Мост

Определение

A blockchain bridge is a protocol that enables the transfer of assets, data, or messages between two separate blockchain networks that would otherwise be unable to communicate with each other. Since blockchains like Bitcoin, Ethereum, and Solana operate as isolated ecosystems with their own механизмы консенсуса, smart contract environments, and native assets, bridges serve as the connective tissue of the multi-chain ecosystem – allowing users to move tokens from one chain to another and interact with applications across multiple networks. Bridges typically operate by locking assets on the source chain and minting equivalent wrapped tokens on the destination chain, then burning those wrapped tokens and unlocking originals on the return journey. While bridges have become indispensable infrastructure for DeFi’s cross-chain ecosystem, they have also become one of the most targeted attack vectors in crypto – with bridge hacks accounting for the majority of all stolen DeFi funds, including the Ronin bridge ($625M), Wormhole ($320M), and Nomad ($190M) exploits of 2022.

Происхождение и история

ВремяСобытия
2020wBTC (Wrapped Bitcoin) becomes first widely used bridge product; BTC moves to Ethereum
2021Multi-chain era begins; bridges proliferate connecting Ethereum, BSC, Polygon, Solana
2021Poly Network hacked for $611M (largest hack at time); partially returned
февраль 2022Wormhole bridge hacked for $320M; Jump Trading backstops
Mar 2022Ronin bridge (Axie Infinity) hacked for $625M; largest DeFi hack ever
август 2022Nomad bridge hacked for $190M
2022Total bridge hack losses exceed $2B; security auditing intensifies
2023ZK-based bridges advance; trustless verification approaches gain traction
2024LayerZero, Stargate, Circle CCTP provide improved cross-chain infrastructure
“Bridges are the banks of Web3 – they hold enormous value and are therefore the most targeted infrastructure in crypto.”
Исследователи безопасности

Как это работает

Тип мостаМодель доверияБезопасность.Пример
Trusted (federated)Multi-sig validatorsLow-MediumWormhole (pre-2023)
ОптимистическийFraud proof watchersСреднийOptimism, Arbitrum
ZK (zero-knowledge)Криптографические доказательстваВысокийPolygon zkBridge
IBC (light client)Проверка по цепочкеОчень высокоКосмос МБК
Native wrapped assetCustodian trustТехнологияwBTC (BitGo)

Читайте также: Мультиподпись (мультисиг)

Простыми словами

  1. Cross-chain transportation: A bridge is like a tunnel between two countries (blockchains) – it allows you to take your asset from one chain to another, translating it into a form the destination chain understands.
  2. Замок и монетный двор: The most common bridge mechanism locks your original token on one chain and mints a “copy” on the other. The copy is worthless without the locked original – the bridge is the custodian of your real asset.
  3. Why bridges are targets: Bridges hold enormous concentrations of locked tokens – essentially crypto banks. The bridge’s smart contract or validator set becomes a single point of attack, unlike decentralized networks, where there’s no central point to attack.
  4. Trust assumptions matter: Different bridges require different levels of trust. Some rely on a small group of validators (hackable). Others use cryptographic proofs (much harder to hack). Always understand what you’re trusting when using a bridge.
  5. Круг CCTP: Circle’s Cross-Chain Transfer Protocol uses a burn-and-mint model for USDC – no locking required, and Circle’s attestation service validates transfers. This eliminates the “locked pool” hack surface while maintaining fiat-backed security.

Примеры из реального мира

СценарийРеализацияРезультат
ETH to Polygon for DeFiUser bridges ETH to Polygon for lower feesReceives wETH on Polygon; uses Aave with $0.01 fees vs $5+ on Ethereum
Ronin bridge hack (2022)Attackers compromise 5/9 Ronin validators173,600 ETH + $25.5M USDC stolen ($625M); Axie Infinity devastated
Wormhole hack (2022)Attacker exploits signature verification bug$320M stolen; Jump Trading covers losses to maintain ecosystem trust
IBC transfer (Cosmos)User transfers ATOM from Cosmos Hub to OsmosisTrustless, light-client-verified transfer; no wrapped tokens
USDC CCTPUser bridges USDC from Ethereum to Avalanche via CircleBurns USDC on Ethereum; mints on Avalanche; no bridge custody risk

Преимущества

ПреимуществаОписание
Cross-chain accessUse any chain’s DeFi, NFTs, or applications with any chain’s assets
Эффективность капиталаAssets flow where yield and utility is highest
Ecosystem composabilityDeFi protocols across chains can interact
Оптимизация комиссионныхBridge to lower-fee chains for specific operations
Агрегация ликвидностиUnified liquidity across otherwise isolated ecosystems

Недостатки и риски

НедостатокОписание
Риск безопасностиBridge hacks have stolen billions; largest single-event losses in DeFi
Доверительные предположенияMost bridges require trusting validator sets or federated custodians
Риск смарт-контрактаComplex cross-chain logic creates large attack surface
Фрагментация ликвидностиAssets spread across chains reduce depth at each point
Задержки при выводе средствSome bridges require 7-day waiting periods for security

Советы по управлению рисками:

  • Use well-audited bridges with long operational history; avoid new, unaudited bridges
  • Start with small test transactions before bridging large amounts
  • Prefer native solutions (IBC for Cosmos, official L2 bridges for Ethereum rollups)
  • Use Circle CCTP for USDC transfers – eliminates locked pool risk
  • Never bridge more than you can afford to lose to a security exploit

FAQ

Which bridge is safest to use?

For Ethereum L2s, use the official native bridges (Arbitrum Bridge, Optimism Bridge) as they inherit Ethereum’s security. For Cosmos chains, IBC is the safest option. For USDC cross-chain, Circle’s CCTP is excellent. For general multi-chain bridging, well-audited options with long track records (Stargate, Across Protocol) are preferable to new unaudited bridges.

How did the Ronin bridge get hacked for $625M?

Ronin used a multi-sig validator system requiring 5-of-9 signatures to approve transactions. Attackers (later attributed to North Korea’s Lazarus Group) compromised 5 of the 9 validator keys through social engineering and software exploits, allowing them to sign fraudulent withdrawals that drained the bridge.

How long does bridging take?

Varies significantly: Trusted multi-sig bridges: 5-30 minutes. Optimistic rollup exits: up to 7 days (due to fraud proof window). ZK-rollup exits: minutes to hours. IBC (Cosmos): seconds to minutes. Third-party fast bridges (Across Protocol) can complete transfers in minutes by using liquidity providers who front funds.

What is a “fast bridge”?

Fast bridges (like Across Protocol, Hop Protocol) use liquidity providers who immediately release funds on the destination chain, then settle with the main bridge later. This eliminates withdrawal delays while shifting the risk to liquidity providers (who earn fees). They provide near-instant cross-chain transfers.

Are bridges the biggest security risk in DeFi?

By total dollar value stolen, yes – bridge hacks have accounted for the majority of all DeFi hacks. Chainalysis reported that bridge hacks represented 69% of all crypto stolen in 2022 ($2B+ from bridges alone). The combination of large locked pools and complex cross-chain validation creates the most dangerous attack surface in the ecosystem.

Связанные условия

Медиа