bridge without a corresponding transaction on the source chain). Because decentralized bridges are permissionless, anyone, provided that they deposit some funds first, can become validator. Malicious actors can sign up as validators and fabricate fake transactions.

Here are some examples of popular bridges that make use of the lock & mint mechanism:

• Wormhole, connecting Solana with Ethereum, Avalanche, BSC, and Polygon.
• Avalanche bridge allows the transfer of ERC20 tokens from Ethereum to Avalanche and the way back. It doesn’t support ERC721 or other standards, so it cannot transfer NFTs or tokens created on Avalanche.
• Binance Bridge 2.0 is a trusted, specialized bridge that supports almost all Ethereum-native tokens, which are bridged to BNB Smart Chain as wrapped BTokens, to access BNB Smart Chain dApps and the ecosystem.
• Harmony is a trustless, specific bridge connecting Ethereum and BSC to Harmony. Ethereum or BSC tokens are wrapped and sent to Harmony and can only be used in the Harmony ecosystem.
• PoS Bridge is a trustless bridge that allows users to transfer ERC tokens and non-fungible tokens (NFTs) to the Polygon sidechain. Connects Ethereum and Polygon. wETH is ETH on Polygon.
• Rainbow Bridge is a fully trustless and permissionless (anyone can deploy, use and maintain a bridge without permission) bridge connecting Ethereum to Near and Aurora. It is also generic, which means it can read any information which is included in either Ethereum or Near, including the state. This allows to transfer all types of tokens, fungible and non-fungible, write Ethereum contracts that use the state of a contract from Near, and even make cross-contract calls.
• Ronin Bridge is a bridge connecting Ethereum with Ronin Network sidechain. Despite being decentralized, it originally only relied on nine validators. By obtaining the keys of just five validators, the attackers could seize over $600M at once.
• Hop Bridge connects L2 scaling solutions. As a traditional lock & mint mechanism, when moving from layer-1 to rollup, Hop lock assets on layer-1 and mint an intermediary asset, the Hop Bridge Token, on the rollup: when doing the opposite, it burns the Hoop Bridge Token on the rollup and release the funds on the layer-1. However, when moving assets across rollups, Hop always burns the tokens on the source chain. Rollup-to-rollup transfers through the Hop protocol are highly scalable because individual transfers do not require layer-1 transactions.

Liquidity pool

In the second method, the bridge has a pool of native coins on each chain it connects and uses it to make them immediately available to users. Multichain is an interesting example as it combines the lock & mint design with the liquidity pool. For coins with native tokens on multiple chains like USDC, Multichain will swap cryptocurrencies across chains using liquidity pools. If there is no native coin, Multichain will lock up the token in a smart contract and mint a pegged token on the target chain. With the liquidity pool method, a user might send original tokens to the pool but cannot obtain tokens on the target chain due to the lack of liquidity. In this case, Multichain issues anyToken to the users, which are then automatically burnt and swapped for Token whenever available.

Who transfers the assets?

As already mentioned, bridges should try to minimize trust assumptions beyond the ones of the underlying chains. Bridges can be categorized according to whether and to which degree they achieve that.

Trusted, externally verified bridges or Proof of Authority bridges add a layer of external verifiers in the system (independent set of validators), thus introducing a new level of trust for users and making them less crypto-economically secure. The security guarantee of this design comes from the reputational authority of the external validators. For example, the Multichain network comprises the so-called SMPC nodes, nodes run by organizations and individuals that collectively and independently from any blockchain, sign cross-chain transactions. Similarly, Wormhole relies on a network of Guardians who needs to sign messages before they are related to the target chain. Another example of a trusted, federated bridge is ChainBridge, which relies on a trusted set of off-chain relayers who await finality, submit events to the other chain and vote on submissions to reach acceptance triggering the appropriate handler. ChainSafe is conducting research to implement a fully trustless bridge.

Trustless, or natively verified bridges, only rely on smart contracts and do not make any trust assumptions apart from the underlying chains’. For instance, Rainbow Bridge removes the extra trust layer represented by the bridge, and instead of having a separate pool of validators, it relies on Ethereum and Near ones. Consequently, so long as users trust these two chains and their validators, they will also trust the Rainbow Bridge. This is done by running a light client of one chain in the VM of another chain and vice versa. For example, EthOnNearClient is an implementation of the Ethereum light client in Rust as a NEAR contract.

While trustless bridges gain in security, they are harder to implement as they require a customized implementation on each chain they aim at connecting. On the other hand, trusted bridges inherit the opposite strengths/weaknesses, as they are more easily scalable to different blockchains and domains but introduce a new layer of trust in the equation.

Locally verified bridges, despite being less widespread, represent a third design used for atomic swaps, and asset transactions between two specific individuals using Hash Time Locked Contracts (HTLCs). Bitcoin is an example of a blockchain working with atomic swaps, as all transactions are simple transfers of value units among individuals. In these types of bridges, the participants in the swaps ensure their security as each part holds keys for the other to unlock the transferred funds. These bridges are secure and scalable but don’t support generalized data passing between chains; in other words, they can only support the transfer of assets but not cross-contract calls.

Although many bridges market themselves as decentralized and trustless, in reality, just a few of them, those verified entirely by the underlying blockchains’ validators, are truly so.

As a final note, there is a fourth type of bridge that transfers assets based on an optimistic approach. Nomad is an example. Users interact with Nomad on-chain core contracts, cross-chain messages are accepted as valid and honest participants, such as watchers, have a time window to prove fraud on the origin chain and disconnect the communication channel to the destination. Although relying on watchers to ensure message integrity, optimistic bridges are fundamentally more secure than externally verified ones, similar to how an optimistic rollup is more secure than a sidechain. While externally verified bridges rely on the assumption that more than 51% of the validators are honest, optimistic bridges just need one watcher to be honest and submit a fraud-proof, to block an attack.

Which assets, or chains, are connected?

Cross-chain bridges also differentiate according to the assets and chains they specialize in connecting.

The most restricted type of bridge connects one specific asset, like Bitcoin, to other chains.

Although not always considered proper bridges, Cosmos IBC or Polkadot XCMP are the core of the respective chains as they ensure interoperability in the Cosmos Hub and Polkadot Substrate. These special kinds of bridges only ensure interoperability between implementations within these specific ecosystems.

Going one level above, Avalanche Bridge, BSC Bridge, Harmony, and Rainbow Bridge, are just some of the many one-to-one specialized bridges that connect two separate blockchains, usually an alt-L1 with Ethereum.

Some bridges connect one chain with multiple chains in a one-to-many model. Wormhole, for instance, connects Solana with Ethereum, Fantom, Avalanche, and Polygon. Also in this category sits the Hop protocol, which connects Ethereum with various scaling solutions, including sidechain Polygon and rollups like Arbirum and Optimism.

Here is a summarized overview of some of the most popular bridges, according to their category:

Interestingly, Connext provides liquidity without adding new trust assumptions regarding validators. However, it could be argued that relying on liquidity providers (called ‘routers’) still means adding trust assumption since they front instant liquidity for the user on the destination chain in exchange for a fee. Despite not ‘validating’ transactions, liquidity providers represent an additional layer needed to make the bridge function properly, hence adding complexity. Moreover, Connext relies on an external service, Gelato, a decentralized network of relayers that can execute smart contract transactions on behalf of a user. Similarly, Nomad, which employs watchers to submit fraud proofs instead of validators to reach a majority and approve each message, cannot be considered purely trustless as it still adds some elements that need to be trusted and could be exploited. Overall, both Nomad and Connext, which have a strategic partnership, try to obtain optimal results by breaking down various functionalities into layers that can then be recombined in different ways. This approach risks adding complexity, which is usually detrimental to security.

The Path Ahead

At the time of writing, cross-chain bridges represent the best alternative for users who want to operate in a multi-chain world without going through centralized exchanges. As it emerged from the analysis above, the bridge landscape is vast and varied, as each solution has a different focus, design, and mechanism. Overall, all the projects mentioned above are trying to ensure the highest degree of interoperability and possibly square the circle by solving the so-called Interoperability Trilemma:

As it stands, no bridge has proved its model to be the perfect one, especially in terms of security. For example, while a trustless bridge like Horizon was hacked, the Rainbow Bridge has been counterattacked two times. Nomad, which employed an innovative design based on the optimistic approach, was also hacked, while more traditional lock & mint bridges like ChainBridge haven’t yet. While it’s generally preferable to have many different choices when it comes to products, users might have a hard time figuring out which solutions best suits their needs. There are then two possible solutions that come to the rescue. The first is cross-chain liquidity aggregators like Via Protocol, which combine all possible bridges and swap solutions for most token pairs and makes them work seamlessly in the background, removing the hassle of figuring out which one to use. Alternatively, some new protocols may allow swapping assets natively across blockchains, like LayerZero, which is trying to connect all blockchains on a common substrate, or USDC, which recently announced its new Cross-Chain Transfer Protocol to effectively ‘teleport’ native USDC across blockchains.

Co-written with Filippo ❤

To learn more about Via Protocol, check out:

• Twitter
• Discord
• Docs

See you on cross-chain,
The Via Protocol Team.