Définition
A blockchain bridge is a protocol that enables the transfer of assets, data, or messages between two separate blockchain networks that would otherwise be unable to communicate with each other. Since blockchains like Bitcoin, Ethereum, and Solana operate as isolated ecosystems with their own mécanismes de consensus, smart contract environments, and native assets, bridges serve as the connective tissue of the multi-chain ecosystem – allowing users to move tokens from one chain to another and interact with applications across multiple networks. Bridges typically operate by locking assets on the source chain and minting equivalent wrapped tokens on the destination chain, then burning those wrapped tokens and unlocking originals on the return journey. While bridges have become indispensable infrastructure for DeFi’s cross-chain ecosystem, they have also become one of the most targeted attack vectors in crypto – with bridge hacks accounting for the majority of all stolen DeFi funds, including the Ronin bridge ($625M), Wormhole ($320M), and Nomad ($190M) exploits of 2022.
Origine & Histoire
| Date | Espaces |
| 2020 | wBTC (Wrapped Bitcoin) becomes first widely used bridge product; BTC moves to Ethereum |
| 2021 | Multi-chain era begins; bridges proliferate connecting Ethereum, BSC, Polygon, Solana |
| 2021 | Poly Network hacked for $611M (largest hack at time); partially returned |
| Fév 2022 | Wormhole bridge hacked for $320M; Jump Trading backstops |
| Mar 2022 | Ronin bridge (Axie Infinity) hacked for $625M; largest DeFi hack ever |
| 2022 août | Nomad bridge hacked for $190M |
| 2022 | Total bridge hack losses exceed $2B; security auditing intensifies |
| 2023 | ZK-based bridges advance; trustless verification approaches gain traction |
| 2024 | LayerZero, Stargate, Circle CCTP provide improved cross-chain infrastructure |
“Bridges are the banks of Web3 – they hold enormous value and are therefore the most targeted infrastructure in crypto.”
Fonctionnement

| Type de pont | Modèle de confiance | Sécurité | Exemple |
| Trusted (federated) | Multi-sig validators | Faible-moyen | Wormhole (pre-2023) |
| Optimiste | Fraud proof watchers | Moyenne | Optimisme, arbitrage |
| ZK (zero-knowledge) | Preuves cryptographiques | Haute | Polygon zkBridge |
| IBC (light client) | Vérification sur la chaîne | Très élevé | IBC Cosmos |
| Native wrapped asset | Custodian trust | Variable | wBTC (BitGo) |
Lire aussi: Multi-signature (Multisig)
En termes simples
- Cross-chain transportation: A bridge is like a tunnel between two countries (blockchains) – it allows you to take your asset from one chain to another, translating it into a form the destination chain understands.
- Serrure et menthe: The most common bridge mechanism locks your original token on one chain and mints a “copy” on the other. The copy is worthless without the locked original – the bridge is the custodian of your real asset.
- Why bridges are targets: Bridges hold enormous concentrations of locked tokens – essentially crypto banks. The bridge’s smart contract or validator set becomes a single point of attack, unlike decentralized networks, where there’s no central point to attack.
- Trust assumptions matter: Different bridges require different levels of trust. Some rely on a small group of validators (hackable). Others use cryptographic proofs (much harder to hack). Always understand what you’re trusting when using a bridge.
- Cercle CCTP: Circle’s Cross-Chain Transfer Protocol uses a burn-and-mint model for USDC – no locking required, and Circle’s attestation service validates transfers. This eliminates the “locked pool” hack surface while maintaining fiat-backed security.
Exemples du monde réel
| Scénario | Mise en œuvre | Résultat |
| ETH to Polygon for DeFi | User bridges ETH to Polygon for lower fees | Receives wETH on Polygon; uses Aave with $0.01 fees vs $5+ on Ethereum |
| Ronin bridge hack (2022) | Attackers compromise 5/9 Ronin validators | 173,600 ETH + $25.5M USDC stolen ($625M); Axie Infinity devastated |
| Wormhole hack (2022) | Attacker exploits signature verification bug | $320M stolen; Jump Trading covers losses to maintain ecosystem trust |
| IBC transfer (Cosmos) | User transfers ATOM from Cosmos Hub to Osmosis | Trustless, light-client-verified transfer; no wrapped tokens |
| USDC CCTP | User bridges USDC from Ethereum to Avalanche via Circle | Burns USDC on Ethereum; mints on Avalanche; no bridge custody risk |
Avantages
| Avantage | Description |
| Cross-chain access | Use any chain’s DeFi, NFTs, or applications with any chain’s assets |
| Efficacité du capital | Assets flow where yield and utility is highest |
| Ecosystem composability | DeFi protocols across chains can interact |
| Optimisation des frais | Bridge to lower-fee chains for specific operations |
| Agrégation de liquidité | Unified liquidity across otherwise isolated ecosystems |
Inconvénients et risques
| Désavantage | Description |
| Risque de sécurité | Bridge hacks have stolen billions; largest single-event losses in DeFi |
| hypothèses de confiance | Most bridges require trusting validator sets or federated custodians |
| Risque de contrat intelligent | Complex cross-chain logic creates large attack surface |
| Fragmentation de la liquidité | Assets spread across chains reduce depth at each point |
| Délais de retrait | Some bridges require 7-day waiting periods for security |
Conseils de gestion des risques :
- Use well-audited bridges with long operational history; avoid new, unaudited bridges
- Start with small test transactions before bridging large amounts
- Prefer native solutions (IBC for Cosmos, official L2 bridges for Ethereum rollups)
- Use Circle CCTP for USDC transfers – eliminates locked pool risk
- Never bridge more than you can afford to lose to a security exploit
QFP
Which bridge is safest to use?
For Ethereum L2s, use the official native bridges (Arbitrum Bridge, Optimism Bridge) as they inherit Ethereum’s security. For Cosmos chains, IBC is the safest option. For USDC cross-chain, Circle’s CCTP is excellent. For general multi-chain bridging, well-audited options with long track records (Stargate, Across Protocol) are preferable to new unaudited bridges.
How did the Ronin bridge get hacked for $625M?
Ronin used a multi-sig validator system requiring 5-of-9 signatures to approve transactions. Attackers (later attributed to North Korea’s Lazarus Group) compromised 5 of the 9 validator keys through social engineering and software exploits, allowing them to sign fraudulent withdrawals that drained the bridge.
How long does bridging take?
Varies significantly: Trusted multi-sig bridges: 5-30 minutes. Optimistic rollup exits: up to 7 days (due to fraud proof window). ZK-rollup exits: minutes to hours. IBC (Cosmos): seconds to minutes. Third-party fast bridges (Across Protocol) can complete transfers in minutes by using liquidity providers who front funds.
What is a “fast bridge”?
Fast bridges (like Across Protocol, Hop Protocol) use liquidity providers who immediately release funds on the destination chain, then settle with the main bridge later. This eliminates withdrawal delays while shifting the risk to liquidity providers (who earn fees). They provide near-instant cross-chain transfers.
Are bridges the biggest security risk in DeFi?
By total dollar value stolen, yes – bridge hacks have accounted for the majority of all DeFi hacks. Chainalysis reported that bridge hacks represented 69% of all crypto stolen in 2022 ($2B+ from bridges alone). The combination of large locked pools and complex cross-chain validation creates the most dangerous attack surface in the ecosystem.










