Определение
A blockchain bridge is a protocol that enables the transfer of assets, data, or messages between two separate blockchain networks that would otherwise be unable to communicate with each other. Since blockchains like Bitcoin, Ethereum, and Solana operate as isolated ecosystems with their own механизмы консенсуса, smart contract environments, and native assets, bridges serve as the connective tissue of the multi-chain ecosystem – allowing users to move tokens from one chain to another and interact with applications across multiple networks. Bridges typically operate by locking assets on the source chain and minting equivalent wrapped tokens on the destination chain, then burning those wrapped tokens and unlocking originals on the return journey. While bridges have become indispensable infrastructure for DeFi’s cross-chain ecosystem, they have also become one of the most targeted attack vectors in crypto – with bridge hacks accounting for the majority of all stolen DeFi funds, including the Ronin bridge ($625M), Wormhole ($320M), and Nomad ($190M) exploits of 2022.
Происхождение и история
| Время | События |
| 2020 | wBTC (Wrapped Bitcoin) becomes first widely used bridge product; BTC moves to Ethereum |
| 2021 | Multi-chain era begins; bridges proliferate connecting Ethereum, BSC, Polygon, Solana |
| 2021 | Poly Network hacked for $611M (largest hack at time); partially returned |
| февраль 2022 | Wormhole bridge hacked for $320M; Jump Trading backstops |
| Mar 2022 | Ronin bridge (Axie Infinity) hacked for $625M; largest DeFi hack ever |
| август 2022 | Nomad bridge hacked for $190M |
| 2022 | Total bridge hack losses exceed $2B; security auditing intensifies |
| 2023 | ZK-based bridges advance; trustless verification approaches gain traction |
| 2024 | LayerZero, Stargate, Circle CCTP provide improved cross-chain infrastructure |
“Bridges are the banks of Web3 – they hold enormous value and are therefore the most targeted infrastructure in crypto.”
Как это работает

| Тип моста | Модель доверия | Безопасность. | Пример |
| Trusted (federated) | Multi-sig validators | Low-Medium | Wormhole (pre-2023) |
| Оптимистический | Fraud proof watchers | Средний | Optimism, Arbitrum |
| ZK (zero-knowledge) | Криптографические доказательства | Высокий | Polygon zkBridge |
| IBC (light client) | Проверка по цепочке | Очень высоко | Космос МБК |
| Native wrapped asset | Custodian trust | Технология | wBTC (BitGo) |
Читайте также: Мультиподпись (мультисиг)
Простыми словами
- Cross-chain transportation: A bridge is like a tunnel between two countries (blockchains) – it allows you to take your asset from one chain to another, translating it into a form the destination chain understands.
- Замок и монетный двор: The most common bridge mechanism locks your original token on one chain and mints a “copy” on the other. The copy is worthless without the locked original – the bridge is the custodian of your real asset.
- Why bridges are targets: Bridges hold enormous concentrations of locked tokens – essentially crypto banks. The bridge’s smart contract or validator set becomes a single point of attack, unlike decentralized networks, where there’s no central point to attack.
- Trust assumptions matter: Different bridges require different levels of trust. Some rely on a small group of validators (hackable). Others use cryptographic proofs (much harder to hack). Always understand what you’re trusting when using a bridge.
- Круг CCTP: Circle’s Cross-Chain Transfer Protocol uses a burn-and-mint model for USDC – no locking required, and Circle’s attestation service validates transfers. This eliminates the “locked pool” hack surface while maintaining fiat-backed security.
Примеры из реального мира
| Сценарий | Реализация | Результат |
| ETH to Polygon for DeFi | User bridges ETH to Polygon for lower fees | Receives wETH on Polygon; uses Aave with $0.01 fees vs $5+ on Ethereum |
| Ronin bridge hack (2022) | Attackers compromise 5/9 Ronin validators | 173,600 ETH + $25.5M USDC stolen ($625M); Axie Infinity devastated |
| Wormhole hack (2022) | Attacker exploits signature verification bug | $320M stolen; Jump Trading covers losses to maintain ecosystem trust |
| IBC transfer (Cosmos) | User transfers ATOM from Cosmos Hub to Osmosis | Trustless, light-client-verified transfer; no wrapped tokens |
| USDC CCTP | User bridges USDC from Ethereum to Avalanche via Circle | Burns USDC on Ethereum; mints on Avalanche; no bridge custody risk |
Преимущества
| Преимущества | Описание |
| Cross-chain access | Use any chain’s DeFi, NFTs, or applications with any chain’s assets |
| Эффективность капитала | Assets flow where yield and utility is highest |
| Ecosystem composability | DeFi protocols across chains can interact |
| Оптимизация комиссионных | Bridge to lower-fee chains for specific operations |
| Агрегация ликвидности | Unified liquidity across otherwise isolated ecosystems |
Недостатки и риски
| Недостаток | Описание |
| Риск безопасности | Bridge hacks have stolen billions; largest single-event losses in DeFi |
| Доверительные предположения | Most bridges require trusting validator sets or federated custodians |
| Риск смарт-контракта | Complex cross-chain logic creates large attack surface |
| Фрагментация ликвидности | Assets spread across chains reduce depth at each point |
| Задержки при выводе средств | Some bridges require 7-day waiting periods for security |
Советы по управлению рисками:
- Use well-audited bridges with long operational history; avoid new, unaudited bridges
- Start with small test transactions before bridging large amounts
- Prefer native solutions (IBC for Cosmos, official L2 bridges for Ethereum rollups)
- Use Circle CCTP for USDC transfers – eliminates locked pool risk
- Never bridge more than you can afford to lose to a security exploit
FAQ
Which bridge is safest to use?
For Ethereum L2s, use the official native bridges (Arbitrum Bridge, Optimism Bridge) as they inherit Ethereum’s security. For Cosmos chains, IBC is the safest option. For USDC cross-chain, Circle’s CCTP is excellent. For general multi-chain bridging, well-audited options with long track records (Stargate, Across Protocol) are preferable to new unaudited bridges.
How did the Ronin bridge get hacked for $625M?
Ronin used a multi-sig validator system requiring 5-of-9 signatures to approve transactions. Attackers (later attributed to North Korea’s Lazarus Group) compromised 5 of the 9 validator keys through social engineering and software exploits, allowing them to sign fraudulent withdrawals that drained the bridge.
How long does bridging take?
Varies significantly: Trusted multi-sig bridges: 5-30 minutes. Optimistic rollup exits: up to 7 days (due to fraud proof window). ZK-rollup exits: minutes to hours. IBC (Cosmos): seconds to minutes. Third-party fast bridges (Across Protocol) can complete transfers in minutes by using liquidity providers who front funds.
What is a “fast bridge”?
Fast bridges (like Across Protocol, Hop Protocol) use liquidity providers who immediately release funds on the destination chain, then settle with the main bridge later. This eliminates withdrawal delays while shifting the risk to liquidity providers (who earn fees). They provide near-instant cross-chain transfers.
Are bridges the biggest security risk in DeFi?
By total dollar value stolen, yes – bridge hacks have accounted for the majority of all DeFi hacks. Chainalysis reported that bridge hacks represented 69% of all crypto stolen in 2022 ($2B+ from bridges alone). The combination of large locked pools and complex cross-chain validation creates the most dangerous attack surface in the ecosystem.










